What is our primary use case?
Our primary use case is to secure our corporate and bring-your-own mobile devices to prevent malware threats. The solution is a secure tool to protect against rogue attacks, threats, vulnerabilities, malware, rootkit applications etc. We have the SaaS instance of Lookout, so we don't have anything on-prem.
How has it helped my organization?
Lookout MES is essential to our organization's endpoint security; we require a security stack on all our assets, whether Windows 10, Linux, Mac, or cloud workloads. Mobile is another endpoint we need to protect, and Lookout is the tool we use to protect our mobile devices, corporate and personal.
The solution frees up time for some of our IT and security staff, allowing them to focus on other tasks and projects. We spend less time looking after our mobile security and running manual reports and different company controls. We use our APIs for MDM connected to Lookout to build dashboards, which allows us to be transparent and see the baseline security for our mobile devices, and which ones have the highest vulnerability. The tool helps us with compliance, so all these elements free up time.
Lookout reduced our security and IT overhead costs as we have fewer full-time employees working on producing dashboards. Previously, our staff also had to run manual reports and compile them for a clear security picture, but we no longer require the same amount of staff taking care of mobile devices in the backend.
The product reduced the risk to our organization's data, which was our number one priority when looking for a solution. We need to reduce the risk to our mobile devices and, by extension, the data and clients on them, which is why we chose Lookout.
What is most valuable?
The protection offered by the product is the most valuable feature. It detects vulnerabilities or traps on our users' phones and then prompts them to clean up their devices. Tools we used previously would only discover, which required us to gather information on the backend, so Lookout is a welcome upgrade.
Lookout is excellent for helping end users self-remediate security issues; we have a good relationship with the vendor, we have regular meetings, and they send us communications regarding critical vulnerabilities and what we can do on our backend to protect our organization. They offer guidance on communicating with our users because, ultimately, the users must carry out the malware cleanup due to privacy; it's not automatic. So we have a good partnership with the vendor; we developed a KB article together and offered the best information to our help desks, who can support our mobile users.
The mobile security telemetry offered by Lookout is everything we currently need. We deployed a year ago, so as we mature, we will look for and build dashboards for all the telemetry the solution can provide. It integrates well with our MDM, and we have everything we need.
The solution helps us maintain employee privacy; as with any new tool introduced, privacy was a concern for us. The user has to carry out the Lookout activation for a good reason because they're prompted to allow and disallow certain features. We had to go through all the privacy artifacts from our organization before deploying the tool, and we ensured effective communication with our users from the get-go. We had a successful deployment by being transparent and having regular contact with our users, senior management, and help desks.
What needs improvement?
We just submitted an enhancement request reflecting the main area we want to see improvement in; the APIs. Currently, we're able to build dashboards, but it's somewhat backward because we use our MDM API to create them. Lookout should provide APIs to customers so we can query our data and use it in the cloud, and this is the only outstanding area for improvement with the product right now.
Another improvement could be a more streamlined activation process for Android and iOS; there are several prompts when activating the application on a new device, and if that could be adapted to one click, that would be beneficial.
For how long have I used the solution?
We've been using the solution for about a year.
What do I think about the stability of the solution?
We haven't seen any degradation in performance by adding an additional agent on our devices, and we haven't encountered any situation that required a non-installation or reformat, so the stability is excellent.
What do I think about the scalability of the solution?
The beauty of SaaS is that we don't have to worry about on-prem infrastructure, being able to support the number of devices, or factoring in additional devices that we will bring in later. We never had an issue with availability, so the scalability is great.
How are customer service and support?
We can open and manage use cases through Lookout's platform, no product is perfect, but their responses are always within the SLA.
How would you rate customer service and support?
Which solution did I use previously and why did I switch?
We attempted to use another solution for many months; we deployed it, and it didn't work for us. We had issues integrating it with the MDM we use at the bank and our use cases. We spent a lot of time on pre-production, but we couldn't make the solution work according to our requirements.
How was the initial setup?
The deployment was relatively straightforward; it was medium to low in complexity. We did a lot of pre-deployment work, including gathering all the artifacts required to proceed, risk assessment for the vendor, privacy impact assessment, and due diligence artifacts. As it wasn't an on-prem deployment, we only had to ensure the connections out of the organization and to the cloud were secure, ensuring all lines were encrypted, and that the connector to our MDM tool was in place. We initially deployed in a pre-production tenant, so we had an idea of what to expect when moving to a production environment. We were familiar with all the required steps and the configuration.
My team supports the security stacks for all platforms, and with Lookout being a SaaS, the only task to do on our end is updating the agent, which is done automatically through our MDM. The MDM detects updates and pushes the agent out to all the mobile devices; we don't have to do anything manually.
What about the implementation team?
We implemented with our organization's teams, and we had partnerships; we wanted to ensure we had training included and initial PS hours, which were included in the initial help from the vendor. No third party was necessary; we confirmed it was built into the contract that we would have the training and PS hours assigned. We wanted a smooth and successful deployment, which is good for both the vendor and us, so it was an excellent two-way partnership.
What was our ROI?
We have seen an ROI with the platform and are delighted with it overall. We don't expect to find a perfect tool, but thanks to the partnership we built with Lookout, we look forward to a bright path ahead.
What's my experience with pricing, setup cost, and licensing?
The pricing is fair; it's comparable to our previous solution, and we carried out multiple POCs and POVs (proof of value). The product is worth the money we pay for it.
What other advice do I have?
I rate the solution eight out of ten.
Overall, my assessment of Lookout for helping secure our remote workers' access to devices is that no tool is perfect. We have to augment it with the other controls we have in place at the bank, but we're happy with the purchase and have replaced the previous tool that wasn't working for us. We're satisfied to have found a solution that works well for us.
We have yet to implement the endpoint detection and response with this particular product, but EDR is a feature we rely heavily upon for all our endpoints. We might not be licensed to use it yet with Lookout, so we have yet to qualify its EDR capabilities.
To someone who has an existing mobile device management solution and doesn't want to add a secure web gateway product, there's a lot you can do with an MDM. Still, you usually can't run vulnerability management and attack prevention. With a mobile endpoint product, you can close the loop on the MDM, and that's how we use it. A robust MDM for device management and a good platform to reduce risks and manage vulnerability. In my opinion, you have to have both.
My advice to others evaluating the solution is not to limit the protection of the mobile force to one product and to carry out a POC on several tools. Going for Lookout or any platform of this type, communication to the end user is the top priority, and top-to-bottom communication works very well in this case. It provides visibility and transparency from senior management to the end user. Communication is essential for a successful mobile endpoint security deployment.
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.