People like choice, especially when it comes to smartphones and tablets. That’s why the Bring Your Own Device (BYOD) trend in the enterprise would has been growing steadily for the past few years. There are two problems with BYOD, though. First, to support the different types of phones, IT departments have to swap out legacy systems. Second, it is nearly impossible for smaller companies to track security threats across hundreds of different hardware and software variations.
That is the pain point that Seattle-based startup Mobilisafe is looking to fix with its launch today, with backing from the Madrona Venture Group, Trilogy Equity Partners, and T-Venture. By monitoring the security threats across the smartphone landscape in detail, and then alerting IT departments to security holes that threaten specific devices.
Most people don’t think about the security threats that face our mobile devices. We assume that if we upgrade semi-regularly that we are safe from attacks and hackers. But it turns out that this only works if people actually update their mobile devices, most of whom don’t. According to Mobilisafe, 56 percent of iOS devices and 40 percent of Android devices are out of date.
Combining the out of date software with the current program put in place by IT departments becomes a serious issue for companies. According to Cisco, 95 percent of organizations allow Bring Your Own Device programs, with only 36 percent providing full support. This means that there is a gigantic gap in the market, where BYOD is allowed but not secured.
According to Mobilisafe founder and CEO Giri Sreenivas, who is also a guest contributor for PandoDaily, to secure company infrastructure with Mobilisafe is much simpler than to secure infrastructure internally. For the IT department there are no network or hardware changes, and for the end user there is no change in basic functionality. For Mobilisafe the solution is one-size-fits-all for nearly every organization, which means scalability is simple.
This ease of installation is demonstrated by a free assessment that Mobilisafe offers to companies. The IT department can connect the assessment plugin to the internal Exchange server, and have an overview of realtime security threats. It’s free, which is a big boost over competitors that charge tens of thousands of dollars for similar services. For the full tool, Sreenivas says that it can be installed and running in 15 minutes across the organization.
Aside from the ease of installation, a big part of the Mobilisafe offering is the simplicity of use for everyone. For example, let’s say an end user owns a tablet and does company business on it, perhaps an iPad 2 from AT&T, running iOS version 4.3.3. The user may not know that there is an update available, or may not care. But Mobilisafe is tracking the device threats, and sees that there are 82 vulnerabilities for that particular configuration, without any manual tracking on the part of the IT department. The service then notifies the IT department, if the threat becomes too serious.
To push the user to update their tablet or smartphone, the IT department can use Mobilisafe to give warnings to the device telling the user that their device is at risk and that they should update immediately. After a number of warnings, the IT department can lock the device out of the company’s infrastructure, which would then force the user to either update or stop working from their device. It’s clearly an effective solution.
An added bonus is the specificity the company provides on a device-by-device level. Instead of simply stating that the network is at risk, Mobilisafe offers a dashboard that IT administrators can look at and see that “Jane’s Android phone is at risk,” because she hasn’t updated to the latest firmware version, and that the PDF exploit could expose the entire network. Normally, an IT department would have to invest a massive amount of manpower to track each threat for each variant. With Mobilisafe, that burden is taken away.
The solution works on nearly every device, Android or iOS, and across networks, firmware, and hardware versions. This means that Mobilisafe has a vantage point looking at the mobile security world that few other companies have. The company has seen 150 million connection events between its software and mobile devices in the last year. As a result, the company is continually warning about the risks that IT departments are unnecessarily exposed to, and is publishing that data in aggregate for the benefit of the entire mobile security community.
The company has been slowly preparing its product for much of the past year, with a private beta test that has been used by a range of companies, including companies that range from one hundred to thousands of employees. It is launching to the public today.
This launch includes a 30-day free trial, with a paid program available for companies after the trial version ends. The paid model has two options. The first is an annual contract, which bills the company $4 per user per month, billed annually. The second option is month-by-month, which costs $5 per user per month, with the same functionality as the annual contract but billed monthly. This is different from the traditional IT model, according to Sreenivas, as most older IT support companies bill on a per device basis, rather than on an active user basis.
Moving forward, the company has a steady slate of features that it is looking to roll out. The goal is to continue to provide new features that are useful for IT departments, without any additional work on their part. It means that the technical challenges are harder, but it also makes the product that much more valuable.
[Image Source: Shutterstock]