Today, the European Union’s (EU) General Data Protection Regulation (GDPR) goes into effect. For the few information security folks that haven’t heard about it, GDPR is designed to protect personally identifiable information (PII) and to give ultimate power over that PII to the person it describes: the end user. In the mobile world, PII is information that can uniquely identify a person, such as their name, phone number, International Mobile Equipment Identity (IMEI) number, media access control (MAC) address and email address.
In addition to a slew of other enterprise differentiators from on-device detection to managing multiple EMMs in a single console, Zimperium has also always been the industry leader in privacy protection. So, while today is big for everyone trying to meet GDPR, it is just another day for us.
Zimperium has an easy-to-use, optional configuration setting that ensures advanced mobile device security in a completely GDPR-compliant manner. For customers needing the GDPR option, Zimperium activation is provided with links within device groups that anonymize the end user. Users no longer have usernames and passwords, but instead use the activation link to initialize the zIPS app.
Over the last five years, Zimperium’s machine learning-based engine, z9, has detected 100 percent of zero-day mobile exploits without requiring an update. In addition to its proven efficacy against zero-day device and network attacks, z9 is the only machine learning-based engine capable of detecting previously unknown mobile malware on-device without requiring updates and without the risks of cloud-based lookups.
Zimperium’s approach to detection does not require the use of PII, so our ability to detect threats is not affected when adhering to privacy laws like GDPR. With Zimperium’s GDPR functionality, companies receive all of Zimperium’s mobile risk and active threat detection in a completely GDPR-compliant manner.