Mobile Security
Bitdefender GravityZone Mobile Security is a mobile security solution able to protect mobile devices using Android, Chrome OS, or iOS operating systems against multiple threat vectors. It is designed to protect an employee’s corporate-owned or BYOD from advanced persistent threats without sacrificing privacy or personal data.
The product gives your company access to the following features:
Advanced malware detection - safeguards mobile devices from a broad variety of threats by offering comprehensive malware detection capabilities.
Phishing protection - analyses incoming messages and detects any malicious links or content that could be used to acquire sensitive data or credentials.
Network security - offers an extensive set of tools for protecting mobile devices against a variety of network-based hazards. It helps ensure the security and integrity of mobile devices in the current threat landscape by monitoring network traffic, providing secure connectivity, and detecting and preventing attacks.·
Compliance and policy enforcement - assists organizations in protecting their mobile devices from a variety of threats and ensuring that they are used securely and compliantly by making sure that all applications are properly vetted.
Mobile threat intelligence - provides users the real-time security and analytics they need to protect their mobile devices from a variety of threats.
Integration with mobile device management (MDM) solutions - enhances mobile security features. Because of the integration, enterprises may install the mobile threat defense solution using their existing MDM infrastructure. The integration also enables mobile device security policies to be enforced automatically.
Web content filtering - warns and prevent users from accessing potentially harmful websites and links, such as malware, phishing, botnets, and suspicious domains, or websites that violate your organization's standards.
These capabilities are deployed on your devices through policies set in the management console, and the mobile app installed on the devices.
Components
GravityZoneControl Center
Mobile Security console
GravityZone MTD (the security agent installed on mobile devices)
Install and configure Mobile Security
To start using these new features, follow the steps below:
Log in to GravityZone with an administrator account.
On the left side menu, go to the Mobile Security page.
Click Create account.
The account is created automatically. A pop-up will appear in the lower right side of the console confirming the request outcome.
Click Open console to access the account.
Send activation links via email:
From GravityZone Control Center
Go to the Mobile Security page from the left side menu.
Click the Send Activation Emails links for the account you want to send emails for:
Add the email addresses of the users owning the mobile devices.
Click Send.
In the Mobile Security console:
Go to the Devices page.
Go to the Local Device Group tab.
Click Add Group.
Type in a name and a description and click Create Group.
Note
The group is created in the Local Device Groups tab.
Click the arrow in the upper right side of the group name to expand the item.
An installation link for the Mobile Security app is displayed.
Copy the link and send it via email to all the users you want to include in the group.
All users will receive an email containing an installation link or QR code and can now deploy the GravityZone MTD.
Ask each user deploy the app by clicking on the activation link (URL) or scanning a QR code with the camera of the device.
Note
For more information on deploying the app, refer to Deploying and enabling the GravityZone MTD on Android and iOS
Once the application is installed on a device, the device is protected and will appear in the Mobile Security console, under the Devices page.
Configure and enable Mobile Security
You can use the policies to enable and configure the feature functionalities on devices.
Log in to the Mobile Security console.
(optional) Go to Devices > Local device groups and create a new group.
Note
For more information on device groups refer to Local Device Groups.
Go to the Policies page from the left side menu.
Select the Threat Policy tab and select the group of devices on which you want to apply the new policy.
Click Save & Deploy.
Go to the Apps Policy tab.
Click Add policy.
Create the policy you want to apply to all your managed devices.
To define an app policy, select different characteristics of an app, such as camera or location access. As the user builds the app policy with matching characteristics, the page shows the number of apps matching the criteria.
To create an app policy follow the steps bellow:
Click the + Add Policy button.
Type in a unique name for the new policy.
Under the Available Characteristics list, find and select the characteristics:
Expand a topic and select the specific characteristics by clicking the plus sign.
Enter a value in the search field, and click the plus sign for the desired matching characteristics.
Select the whole characteristic category by clicking the green plus sign.
Note
The desired characteristic(s) move to the Policy Characteristics list on the right and are added by default to the All Characteristics list.
With the up and down arrows on the right, move the characteristics from the All Characteristics section to the Any Characteristics section and vice-versa.
All Characteristics: Apps that are flagged by the policy must have all of the characteristics listed in the All Characteristics section.
Any Characteristics: Apps that are flagged by the policy must match at least one of the characteristics in the Any Characteristics section if any are present.
Note
For more information on configuring policies, refer to Apps policy.
Click Save.
Go to the Phishing and Web Content Policy tab.
Select the group of devices you want to apply your new policy to.
Configure the security policies you want to apply.
Note
For more information on configuring policies, refer to Phishing and Web Content policies.
Click Save & Deploy.
Test out the feature
When deployment and setup is complete, you can view the security status of your devices from the Insight dashboard:
Go to the Dashboard page from the left side menu.
The Dashboard page provides a single view of the protected devices, security intelligence, and events, regardless of their group. It consists of several sections that provide a snapshot of the inventory status and security intelligence. The top of the dashboard provides the ability to change the time frame of events and data, which automatically updates the events and other data points on the dashboard.
Check out Insights page.
The Insights page provides a preview of a dashboard feature that provides a management view over all enterprise devices, with a sample page view.
Move on to Apps page.
Before app classification or risk analysis, the mobile security console collects an inventory of apps from all devices with the Mobile Security app installed. You can find this information in the APPS page. App inventory acquisition varies by mobile platform and execution.
Go to the Extensions page from the left side menu.
Prior to conducting any classification or risk analysis of the extensions that are installed on the device, the Mobile Security console acquires an inventory of the extensions from all devices that have Security for Chrome Protection installed.
Continue to the Devices page.
The Devices page displays the complete list of devices that are configured in the environment.
Devices can be manually activated through GravityZone MTD or transparently, and the Risk Posture field indicates the highest level of a pending event.
The Device ID column has one of four values: Android ID, generated identifier, MDM ID, or Chrome OS identifier.
You can filter by profiles, apps, patch date, CVE, and values in each column by clicking the triangle next to the column header.
Move to the Profiles page.
Note
This feature is available only for iOS devices.
The profiles are exhibited on the Profiles page, and any profiles that are not managed are categorized as
Suspicious.
Go to the OS Risk page from the left side menu.
The OS Risk page presents a comprehensive inventory of all identified iOS and Android risks within the user's system, categorized by Operating System. It also includes the corresponding CVEs linked to each risk.
Move on to the Manage page.
The Manage page is a feature that enables the you to customize different configurations, including privacy, integrations, and VPN settings for the environment. The page provides users with the ability to access audit logs that capture all console activity, including MDM connections.
