News
Abstract
MaaS360 is an advanced mobile device management (MDM) platform that can be used to manage and secure mobile devices within any organization. MaaS360 advocates for Zero Trust and its goal to eliminate the traditional "trust boundary" that exists between an organizations’ internal network and the Internet, and to instead require strict verification of identity and access for every request. This approach is designed to prevent unauthorized access to sensitive resources, even if an attacker successfully compromises the network or individual devices. Consider the following actions to apply the Zero Trust model to your MaaS360 Environment.
Content
- Enroll all mobile devices in MaaS360. All mobile devices that are used for work purposes must be enrolled in the MaaS360 platform and comply with the organizations’ mobile device policies. Using services such as Apple’s Device Enrollment Program, Android Zero Touch, and Samsung KME can assist in automating this step.
- Implement strong authentication. All mobile devices and Administrators must use strong continuous authentication measures, such as multi-factor authentication or similar security, to access corporate resources. MaaS360 can integrate with services like Azure and other Identity Managers to allow more modern authentication workflows. Visit Configuring directory and enrollment settings in the MaaS360 Portal and Configuring administrator settings in the MaaS360 Portal for more info.
- Segment mobile devices. Mobile devices will be segmented into different groups based on their role or purpose, and different security policies will be applied to each group as needed.
- Restrict access. Access to sensitive resources and services on mobile devices will be restricted to only those users who need it, based on the principle of least privilege. Best practices for policies.
- Enable real-time monitoring. MaaS360 can be configured to monitor mobile device activity in real-time, alert the security team to any suspicious activity, and isolate compromised devices using predefined remediation action. It is recommended to have incident response procedures in place to deal with potential alerts. See MaaS360 Endpoint Threat Management, User Risk Management for MaaS360, and Reports for more info.
Related Information
[{"Type":"MASTER","Line of Business":{"code":"LOB24","label":"Security Software"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSYSXX","label":"IBM MaaS360"},"ARM Category":[{"code":"a8m3p000000hCH9AAM","label":"PLATFORM"}],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Versions"}]
Was this topic helpful?
Document Information
Modified date:
22 June 2023
UID
ibm16995773