SandBlast Mobile offers enhanced features for integrations with EMM solutions and now reports the device life cycle status, device security risk, and device threat factors to the EMM solution.
This per device information on the EMM can be used to create granular device policies.
For example: By using the device life cycle status, the EMM can apply one policy for devices that have SandBlast Mobile installed and running, and apply a different policy for devices which are Provisioned or Inactive.
Another example: By using the device security risk level, the EMM can apply one policy for devices with a high risk level, and apply a different policy for devices with a medium risk level.
The threat factor information reflected in the EMM can also be used to apply different policy by device threat factor; for example, devices under network attack or devices which are rooted/jailbroken.
The feature was implemented with different approaches per EMM vendor base on the vendor API support.
The following table lists the method used and availability per EMM vendor.
|EMM Platform||Life Cycle Status||Security Risk||Threat Factors||Comment|
|BlackBerry BES/UEM||Device Group||Device Group||Not Available||General Availability|
|Citrix XenMobile||Device Property||Device Property||Device Property||General Availability|
|IBM MaaS360||Device Custom Attribute||Device Custom Attribute||Device Custom Attribute||General Availability|
|Microsoft Intune||Device Compliance||Device Compliance||Not Available||General Availability|
|MobileIron||Device Custom Attribute||Device Custom Attribute||Device Custom Attribute||Early Availability. Limited to specific versions of MobileIron|
|VMware AirWatch||Device Tag||Device Tag||Not Available||General Availability|
There are 3 Life Cycle Status states:
|Provisioned||When a device is first added in SandBlast Mobile Dashboard by the EMM, prior to device registration.|
|Active||After the user has installed and registered to SandBlast Mobile.|
|Inactive||If the device hasn’t checked-in with SandBlast Mobile for X number of days (configured by the SandBlast Mobile Admin)|
There are 4 Security Risk states: None (No Risk), Low, Medium, and High.
For example, if the device has a Low risk app and a High risk (malicious) URL in a SMS message, then the device will be marked as at High Risk. Once the High Risk issue has been remediated (SMS deleted), then the device will be marked as at Low Risk. Once the Low Risk issue has been remediated, the device will be marked as None (No Risk).
The Threat Factor is a list of threat factors associated with the Security Risk level, such as TF_BACKUP_TOOL, etc. These threat factors can be used to provide additional detail and granularity of the current Risk level, however, they are not necessarily appropriate for policy triggers.
Configuration of these states is done on the MDM Configuration screen by navigating to Settings > Device Management > Setting > MDM Service.