Platform security
- All the communications between server and %whitelabelText2% apps, uses HTTPS secure connections with cryptographic protocol TLS 1.2. Certificate is Pinned in order to prevent man-in-the-middle attacks
- MDM communications between server and devices are code-signed to prevent command tampering
- critical and sensitive MDM communications between server and devices are end2end encrypted
- %whitelabelText3% Agent for Android is compiled with advanced security technics that prevents code inspection, defends reverse engineering and takes the security more robust
- View Screen feature can be forced on cryptographic protocol TLS to increase security
- 2 factor authentication (via mail or Authenticator app) is enforced for admins
- admin's single auth session is limited to a maximun of 8 hours
- authentication on %whitelabelText2% is based on a token and time expiration
- in cases of failed authentication attempts, user is asked to insert captcha verification code
- server manage a ban list in case of attack or bruteforce attempts
- when a password is changed, user will be notified on its email
- data are separeted ad saved in a specific dedicated client's container
- devices' or profiles' encryption is managed by the OS. See references for more info.
- Android device integrity check can be enabled at enroll.
- data is mantained in Europe and datacenters are UNI CEI EN ISO/IEC 27001:2017 certified
Android References
https://storage.googleapis.com/android-com/resources/enterprise/pdfs/AE Security Paper_V6 CM.pdf
https://source.android.com/security/encryption
https://www.linkedin.com/pulse/android-encryption-basics-mike-burr-cissp-giac-gmob
Apple References
https://support.apple.com/en-gb/guide/security/secf020d1074/1/web/1
https://www.apple.com/business/docs/site/AAW_Platform_Security.pdf