Fixmo Sentinel Integrity Services is a mobile device tamper detection and integrity verification solution that helps government and businesses identify mobile device exploits before they result in a security breach.
The use of mobile devices by government and businesses can lead to tremendous benefits in productivity, customer responsiveness and employee satisfaction.
With increased mobile access to organizational information systems comes the risk that an exploit could occur. And with an ever broadening variety of devices accessing sensitive and confidential data and applications, IT is challenged to stay ahead of the complex array of potential threat vectors. The BYOD approach to mobility is only accelerating this issue.
Traditional Mobile Device Management (MDM) tools enable IT to provision and manage the configuration settings on mobile devices, set and enforce IT policies, and remotely execute IT commeands (such as locking or wiping a device). This is helpful in ensuring a baseline level of security parameters are in place, but does little to reassure the IT admin that an individual or group of devices have been exploited. And for personal devices brought into the workplace, applying a stringent set of MDM policies could meet significant resistance from device owners who's use of their personal device is curtailed.
Organizations wanting to go beyond the basics of MDM are looking for tools that can help them continuously monitor the integrity of devices as well as to define policy rules, monitor for violations of those rules and automate remediation actions. IT teams are looking to ensure that device start and remain in a known and trusted state. If a device shows any sign of having been tampered with (accidental or maliciously), it can be disconnected from organizational resources, locked or even wiped - without manual intervention.
Fixmo Sentinel is a mobile device integrity verification and tamper detection solution that helps IT organizations monitor their mobile devices to ensure that only trusted and approved applications are running on mobile devices, and that they can prove it through defensible audit reporting on the actual known state of each device in the field.
In addition to monitoring the state of modules and applications, Fixmo Sentinel detects jailbroken or rooted operating systems, disallowed Bluetooth or WiFi connections, tampering with MDM policy files and device configurations, and other potential compromises before they result in a security breach.
Fixmo Sentinel provides centralized reporting for all state-changes and updates that are detected on mobile devices on your network. So when it comes time for a security audit, you have all the data you need to prove the current, and historical, states of each device on your network. It's a powerful solution that automates compliance assurance and reporting across your mobility deployment.
IT admins can define policy rules to enable automated remediation actions in response to a security violation or change of state. If a blacklisted application is detected, if the OS is found to be rooted, or if a device configuration file has been tampered with, Fixmo Sentinel can automatically lock or wipe the device without any manual intervention required. And in some cases, it can even initiate a lock or wipe locally without any dependence on a server-side command so that devices and corporate data remain protected even if the SIM card has been removed prior to the security breach taking place.
Fixmo Sentinel uses a local device agent to continuously monitor the state of mobile devices in the workplace. Through patented module analysis and state change detection, it proactively detects the following:
- State changes to system-level libraries or IT policy and configuration files
- Installation, removal or changes to custom or third party applications
- Presence of unverified and potentially malicious third party modules
- Rooting or Jailbreaking of the local operating system
- Presence of blacklisted apps, modules or operating systems
- Removal of required applications and system-level libraries
- Connections to disallowed Bluetooth devices or unsecured WiFi networks
Fixmo Sentinel enables companies to monitor device integrity with confidence. With Fixmo Sentinel organizations have true state monitoringof devices down to the system-level, with the ability detect and state-change via a patented on-device agent. This provides IT with greater assurances that OS tampering and potential policy violations can be proactively detected and prevented.
Going beyond basic inventorying of installed third party apps reported by the mobile OS, only Fixmo Sentinel actively monitors the entire list of installed modules on a device and provides a complete inventory base on actual hash values of the binary files as well as the ability to create whitelist/blacklist policies against the complete set of discovered modules.
Customizable policies enable IT organizations to define automated security actions in response to the detection of unwanted state changes, unverified or blacklisted modules or OS tampering. And only Fixmo Sentinel enables security actions, such as lock/wipe commands, to be executed locally on the device even if the network has been disabled.
And, should it be necessary, detailed reporting on the state of each device in the environment and the complete list of installed modules, with historical records on state changes, policy violations and security response actions exist so that audits can be performed to prove compliance.
A desktop version of Fixmo Sentinel IS is available for free to qualified Government Agencies under the terms of the Technology Transfer Program agreement between Fixmo and the NSA. For more information on Fixmo Sentinel Desktop Edition, click here.