As more and more of your employees are purchasing Android devices, and expecting to use them for work, are you prepared? Android is the top mobile operating system in the US, and analysts expect this won’t change anytime soon. The openness of the operating systems brings benefits and also risks, and you need to make sure your corporate data is protected.
Join Matthew Olszewski, Senior Manager, Strategic Alliances, Enterprise Mobility at Samsung, and Tyler Stone, Strategic Partner Manager at Apperian, as they show you how you can secure corporate data on Android devices in the enterprise.
2. The critical question facing mobile businesses today
How do we protect corporate data on hundreds and thousands of
mobile devices – especially if we don’t own them?
• Companies deploying apps
with sensitive and proprietary
corporate data
• > 50% of the US workforce
owns their own smartphone
• 61% of global enterprises
support use of personal
devices
Data source: Gartner;
Forrester
3. Securing apps and data – not just the device
MAM and some MDM solutions offer a variety of basic app
management capabilities, including:
• Delete remotely
• Device wipe and/or lock
• Malware inspection
But real app security requires
a more focused effort …
… encrypting and protecting data at the
app level, not the device or OS
4. Mobile app security: key comparisons
Technology Description Considerations
✓App Policies Security policies wrapped
•
or injected into compiled
•
No development or source code access required
Fine-grained policies down to individual apps & users
app • Maintains native user experience
✗ Machines
Virtual
Installation of secondary
OS on device – apps run
within this VM
•
•
•
Performance and battery hog
Separates data – doesn’t secure it
Separates & divides the native user experience
✗ Sandboxes /
Containers
•
Multiple apps run within a
•
single, secured container
•
Cannot enforce policies on individual apps & users
Separates & divides the native user experience
Multiple apps within a “Super App”
Use API's to add security
• Requires integration at the time of app development
✗
Integrated SDKs into app at development
time
•
•
Updating security policies requires development
Does not support pre-existing or developed apps
5. Apperian app policies … powered by Mocana
(a) App-Level Data Encryption
(b) App-Level VPN
(c) App-Level Passcode
(d) App-Level Copy/Paste Protection
wrapped around individual mobile apps
• Uses FIPS 140-2 certified encryption and Suite
B algorithms
• Enables:
o Separation of enterprise & personal data
o “Bring Your Own Device” to work
o Protection of enterprise data
o Native user experience
6. Apperian app policies – a deeper look
Security and
Usage Policies Capability
• Accomplished through a fully-automated technique called “App Wrapping”
• Supports managed & unmanaged devices:
o Internal employee facing apps
o Customer/Partner Apps (B2C, B2B)