1. Field of the Art
Generally, the present application relates to data processing. Specifically, the application relates to systems, methods, and machine-readable media for providing security services to software applications on mobile and other devices, including authentication, authorization, auditing, single sign on, security policy enforcement, key management and distribution, secure communication, secure data storage, and secure data sharing, among others.
2. Discussion of the Related Art
Convenient access to enterprise resources on a mobile device is a recurring problem. Once a mobile device management (MDM) solution is installed on a mobile device, just about everything on the mobile device becomes enterprise data. This can be sub-optimal if a user of the mobile device wishes to use it for non-enterprise purposes.
Applications, or “apps” as they are sometimes referred to, are updated and revised frequently. It is not uncommon for an email application to be subject to an update patch every few months. Mobile devices and other computing devices often have many apps, each of which is updated frequently. This can make securing the mobile device from hackers difficult because a computing device is generally only as secure as its weakest link. If one application suffers from a security anomaly, potentially all of the data on the device may be compromised.
Because of these security vulnerabilities, many companies do not allow access by employees' own devices, commonly called bring-your-own-device (BYOD) access, to their corporate networks. Unless the employees consent to the MDM solution described above, which locks down everything on the user's device, corporations have not embraced a BYOD philosophy. An alternative is for employers to provide electronic devices to employees for enterprise access; however, this is costly and requires infrastructure to update.
Better security, flexibility, and integration of apps on mobile devices is needed.