With the proliferation of mobile computing and the ability of software programs from any number of publishers to request access to remote resources, protection of those resources has become a great concern. The popularity of mobile computing has led many businesses to make software programs (commonly referred to as applications or “apps”) available for accessing enterprise data through mobile computing devices such as smartphones, tablets and other wireless devices. Additionally, downloading and installing software programs on a mobile device is relatively easy. Numerous apps are available for immediate download, for example through the Apple iTunes Store or Google Play Store.
The ability to install programs for both business and personal use means that at any given time, numerous programs may be installed on any given mobile device. From an enterprise perspective, this is alarming because an administrator of an enterprise resource (e.g., a private web server for a company) typically cannot or does not check each program that is installed on the user's device to ensure that the program is not malicious. This can be especially true if the user is not an employee of the company. Users generally have limited technical expertise and therefore cannot be expected to check the programs being installed. Thus, since the programs cannot be checked at the time of installation, a need exists for ways in which private resources are protected against unauthorized access by programs already installed on the user's device. Anti-malware and virus protection programs are employed on personal computers to protect against malicious software. However, the use of such protection programs is limited in the mobile computing context. Further, the sheer number of different apps that are available for download makes it difficult for publishers of protection programs to keep up with the latest malicious software.