MobiControl Security

MobiControl provides end-to-end enterprise scale security for the mobile devices and the mobile data across all endpoints.  MobiControl's highly scalable and flexible multi-tiered security model is centrally managed and leverages industry standards to provide rules-based security across the mobile enterprise.  All security policies are configured from the centralized MobiControl Manager console and all device security policies and subsequent updates are implemented over the air, making enterprise-wide policy changes and implementation a seamless and easily manageable process.

MobiControl's comprehensive security extends to all components that form the mobile enterprise, from the mobile devices being used in the field by the end user, to the Manager consoles being used by the remote help desk to support the field force, to the network over which corporate data flows to and from the mobile devices.

Mobile Device Security

MobiControl's on-device security policy enforcement protects mobile data and controls access to the device in both the connected and disconnected modes. All security policies are managed centrally and can be customized for individual devices or enforced at the group level.  Security policies are distributed to the devices over-the-air (OTA) in a transparent and seamless manner.  User authentication using Active Directory credentials allows the mobile devices to be authenticated on the network using the same credentials that the end users use for existing computers and workstations, eliminating the need for multiple passwords and allowing centrally-managed user authentication management. 

Advanced data security features like automatic file encryption for the device and storage media allow securing the mobile data. In addition, time-based, fail-safe security policies can trigger various actions, for instance, a remote self-wipe, on-demand encryption of files, device lockdown, in response to events like unsuccessful user authentication, or failure to communicate with the server. Application run control features allow creating application black lists and white lists to prevent unauthorized applications from being installed and executed on the device.  The device lockdown feature allows running the device in a kiosk mode with the capability to limit or restrict access to applications and device settings, such as Wi-Fi or power. Additionally, device features and communication ports (e.g. Bluetooth, infrared, camera, phone) can be disabled, restricted, or limited. Please see the Device Security and Control page for more details.

Data Communications Security

To ensure end-to-end security, by default MobiControl encrypts all communication between the MobiControl Manager and the Deployment Server using SSL. By default the Device Agent uses a proprietary algorithm for encrypted communication with the Deployment Server. For organizations that require standards based encryption for protecting data communication, SSL-based encryption can be enabled for communication between the Device Agent and the Deployment Server.  This allows all communication and data flowing between the mobile devices, the MobiControl Deployment Server and the MobiControl Manager consoles to be encrypted using SSL certificates, for an extra layer of security.  Multiple methods of distributing the certificates for encryption are available. Please see the Communication and Connection Security page for more details.