Devices such as, smart phones, laptops, tablets and/or netbooks may communicate with other devices through enterprise servers and/or the Internet. As the devices are mobile, they are constantly moved from one location to another. At each location, a security policy may be determined for the mobile device or endpoint. A mobile device may set a security policy based on a determination of whether a particular location is secure.
Currently, mobile devices use endpoint security software to determine the security level of the mobile device in a location. The mobile device may extract environmental factors or attributes such as an internet protocol address and/or a domain name server, to determine an appropriate security policy. However, the security software that is running on the mobile devices may be spoofed to trick a mobile device into determining that a location is secure when the mobile device is actually located in a non-secure location. This lying endpoint problem results in the mobile device having a lower security policy then what it should have in a non-secure location and leaves the mobile device open to various threats and attacks.
In addition to the endpoint spoofing problem, there is also a lack of standardization in location checking and information received by the mobile devices. Each security software independent service vendor implements their own methods and therefore, it is impossible to keep the same level of security with various mobile devices. This results in an inconsistent security policy which leaves a mobile device open to threats and/or attacks. It is with respect to these and other considerations that the present improvements have been needed.