iPet Insurance enabled security and usability with MobileIron
Industry: Financial services and insurance
"We compared several different UEM solutions that technically met our feature requirements. Specifically, we needed to ensure the solution had strong support and a strong customer base. Only MobileIron provided the solution that met our needs."
Mr. Yasuhito Kawamura,
Senior Technical Leader Service Desk Manager, Systems Department, Ipet Insurance Co., Ltd.
iPet Insurance offers insurance services to support medical costs for pets. To improve the efficiency of processing insurance contracts, the company needed a better way to enable customized app distribution, reduce operational costs, and secure its insurance subscription applications. To meet this goal, the company replaced legacy tablets with Apple iPads used for insurance contract operations and upgraded its previous MDM platform with a highly secure UEM platform.
Increased security and operational efficiency
iPet Insurance Co., Ltd. started its business in 2004 with the slogan, “Help build a better society by improving people’s lives with pets and by encouraging healthy growth of the pet industry.” iPet provides pet insurance and payment services that are sold through pet shop channels in Japan. As a result of steady business growth, iPet was listed on Mothers with the Tokyo Stock Exchange in 2018.
To reduce paperwork during the sales process, iPet has long offered mobile tablets to its channel partners in order to provide access to in-house web apps. “With our previous mobile device management (MDM) solution, we only used basic management features such as remote wipe. As the number of tablets used by employees increased, our IT workload also increased. As a result, in 2017, we decided to upgrade our mobile device platform to a Unified Endpoint Management (UEM) platform to deploy iPads, increase device security, and reduce operational workload,” said Yasuhito Kawamura, Senior Technical Leader/Service Manager, Information System Department of iPet Insurance.
MobileIron selected for large customer base and excellent support
While iPet Insurance had an MDM platform in place, it looked for a UEM solution that provides increased security for emails and browser apps. “We compared several different UEM solutions that technically met our feature requirements. Specifically, we needed to ensure the solution had strong support and a strong customer base. Only MobileIron provided the solution that met our needs. Being a financial services organization, reliability was important for us and both pre-sales and post-sales support were key MobileIron differentiators, and so was its large customer base,” said Kawamura.
In the initial deployment, iPet prioritized Email+ for secure email and [email protected] for secure browsing through MobileIron UEM. MobileIron’s support for Apple Business Manager enabled the company to ship pre-configured devices to their channels and also distribute additional new apps as needed.
MobileIron Threat Defense stops various mobile threats and improves mobile security
iPet owns about 1,200 devices, including 900 iPads used by channel partners and 300 iPhones and iPads used by employees. Initially, iPet needed to give its employees a more efficient way to access company information as well as give channel partners more secure device distribution. After its deployment, iPet realized it had additional requirements.
“Our sales representatives wanted to access internal company data and sensitive sales information when they were on the road, which required a higher level of security. We added MobileIron Threat Defense (MTD) to protect against various threats as a layered security level to the secure browser,” said Kawamura. MTD is integrated with the MobileIron Go app, which enables 100% user adoption without requiring any user actions. Although iPet now allows its sales representatives access to internal data, it still prohibits remote access to personally identifiable information (PII), which is controlled by MobileIron Sentry.
When first implementing MTD, Kawamura saw many alerts coming in through MTD. He took time to understand which alerts needed to be addressed, and now he feels more confident handling them. “We started with the default settings but then we received too many small alerts, including an iOS update delay. We monitored the solution for about a month to ensure we were only receiving true threat alerts. We can also check MTD logs to find activities against our security rules such as free Wi-Fi use and then I contact those users to advise the right ways to use their devices," said Kawamura.
Mobile transformation with MobileIron Tunnel per-app VPN
In order to provide channel partners access to insurance contracts and pet sales management, iPet deployed the MobileIron Tunnel per-app VPN. “There are some apps that we wanted to block from internal resources. With Tunnel and Sentry, we are now able to provide app-level controls and security. Native browsers provide a better user experience, instead of the secure browser,” said Kawamura.
iPet developed web apps and iOS apps to help channel partners create and share insurance contracts and pet sales management documents. iOS apps are distributed through Apple Business Manager and web app access is controlled with MobileIron’s certificates.
Additionally, to gain partner feedback about apps in development, the company allows the channel partners to test the apps securely through Tunnel before releasing them into production. “Before using Tunnel, we could only show a screenshot for partner feedback. Now we can show apps under development, and it is easier for users to understand how those apps work and then provide feedback. Now we can receive more detailed and broad feedback before putting a new app into production. We can also use Tunnel for new app training. Per-app VPN transformed the mobile world for us,“ explained Kawamura.
Future plan: introduce ZSO using MobileIron Access
iPet Insurance is making good use of MobileIron’s solutions and is planning to do more.
“Single sign-on is mandatory for us because employees do not want to enter passwords on mobile devices every time they access an application. Currently we are using browser cache so passwords are kept for a while. On the other hand, we have deployed Azure Active Directory after consolidating multiple domains. We are now testing SSO, and we are planning to deploy MobileIron Access in 2020 to integrate with Azure AD,” Kawamura said.
The sales managers who need to work remotely use Windows laptops, but in the future they will be replaced with VDI for stronger security. “We are thinking about replacing Windows 10 laptops with iPads for remote work in order to access Windows via VDI using Tunnel,” said Kawamura.
Additionally, Kawamura checks MobileIron’s updates quite often. He checked MobileIron’s blog to set up MobileIron Sentry to block personal accounts. Now he can allow the users to use G Suite securely. “Our initial use case was very simple but eventually we had to add more features. Many organizations sacrifice usability for security but we wanted to avoid it. Thanks to MobileIron, we’ve been able to accomplish what we do now,“ said Kawamura. iPet keeps exploring even more options and features together with MobileIron.