Update - 11/10/2022 - Mobile Network Protection for Defender for Endpoint on Android and iOS is now generally available.
The way organizations conduct business has changed dramatically over the past few years, with employees working from home or following a hybrid work model. This shift has made users more reliant on network connections for both personal and work commitments. This increased need for connecting to digital networks, while often convenient, has made users more prone to security risks. Noting this trend, organizations are realizing the critical role that securing the network plays in managing the day-to-day operations and resilience of their business, especially when it comes to keeping their employees and data safe.
As the world continues to make sense of the digital transformation, networks are becoming increasingly complex and provide a unique avenue for nefarious activity if left unattended. To combat this, Microsoft offers a mobile network protection feature in Defender for Endpoint that helps organizations identify, assess, and remediate endpoint weaknesses with the help of threat intelligence.
We are delighted to announce that users can now benefit from this new feature on both Android and iOS platforms with Microsoft Defender for Endpoint.
This feature will provide users:
- Protection against rogue Wi-Fi-related threats and rogue hardware like pineapple devices
- Protection against malicious certificates that are installed or downloaded on Android
- Notifications when a Wi-Fi-related threat is detected
- An in-app guided experience to connect to secure networks
- Remediation options to change networks when a network is determined as suspicious
- A medium-priority alert when a suspicious network is detected, and an informational alert when an open network is detected
How to configure mobile network protection
This feature provides flexibility for admins by offering the following controls:
Enable and disable the following:
- The Network Protection feature
- Trust flow for allow-listing certificates on Android
- The open network detection and open network alerts
- The trust flow to trust access points for end users
- The trust flow to trust certificates (only on Android) for end users
- Privacy controls for end user
How to test out the mobile network protection
- Upon successful login, users need to grant pre-existing onboarding permissions like allow notification permission to enable Defender for Endpoint to notify them when a threat is found.
- Once permission is accepted the user will see a page where permission is asked to collect diagnostic data for future product improvements. If the user opts out no data will be sent.
- Upon successful onboarding, users will see a new card and a tab labeled “Network Protection”. If Wi-Fi is OFF – In-app messaging will guide users to turn on the Wi-Fi from within the app. Once the Wi-Fi has been enabled, the Wi-Fi networks are scanned for threats and the scan results determine the device's state.
- Users need to enable location permissions; this enables Defender for Endpoint to scan their networks and alert the users when there are WIFI-related threats. If the location permissions are denied by the user, Defender for Endpoint will only be able to provide limited protection against network threats and will only protect the users from rogue certificates.
- Once permission is accepted the user will see a page where permission is asked to collect diagnostic data for future product improvements. If the user opts out, no data will be sent.
- Once the app is installed on the device, users will see a new card and a tab labeled “Network Protection”. Tapping on the feature card will take users to a page where they can initiate a scan for all available networks and certificates.
- If Wi-Fi is OFF – In-app messaging will guide users to turn on the Wi-Fi from within the app. Once the Wi-Fi has been enabled, the Wi-Fi networks are scanned for threats and the scan results determine the device's state.
Keep in mind
- Microsoft strongly recommends enabling location permissions on Android devices. This setting can help protect against network-related threats.
- Microsoft does not collect location information from users.
We want to hear your feedback! Tell us about your experience using Microsoft Defender for Endpoint’s latest Mobile Network Protection feature on your iOS and Android devices. If you have not started protecting your network connections, try it today, and let us know what you think.