Montreal security firm Digital Locksmiths CEO Wadih Elie Tannous enjoys his extra pocket space, and wants you to as well. His company is attempting to simplify the BYOD (Bring Your Own Device) market with its SMART Security Agent software, available this year for Android and Windows Phone, with iOS and BlackBerry versions coming in 2013.
SMART Security acts as a gatekeeper to a company’s most secure assets, and prevents errant malware from being distributed across a secure network. But it also allows a user to bring his existing smartphone to a new job without worrying about having it locked down once he leaves the workplace. The Agent accomplishes this by detecting new devices on its network and pushing down a security policy that the user must consent to. Once the Agent is installed, the company can not only monitor what is happening on that device, but lock it down if it threatens the greater network.
The company is planning to roll out the Security Agent to Android devices first, as they seem to be having the biggest traction through the sandbox barrier. Once installed, the Agent detects a person’s location and, if it is within the company’s secure network it will enforce the requisite policies set by security team; in some cases, no access to the camera, Facebook or music controls.
More importantly, says Tannous, is that the Agent can use remote forensic capabilities to transparently detect attacks originating from the phone. Considering Android’s less than stellar record of malware instances over the past year, this could save IT managers a lot of hassles.
The Agent is not a physical app, but something deeper, acting almost as an invisible forcefield. The best part, though, is that once a user is off the host network, and is on his or her way home, the Agent detects this and “powers down,” essentially becoming dormant until it is needed again. This way a user’s phone operates as a secure company device on the job, and a regular smartphone when off the grid. If the phone happens to pick up a bug in the ensuing hours between home time and work time, the Agent will immediately detect the incumbrance and lock it down.
Digital Locksmiths plans to move into more markets in the coming months, including Windows Phone, iOS and BlackBerry. Tannous admits there are challenges to each platform. For example, due to the sandboxed nature of iOS, it’s difficult to shut down access to specific apps like Facebook. Similar with Windows Phone, though Microsoft appears to be more lenient when it comes to installing third-party privacy profiles.
The company, which is based in Montreal, is teaming up with French service provider Orange Business Services on a pilot project for its worldwide clients. “With hundreds of thousands of applications available for personal mobile devices, each potentially introducing security problems, it is paramount that companies are able to secure any device accessing the corporate network without constraining an individual’s use of the same device for personal use,” says Tannous. “SMART Security Agent does this.”
Certainly, there are some kinks to work out — what happens if a user is running a rooted or jailbroken phone; what happens if he tries to trick the system into thinking he is at home when he is actually at work — but DL has thought ahead. There are safeguards in place to ensure a user can’t choose an incorrect location: if he chooses Home and is actually in view of the corporate WiFi network, the Agent will force him to choose the right policy.
The BYOD enterprise market is growing quickly — users are less enamoured with carrying around a second device, especially a BlackBerry — and want to bring their own smartphones to the table. Digital Locksmiths is making that happen, with an eye to privacy, security and, ultimately, pleasing both the client and the user.