With the ever-growing popularity and versatility of mobile devices (e.g., smartphones, tablets, and more), mobile devices are no longer only used for a single purpose, such as business or personal use. Mobile devices are widely used in both ways by individual users and often include native applications (e.g., stored on the mobile device) that extend desktop application and web application functionality to the mobile device suitable for access and interaction via the mobile device. What this means is that mobile devices often include both enterprise or business-focused applications (e.g., database, web development, and financial applications) and personal use applications (e.g., social networking, gaming, and entertainment applications). Moreover, sometimes the same application (e.g., Facebook™ or Twitter™) will have both a business account and a personal account on a given mobile device.
The rise in popularity of mobile devices, and the multiple uses of such devices, has also led to an increase in security threats for mobile devices. Sensitive business and personal data is often stored on, or accessible via, mobile devices. Attempts to improperly access or use this data have been on the rise. Moreover, because many modern businesses integrate mobile enterprise applications with their internal corporate networks, or their cloud computing networks, improper access to a mobile device can lead to significant threats to an organization's sensitive data. In these situations, where the sensitive data being accessed may be stored remote from the mobile device, the mobile application itself that is being used to access the sensitive data is native, e.g. stored and run on the mobile device, thus making the mobile device itself a vulnerability.
Attacks may arise from features of mobile devices that are common to all computer-based equipment, such as credential theft, phishing, keystroke logging, etc. But many attacks focus on features unique to mobile devices, such as SMS and MMS messaging, mobile WiFi capabilities, local mesh networking, mobile-based social network features, geographic location-based features, and cellular capabilities. Further attacks exploit features of mobile device web browsers and operating systems, which differ from desktop and laptop browsers and operating systems.
Some technologies currently make enterprise or other web applications accessible remotely (e.g., outside of a proprietary network) to desktop users. These remote access techniques allow users to connect to a remote computer and provide a virtual or remote desktop to the user. For some technologies, instead of presenting remote application functionality to the user in the desktop of the Remote Desktop Session Host server, a remote access program may be integrated with the client's desktop. Nevertheless, technologies of this type involve remote connections and interaction with a computer system (typically a PC), where operating system fragmentation and configuration changes, proprietary software and firmware, and software and firmware updates and changes work seamlessly in heterogeneous (i.e., stable and known) environments and platforms. In these environments and platforms, technical challenges that arise in a mobile device environment, such as network connectivity (e.g., Internet or cellular connectivity) and capability (e.g., performance, transmission rates, bandwidth, latency, etc.) are not usually problematic issues. In a mobile device environment, where mobile devices may have limited cellular and WiFi connections, and connections may experience significant latency, these issues can be critical, and thus remote desktop functionality may not be practicable in some mobile device environments.
Thus, there is a need for technological solutions for securely providing mobile device users with access to enterprise applications or other mobile applications used for creating or accessing business information or otherwise sensitive information. As mobile device users increasingly need to access sensitive data stored on corporate networks, or in cloud networks, access to this data should be controlled so that improper access to a mobile device does not compromise such sensitive data. These solutions should further account for the unique characteristics of the mobile device environment, and present minimal degradation to the user experience (e.g., changes in latency, visual displays, etc.). Further, it would be advantageous to enable organizations to control and audit use of mobile devices that access their sensitive data or other network resources.