Symantec (UK) Ltd

SEP Mobile

SEP Mobile offers the most comprehensive, accurate and effective mobile threat defense solution, delivering superior depth of threat intelligence to predict and detect an extensive range of existing and unknown threats. SEP Mobile’s uses a layered approach that leverages crowd-sourced threat intelligence, in addition to both device- and server-based analysis.


  • Identification and protection from suspicious networks and malicious developers
  • Public mobile app helps protect privacy and productivity
  • Rapid on-boarding with native iOS and Android apps
  • Automated IT policy enforcement via integration with existing enterprise EMM
  • Superior visibility into mobile vulnerabilities and threats and attacks
  • Defense against zero-day attacks
  • Discovering high volumes of novel vulnerabilities and threats
  • Proactive defense without third party integration
  • Engines to detect no compliance situations on App and devices


  • Rapid on-boarding with native iOS and Android apps
  • Identification and protection from suspicious networks and malicious developers
  • Automated IT policy enforcement
  • Provide visibility into mobile vulnerabilities, threats and attacks
  • Capability to detect no-compliant situation, make a correction action
  • Proactive defense against threat without third party integration
  • Minimum impact over device resources
  • Device risk score based on inventory, patch level, vulnerabilities
  • Detect and block vulnerabilities exploitation
  • Automated risk and threat detection and remediation


£40.91 per device per year

  • Free trial available

Service documents


G-Cloud 11

Service ID

5 3 3 6 6 9 7 7 2 9 4 3 1 2 4


Symantec (UK) Ltd

Paul Heath

07753 417 309

Service scope

Service scope
Software add-on or extension No
Cloud deployment model Public cloud
Service constraints The service is supported from IOS 8.x and Android 4.x up to the last version
System requirements
  • From IOS 8.x up to the last version
  • From Android 4.x up to the last version

User support

User support
Email or online ticketing support Email or online ticketing
Support response times 24x7 access to Symantec's technical support team are included with Essential Support
The respond time is going to depend based on the incident criticality and severity.
Critical 1: business hour* or less - High 8 business hours* or less - Medium 2: business days - Low 10 business days
Severity1: Target within 30 minutes.
Severity2: Target within 2 hours
Severity 3: Target response: by same time the next business day Severity 4: Target response: within the next business day
User can manage status and priority of support tickets Yes
Online ticketing support accessibility None or don’t know
Phone support Yes
Phone support availability 24 hours, 7 days a week
Web chat support No
Onsite support Yes, at extra cost
Support levels The product will come with standard support included as part of the services and includes online support via our portal. In addition, if purchased directly from Symantec a remote cloud specialist will be assigned to provide an account management style support. If purchased through a 3rd party the remote cloud specialist is not provided and this would need to be provided by the third party. For large (+10,000 users) and complex estates there is the possibility to purchase Business Critical Services. This level of services can be bespoke to customer needs and will start from approximately £20,000 per annum.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started There is a specific team which main function is to help users to make the initial setup, configuration and deployment, ramp up, and get the end user satisfaction.

Additionally, professional services can help on-site in those complex integrations or those tasks that the Ebuyer would be not able to do by itself with the previous team support.
Service documentation Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction Users can extract data, incidents, events or assets, from the service using different secure ways or integrations during the service life. After 30 days of service termination, any user data will be deleted.
End-of-contract process 30 days after the end of the contract the user / buyer's instance and its data will be deleted. There is no additional cost.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 7
  • Internet Explorer 8
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
Application to install Yes
Compatible operating systems
  • Android
  • IOS
Designed for use on mobile devices Yes
Differences between the mobile and desktop service This service is designed to work on mobile devices
Service interface Yes
Description of service interface The portal is a web based management console. As the administrator you can configure various security, risk and compliance settings.
Accessibility standards None or don’t know
Description of accessibility Administered through a web based management console, the console provides role based access controls. Permissions can be set as full or viewer only. The console provides the ability to configure and manage the service, access report and make integrations.
Accessibility testing Unknown
What users can and can't do using the API The service provides a REST API which allows services such as SIEM's to get information regarding security events, security incidents and risk situations.
API documentation Yes
API documentation formats HTML
API sandbox or test environment Yes
Customisation available Yes
Description of customisation The buyer can customize End user message, alerts and interface to choose what information will show to the end user. Also the buyer logo could include on specific screens.


Independence of resources SEP Mobile is elastic cloud service running on Symantec layer over AWS cloud infrastructure, which can satisfy end users demands. The service is currently provided to thousands of user without any performance impact, and escalating perfectly well for new buyers, or end users.


Service usage metrics Yes
Metrics types It provides information regarding enrolled users and devices.
Reporting types
  • API access
  • Real-time dashboards
  • Regular reports


Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations EU-US Privacy Shield agreement locations
User control over data storage and processing locations Yes
Datacentre security standards Managed by a third party
Penetration testing frequency At least every 6 months
Penetration testing approach In-house
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
Data sanitisation process Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data importing and exporting
Data export approach There are several choices on the product console to export incidents or devices information through CVS file. Also a REST API, and third party integration - SIEMS, allows to export specific data.
Data export formats
  • CSV
  • Other
Other data export formats RESP API - XML
Data import formats
  • CSV
  • Other
Other data import formats EMM Integration which provides user and device data

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Availability and resilience
Guaranteed availability SLA commitment for the service is an uptime of 99.5%. “Service Credit” means the amount of money that will be credited to Customer’s next invoice after submission of a Credit Request and validation by Symantec that a credit is due to Customer. Please check the following doc for extended information.
Approach to resilience It's available on request. Regardless, our SEP Mobile service is running on AWS datacenter which are designed to be resilient.

Each critical server in SEP Mobile's cloud environment is backed by either duplicate multiple instances or a slave node to which failover can be performed, ensuring minimal system downtime in case of a critical failure. The automatic failover process is triggered by Engine Yard infrastructure after it has been determined that a component is unable to reliably respond to requests.
The impact on end user experience in cases of downtime is also minimal. There will not be any visible impact on the functionality of users’ mobile devices, rather, only a delay in some of the alert notifications in cases where the user experienced an attack during the downtime event.
Database backups of SEP Mobile's production system are taken daily and prior to any major upgrade or configuration change to SEP Mobile's production environment. Backups are stored in an encrypted format and allow, in the event of a disaster, the creation of a replica environment within a minimal period of time.
Disaster recovery scenarios are tested periodically by the SEP Mobile's operations team.
Outage reporting Email alerts and also Symantec Status page,

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • 2-factor authentication
  • Username or password
Access restrictions in management interfaces and support channels Access to SEP Mobile's production servers or their managing interfaces (e.g. Engine Yard’s management console) is restricted to SEP Mobile's operations and support personnel and a small number of SEP Mobile's R&D team members, who require this access to perform their duties.
Access to these systems is controlled via a two-factor authentication process. Access controls to production servers are reviewed every six months at a minimum.
Access restriction testing frequency At least every 6 months
Management access authentication
  • 2-factor authentication
  • Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users contact the support team to get audit information
How long user audit data is stored for Between 1 month and 6 months
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for Between 1 month and 6 months
How long system logs are stored for Between 1 month and 6 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 ISO 27001 and FISMA certified data centers managed by Amazon
ISO/IEC 27001 accreditation date Managed by Amazon
What the ISO/IEC 27001 doesn’t cover SEP Mobile uses ISO 27001 and FISMA certified data centers managed by Amazon
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification Yes
Who accredited the PCI DSS certification Uses PCI-compliant 3rd-party services (Stripe) to manage credit card transactions
PCI DSS accreditation date Stripe
What the PCI DSS doesn’t cover Skycure uses PCI-compliant 3rd-party services (Stripe) to manage credit card transactions, and does not store or see any credit card information. For more info about Stripe’s security, go to:
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified No
Security governance approach SEP Mobile has assigned Yair Amit, SEP Mobile CTO and co-founder as its Information Security Officer. The security officer’s main responsibility is protecting the confidentiality, integrity, and availability of SEP Mobile's data and computing assets. Other key responsibilities include:
• Product security architecture and strategy
• Vulnerability management
• Security incident response
• Risk assessment and audit
• Security awareness
• Periodic review of information security policy

SEP mobile's performs regular risk assessments.
Security policy can be provided if is needed.
Information security policies and processes SEP Mobile has specific security policy which defined the following processes which are followed:
1) INFORMATION ACCESS CONTROL MANAGEMENT - which includes : Customer Environment Access, Access to Production Servers, Data Segmentation between Organizations, Network Access, Billing, Vendor Management
2) HUMAN RESOURCES SECURITY MANAGEMENT - which includes : Background Checks, Security Training, Off-boarding,
3) PHYSICAL SECURITY MANAGEMENT- which includes: Data Center and offices
4) OPERATIONS MANAGEMENT - which includes: Development and Testing, Malware Mitigation, High Availability, Disaster Recovery and Database Backup, Data Retention and Destruction, Data Archive, Network Security, Monitoring,
6) INFORMATION SYSTEMS SECURITY MANAGEMENT - which includes: Password and Authentication Controls, Laptop Security Controls, Mobile Device Security Controls, Vulnerability Management, Source Code Controls, Incident Reporting and Management, Exception Procedure, Disciplinary Action, Policy Review

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach All code changes being deployed to production undergo a mandatory code review as well as an automatic inspection process. Configuration changes are managed and documented by the SEP Mobile DevOps team.
Vulnerability management type Supplier-defined controls
Vulnerability management approach SEP Mobile cloud servers use the Gentoo Linux distribution. The Gentoo Foundation demonstrates their security commitment by frequently updating their host operating system to address security issues. In addition, SEP Mobile's security officer receives periodic notifications from various information security resources and SEP Mobile's operations personnel runs a periodic vulnerability scan on SEP Mobile's production servers.
When a threat is discovered, an assessment of its impact is performed and mitigation steps are planned and implemented by the SEP Mobile R&D team. Critical vulnerabilities are mitigated within a period of 30 days.
Protective monitoring type Supplier-defined controls
Protective monitoring approach SEP Mobile uses multiple internal and 3rd-party tools for monitoring its production environment and protecting it against potential threats or errors:
• An internal notification mechanism is in place to alert SEP Mobile's operations and support teams on different anomalies detected in production.
• New Relic analytics tool is configured to continuously monitor SEP Mobile's production environment status
• An Airbrake error reporting tool is installed on SEP Mobile's production servers and alerts on different issues detected.
• An internal production monitoring dashboard aggregates information from SEP Mobile's multiple systems.
• SEP Mobile also operates a support ticketing
Incident management type Supplier-defined controls
Incident management approach Customers will be notified by SEP Mobile team once an incident that potentially impacts them has been confirmed. As the incident investigation proceeds, customers will receive proactive updates on the nature of the incidents and its impact on them.
If an actual security breach occurs, actions will be taken. Additionally, there is a pre-defined process to handle common events. Detailed information regarding the process can be provided if it is required.

Secure development

Secure development
Approach to secure software development best practice Supplier-defined process

Public sector networks

Public sector networks
Connection to public sector networks No


Price £40.91 per device per year
Discount for educational organisations No
Free trial available Yes
Description of free trial The trial version is exactly the same as production one. The trial should be requested to Symantec sales rep.

Service documents

Return to top ↑