View device security in your Workspace ONE deployment with the Security Risk dashboard.

Navigation

Find the dashboard in the Workspace ONE Intelligence console at Dashboards > Security Risk.

Filters

Manipulate the analytics displayed on the dashboard with the filters on the default view.

The initial filter selected controls the available filters that follow. Depending on the risk you want to analyze, select between Platform, OS Version, and Device Model .

Time Filter Selected and Percentages

Select a time period for the data displayed. The time selected affects the percentages displayed beside the risk modules. For example, selecting 14 days sets the percentage to reflect a comparison between now and 14 days ago. A negative percentage indicates that a risk has decreased, and a positive percentage indicates that a risk has increased.

Risk Modules

Risks represented in the Security Risk dashboard include compromised devices, passcode risk, encryption status, and top risks.

  • Compromised Devices - This module identifies that the Workspace ONE UEM compliance engine has detected a device as compromised. The compliance engine includes a Compromised Status policy for Android, iOS, and Windows Desktop (Windows 10) devices.
  • Passcode Risk - This module identifies that the Workspace ONE UEM compliance engine has detected that the passcode is disabled on devices. The compliance engine includes a Passcode policy for Android, iOS, and Windows Desktop (Windows 10) devices.
  • Encryption Status - This module identifies that the Workspace ONE UEM compliance engine has detected that the device is not encrypted. The compliance engine includes either an Encryption or a Laptop Encryption policy for Android, iOS, macOS, and Windows Desktop (Windows 10) devices.

Modules represent risk using a number, a percentage, and an arrow.

  • Number - The number value corresponds to a risk over the selected time. The number 10 indicates that 10 risks were reported.
  • Percentage - The percentage compares the risk now to the risk earlier, depending on the time selected. It is positive or negative number that coincides with the arrow. For example, if you selected to filter data by 14 days, and got a percentage of -64% with a downward pointing arrow, your deployment decreased risks by 64% over the last 14 days.
  • Arrow - The arrow represents a comparison of the risk now to a time earlier, depending on the selected time. It can point up or down depending on the status and it coincides with the percentage. For example, if you selected to view data for the last 30 days and the arrow pointed up and had a positive percentage, your deployment increased risks over the last 30 days.

Top Risks

The top risks module shows a summation of risks that occurred during the time period selected. The number value for the top risks reflects the summation and does not directly correspond with the other modules.

The top risks are composed of the following data points collated from your Workspace ONE UEM environment.

Risk Description
Non Compliant Reports that an enrolled device is not compliant with policies.
Not on Latest Security Patch Date Reports that an enrolled Windows Desktop device is not on the latest security patch.
Activation Lock Disabled Reports that an enrolled iOS device does not have the activation lock enabled.
iCloud Backup Disabled Reports that an enrolled iOS device does not have iCloud backup enabled.
BitLocker Disabled Reports that an enrolled Windows Desktop device does not have BitLocker enabled.
Code Integrity Disabled Reports that an enrolled Windows Desktop device does not have code integrity enabled.
Boot Debugging Disabled Reports that an enrolled Windows Desktop device does not have boot debugging enabled.
Firewall Status Reports the status of the firewall for an enrolled Windows Desktop device.
Firewall Global Status Reports the status of the firewall for an enrolled macOS device.
Firmware Password Status Reports the status of the BIOS password configured in the BIOS payload for Windows Desktop devices.