The world is becoming increasingly dependent on mobile devices for business uses. People are now able to view not only websites, but documents, spreadsheets, PDFs and other files or information, using a smartphone, tablet, PDA or other mobile computing devices.
With this increased ability to access information from mobile computing devices, there is also a risk that information may be accessed by someone using a mobile computing device without the knowledge or authorization by the enterprise. For example, a person who is authorized to access sensitive information may lose a smartphone, have a tablet stolen, or otherwise not have possession of his/her mobile computing device. Or, an unscrupulous employee may want to access the system for information to sell to another enterprise. Other scenarios are possible in which a user or a mobile computing device associated with a user may be used to try to gain unauthorized access to information stored in a server, system or infrastructure associated with an enterprise.
To prevent unauthorized access to servers or systems containing sensitive information, an enterprise will usually implement some form of authentication. Commonly, a user wanting access to a server enters a username and a password. However, this system has limitations. For example, a username or password may be given to another person, written down on a piece of paper and then be discovered by someone else, guessed, or otherwise be compromised.