Configure Phishing and Content Protection
These procedures are for customers enabling Phishing and Content Protection for the first time.
- Navigate to the Protections module and click the Phishing and Content Protection tab.
- Enable the Enable Phishing and Content Protection toggle.
-
Optionally, enable Phishing and Content Protection enforcement by setting the Make Phishing and Content Protection mandatory toggle to ON.
This prevents end users from disabling the feature on their Lookout for Work app.
- Optionally, configure Allowlisted Content. Such domains will always be trusted and never be blocked.
- Optionally, configure Denylisted Content. Such domains in the Denylist will not be trusted and always enable policy action on.
- Click Save changes.
- Navigate to the Policies tab directly or by clicking the Configure content policies link.
-
Set a severity and response for the Malicious Content, Offensive Content, and Phishing Content classifications.
Available responses for these classifications are:
- Block and alert device: Lookout raises the issue in the MES SMB Console and displays a prompt on the user's device, blocking access to the site.
- Warn and alert device: Lookout raises the issue in the MES SMB Console and also displays a prompt on the user's device warning them about the site. The user can choose to proceed, or cancel.
- Don't alert device: Lookout raises the issue in the MES SMB Console, but the user does not see any prompts and proceeds to the site.
-
Choose which categories and subcategories of Unauthorized Content you wish to take action on by clicking the Settings gear and selecting one or more of the following:
- Adult Content: Sexually suggestive, explicit, or work-inappropriate content.
- Violent Content: Content that promotes or glorifies violence.
-
Criminal Content: Content that promotes or instructs on illegal activities.
Content subcategories are described here: Reference: Unauthorized Content Policy Categories immediately following this procedure.
-
Set a severity and response for the Phishing and Content Protection Disabled classification.
This classification indicates that the end user has disabled the PCP feature in their Lookout for Work app.
-
Set a severity and response for the VPN Permission Not Accepted issue types.
This classification indicates that the end user has not accepted VPN permissions, so Lookout cannot create a local VPN for PCP or On-Device Threat Remediation.
When Lookout detects malicious content (for example, a site known to distribute spyware), it either alerts the user or blocks access to the URL based on the responses you configure.