Zimperium's Mobile Security Blog

Top 3 Ways to Protect Microsoft Teams on BYO Mobile Devices

Top 3 Ways to Protect Microsoft Teams on BYO Mobile Devices

During a recent webinar on the Top Five Mobile Security Stories of a Crazy 2020, I listed my number one story around COVID-19 creating a situation unlike anything any of us have ever seen; yet one that will likely leave permanent changes in remote working and learning. 

With the overnight shift towards entire workforces working remotely from home, on all variety of corporate and personal (bring your own) devices, IT and security teams have been in triage mode from a security and risk perspective.

Businesses and governments around the world are rushing to enable employees to operate effectively from home, and Microsoft Teams is at the forefront of those efforts. 

There are many security options on corporate managed endpoints, but what can an organization do to secure Teams sessions on personal (bring your own) mobile devices?

Sakshi Tiwari – Senior Product Manager, Microsoft – and Mark Tinker – Senior Sales Engineer, Zimperium – joined me in explaining the three top ways to protect Microsoft Teams on BYO mobile devices. To view the entire webinar, click here.

The first way to protect Microsoft Teams on your BYO device is to ensure foundational Teams protections are implemented and used. For example, Teams users and admins should:

  • Get visibility into endpoints that are accessing corporate resources;
  • Enforce security policies on mobile devices and apps; and
  • Use the meeting lobby option to make meetings more secure.

 

The second way is by actively detecting any risks on users’ mobile devices to ensure security and privacy. Candidly, Zimperium provides the best solution to achieve this goal. Zimperium, the global leader in mobile device and app security, offers the only real-time, on-device, machine learning-based protection against Android, iOS and Chromebooks threats. Powered by our machine learning engine, z9, Zimperium detects more mobile device, network, phishing and malicious app attacks than any other solution. 

Our solutions include zIPS which runs locally on any mobile device and detects cyberattacks without a connection to the cloud. zIPS provides persistent, on-device protection for mobile devices similar to what next generation endpoint protection platform (EPP) solutions do for traditional endpoints.

The approach Microsoft takes is really smart. It’s mobile application management (MAM), as opposed to mobile device management (MDM). So – as shown below – you are actually protecting access to the app, not the whole device. 

So, how does this work? Take a look at this visual:

1 – Our management console syncs directly with Azure Active Directory, ensuring that we are fitting into the established user groups and policies. Our philosophy being that we should fit into the enterprise, not the other way around.  

2 – When the user first goes to one of the Microsoft solutions – including Teams – he/she is prompted to download zIPS

3 – Using its on-device, machine learning-based detection, zIPS detects a critical event.

4 – All of the relevant intelligence – forensics and event information – is immediately sent to our console

5 – Based on the established policy, and since the risk posture is critical – in this example – the device risk level is set to “high” and sent to AAD

6 – Remediation takes place where there’s a block of the launch (“conditional launch”) of the Team’s app.

To learn more

Click here to view the entire webinar. If you would like a personal demonstration of how Zimperium helps protect Microsoft Teams and other Office apps on personal mobile devices,  click here to contact us.