Microsoft has announced some improvements to Microsoft Defender for Endpoint (formerly Defender ATP) that should help remote workers with Androids and iPhones more securely access information from the corporate network.
Microsoft has refreshed the look and feel of the Microsoft Defender for Endpoint apps for Android and iOS. It’s also enabled mobile application management for devices that aren’t enrolled in Microsoft’s Intune mobile device management (MDM) platform, and enabled jailbreak detection for iOS.
Previously, Microsoft Defender for Endpoint worked on devices that were enrolled using Intune mobile device management (MDM) only.
Microsoft Defender for Endpoint is a cloud-based service and distinct from Microsoft Defender antivirus. In April, Microsoft released a preview of Microsoft Defender for Endpoint that supported unmanaged devices running Windows, Linux, macOS, iOS and Android as well as network devices.
Part of its functionality is aimed at helping security teams investigate and secure unmanaged PCs, mobile devices, servers, and network devices on a network.
This update is about broadening mobile application support for organizations that are using Intune but might have devices that aren’t enrolled in an MDM, including popular third-party MDM solutions.
“With this update Microsoft Defender for Endpoint can protect an organization’s data within a managed application for those who aren’t using an MDM but are using Intune to manage mobile applications,” Microsoft said in a blogpost.
“It also extends support to customers who use other enterprise mobility management solutions such as AirWatch, MobileIron, MaaS360, and others, while still using Intune for mobile application management.”
The other interesting feature is the product can now detect jailbreaks on iOS devices.
“Jailbreaking an iOS device elevates root access that is granted to the user of the device,” Microsoft says. “Once this happens, users can easily sideload potentially malicious applications and the iPhone won’t get critical, automatic iOS updates that may fix security vulnerabilities.”
The jailbreak detection feature for Microsoft Defender for Endpoint has now reached general availability. It detects both unmanaged and managed devices that have been jailbroken and sends an alert when it happens to Microsoft 365 Defender.
“These kinds of devices introduce additional risk and a higher probability of a breach to your organization,” Microsoft says.
It should be easier now to enroll iOS devices since users no longer need to provide VPN permissions to get anti-phishing protection. Admins can now just push the VPN profile to enrolled devices.
Lastly, Microsoft Tunnel VPN within the Microsoft Defender for Endpoint app for Android has reached general availability.