Smartphones and tablets are among the most ubiquitous personal computing devices in use today. Smartphones and tablets are designed to be more mobile than laptop or desktop computers; this results in their being easier to steal and more likely to be lost. One issue that arises when a mobile device such as a smartphone or tablet is lost or stolen is whether the data contained on that mobile device is secure; i.e., whether unauthorized access to the data is being prevented.
A thief who steals a mobile device has the opportunity to run off-line, brute force attacks in an attempt to discover the authentication secrets (e.g.: PIN-codes) and encryption keys that the rightful owner of the device uses to protect the data. A mobile device's owner may not even realize that his or her device has been attacked in this way; for example, an untrustworthy coworker or family member may perform a “lunch-time-attack” by borrowing the mobile device and attacking it while borrowed.
Defending against unauthorized access of data is being complicated by companies more widely adopting Bring-Your-Own-Device (“BYOD”) policies. In particular, BYOD policies increase the complexity of device management for information technology (“IT”) departments due to the higher variety of devices that employees typically use once a company adopts a BYOD policy.
Given the foregoing, there exists a continued need to protect and secure data, and in particular data stored on mobile devices.