HANDD Business Solutions

Lookout Mobile Endpoint Detection & Response EDR - From HANDD Business Solutions

Scalable, unified Mobile Endpoint Detection and Response platform to protect managed or unmanaged IOS, Android and Chrome OS devices. The platform is powered by telemerty from hundreds of millions of mobile application, devices and web items to detect mobile compromise and phishing attacks.

Features

• Mobile Endpoint Detection & Response
• Mobile Threat Intelligence & Advisory Services
• Managed Device & BYOD Security
• Device Risk Posture Management
• Mobile Phishing & Content Protection
• Mobile Vulnerability Management
• App Binaries & PCAP
• Mobile Web & Content Analysis
• Malicious & Risky Code Analysis
• Indicators of Compromise

Benefits

• Visibility into risk posed by mobile devices and users
• Protect agaist threats on managed & BYO Mobile devices
• Mitigate the risk of credential and multifactor authentication compromise
• Extend your Endpoint Detection and Response capabilities to cover mobile
• Minimise threats with adaptive access control
• Implement phishing and content control specific to mobile
• Protection that goes beyond mobile device management
• Intergrate seamlessly with existing infrastructure and services

£22 a device a year

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at matt.parkinson@handd.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

653599699549107

Contact

Matthew Parkinson
07779150169
matt.parkinson@handd.co.uk

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: Mobile Device Management or Unified Endpoint Management solutions like Intune or Workspace One. Or as an extention to your existing Endpoint Detection & Response service to cover your managed and unmanaged mobile fleet.
• Cloud deployment model: Public cloud
• Service constraints: N/A
• System requirements: N/A

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: 30 minutes to 8 hours depending on issue severity.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: HANDD provide bespoke configuration, support, management and managed service offerings depending on size and complexity. Vendor support is included in th costs provided
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Customers will have access to a dedicated support portal containing but not limited to: Documentation and deployment guides, Elearning and videos, test plans and internal roll out communications.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Lookout does not store sensitive customer data within the solution, deleting all customer meta data according to the data retention period configured by the customer. Data retention can be configured between 3 & 36 months.
• End-of-contract process: Upon contract termination the customer tenat with its accociated data are deleted.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: Yes
• Compatible operating systems:
  • Android
  • IOS
  • MacOS
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Mobile specific Endpoint Detection and Response. It does not cover traditional endpoints.
• Service interface: Yes
• User support accessibility: None or don’t know
• Description of service interface: Lookout Mobile EDR provides a single pane of glass approach to management with the web based GUI designed to provide all administrative and investigative features within a single UI. Accessable globally in a responsive design, the intuitive user experience lets authorised users access the management console for any type of role, including:; Full Access; Restricted Access; Analyst Access; Analyst Read Only Access; Read Only Access
• Accessibility standards: None or don’t know
• Description of accessibility: N/A
• Accessibility testing: N/A
• API: Yes
• What users can and can't do using the API: Lookout Mobile EDR provides various enterprise integrations for the support of bidirectional telemetry as well as the purpose of automating tasks. As an example, three of the open RESTful API’s are;; · Mobile Risk API (stream/query threats, devices, OS, vulnerabilities, etc); · SSO Config API – Automate the implementation of Single Sign On for tenants; · Connector API – Automate the implementation of EMM/MDM; · PCP Threat Feed – Ingest domain IOC’s; Further information can be found in our API Swagger document LINK . This is a responsive and interactive guide that cannot function as a hard copy.; The enterprise integrations enable the organisation to receive a push of data or can query the Lookout dataset to retrieve specific data. Example include Web API supporting the following ;; · Get Device/s by Filter; · Get Web and Content Threat/s by Filter; · Get Threat by Filter; · Get Threats by Filter Web and Content; · Get Android Security Patch Level Vulnerabilities; · Get CVE information; · Get Devices Vulnerable to CVE; · Get OS Vulnerabilities; · Get IOS Vulnerabilities for Given Version; · Get IOS and Android Version Present in the Fleet; Stream Mobile Risk Device, Threat and Audit Events
• API documentation: Yes
• API documentation formats: Open API (also known as Swagger)
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: The logos on the admin console and the application can be customised and all allert messages pushed to mobile devices can be customised also. All security policies are fully customisable on a security group basis.

Scaling

• Independence of resources: The solution has been designed with the following principles to ensure that users aren't effected by demandon the service. The solution supports true cloud principles with auto-scaling capabilities with the infrastructure implemented using cloud native technologies such as micro-services, virtualisation, containerisation, message brokers, elastic load balancers and data lakes. Each of the components within the solution are designed to scale as and when required.

Analytics

• Service usage metrics: Yes
• Metrics types: They are available within the Management Console (real time dashboard) enabling authourised users to access license usage and licence availability. Fleet deployment status is available via API into the EMM/MDM or via open RESTful API.
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: We sell our own Professional services including pre/post-sales support

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: All telemetry that is provided through Lookout Mobile EDR can be exported via the web based management console GUI, exported as reports/CSV or accessed through the various enterprise/API intergrations.
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • HTTPS API
  • PDF
• Data import formats:
  • CSV
  • Other
• Other data import formats: HTTPS API

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • Other
• Other protection within supplier network: The generation, storage and management of data encryption keys is done via Amazon KMS. Lookout uses a transparent data encryption equivilent in our databases (RDS managed encryption); All local administrator account passwords are securely stored, encrypted and hashed.

Availability and resilience

• Guaranteed availability: Lookout commits to provide 99.9% uptime with respect to the Feature Components during each calendar month of the subscription period, excluding Excluded Downtime ("Service Availability") "EXCLUDED DOWNTIME" means the following times which shall not be counted as outage downtime. Any availability caused by:; FORCE MAJURE EVENT; SYSTEMS, HARDWARE OR SOFTWARE OUTSIDE OF LOOKOUT'S REASONABLE CONTROL INCLUDING THIRD-PARTY MDM SOFTWARE; NETWORK INTRUSTIONS AND DENIAL OF SERVICE ATTACKS, PROVIDED THAT LOOKOUT SHALL IN ALL CASES USE INDUSTRY BEST PRACTICES TO PREVENT SUCH EVENTS; SYSTEM MAINTENACE; EMERGENCY MAINTENACE; FEATURED COMPONENTS OF THE lOOKOUT SERVICES INCLUDE THE ADMINISTRATIVE CONSOLE AND CUSTOMER PORTAL USED BY CUSTOMERS TO PROTECT THEIR MOBILE DEVICES, AS WELL AS INFRASTRUCTURE REQUIRED TO ENABLE THE BELOW CORE FUNCTIONALITIES:; ABILITY TO LOGIN OR AUTHENTICATE TO THE CUSTOMER PORTAL (MTP LOGIN); ABILITY TO DISPLAY DEVICE VIEWS WITHIN THE MTP CONSOLE (MTP LOGIN AND DEVICE VIEW); ; Maintenance windows and emergency maintenance definition available upon request.
• Approach to resilience: Available upon request once mutual NDA signed.
• Outage reporting: Email notification, esupport portal and public dashboard.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
• Access restrictions in management interfaces and support channels: Access to the management console is restricted using SAML intergration to an existing IDP, or username, password and MFA for local accounts. Role Based Access Contral limits permissions available to users with 6 roles available from Full Access to Read Only access. Non administrative users do not have access to the management console.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: You control when users can access audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Schellman & Company LLC
• ISO/IEC 27001 accreditation date: https://public-profile.whistic.com/4a2175f5-4cce-bc91-a703139bb6f2
• What the ISO/IEC 27001 doesn’t cover: The scope of the ISO/IEC 27001 cerification is limited to the information security management system (ISMS) that comprises of Lookout's systems, applications, data, people processes, policies and proceedures supporting the mobile security products and services.
• ISO 28000:2007 certification: No
• CSA STAR certification: Yes
• CSA STAR accreditation date: See below public link.
• CSA STAR certification level: Level 1: CSA STAR Self-Assessment
• What the CSA STAR doesn’t cover: https://public-profile.whistic.com/4a2175f5-4cce-bc91-a703139bb6f2
• PCI certification: Yes
• Who accredited the PCI DSS certification: See below link.
• PCI DSS accreditation date: See below link.
• What the PCI DSS doesn’t cover: https://public-profile.whistic.com/4a2175f5-4cce-bc91-a703139bb6f2
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications:
  • SOC2
  • FedRAMP
  • CCPA
  • EU-US Privacy Shield

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • ISO/IEC 27001
  • Other
• Other security governance standards: SOC2; FedRAMP ; StateRAMP; Cyber Essentials; CCPA; EU-US Pricacy Shield ; GDPR
• Information security policies and processes: To be shared upon signiture of NDA

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Lookout treats security as an essential part of the design and implimentation. Lookout security, developers and other technical staff apply information security engineering principles in the specification, design, development, implementation and mobification of the infomation system by following the Lookout SDLC and industry standard security principles. Lookout implements a defense in depth security engineering philosophy. Futher detail is available on proceedures and technology implemented upon request.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Lookout treats security as an essential part of the design and implimentation. Lookout security, developers and other technical staff apply information security engineering principles in the specification, design, development, implementation and mobification of the infomation system by following the Lookout SDLC and industry standard security principles. Lookout implements a defense in depth security engineering philosophy. Futher detail is available on proceedures and technology implemented upon request.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Lookout treats security as an essential part of the design and implimentation. Lookout security, developers and other technical staff apply information security engineering principles in the specification, design, development, implementation and mobification of the infomation system by following the Lookout SDLC and industry standard security principles. Lookout implements a defense in depth security engineering philosophy. Futher detail is available on proceedures and technology implemented upon request.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Lookout treats security as an essential part of the design and implimentation. Lookout security, developers and other technical staff apply information security engineering principles in the specification, design, development, implementation and mobification of the infomation system by following the Lookout SDLC and industry standard security principles. Lookout implements a defense in depth security engineering philosophy. Futher detail is available on proceedures and technology implemented upon request.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: Yes
• Connected networks: Other
• Other public sector networks: Any internet connected solution

Social Value

• Social Value:

  Social Value

  Equal opportunity

  Equal opportunity

  HANDD’s Equal Opportunities Policy The aim of this policy is to communicate the commitment of the Board and management to the promotion of equality of opportunity in HANDD Business Solutions. It is our policy to provide equality of staff membership to all, irrespective of: gender, including gender reassignment marital or civil partnership status having or not having dependents religious belief or political opinion race (including colour, nationality, ethnic or national origins, being an Irish traveller) disability sexual orientation age We are opposed to all forms of unlawful and unfair discrimination. All members of the organisation will be treated fairly and will not be discriminated against on any of the above grounds. Decisions on membership, selection for office, training or any other benefit will be made objectively, without unlawful discrimination, and based on aptitude and ability. To request a copy of this policy please email careers@handd.co.uk

Pricing

• Price: £22 a device a year
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: Free trial are available for proof of value and testing for upto 4 weeks.

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at matt.parkinson@handd.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.