Security Experts:

Mocana Extends Mobile Application Security to iOS with MAP 2.0

Mocana MAP 2.0 Helps Secure Apps Running on iOS Devices

Smart device security firm Mocana, today introduced the latest version of its solution designed to help organizations add fine-grained security and usage policies around individual mobile apps with ease.

The San Francisco-based company today introduced version 2.0 of Mobile App Protection (MAP), which adds support for Apple iOS apps to existing support for apps running the Android platform.

In addition to supporting the two largest mobile platforms, MAP 2.0 now provides mobile app management for enterprise IT and end users. The company introduced the first-generation of MAP back in October 2011.

Mobile App ProtectionMocana says that MAP 2.0 uses unique, patent-pending technology that enables enterprise IT to “wrap” new layers of security into Android or iPhone apps, without requiring app source code access, without the need to write any code, and without negatively impacting performance, battery life or app usability.

The company notes that enterprise IT administrators can add new security features to apps with little or no security built in by design.

“Our device experience has taught us that if you start from the assumption that the phone or tablet is not secure, then you make different design decisions for application-level security,” said Adrian Turner, CEO at Mocana. “Rather than focusing on the device, we believe enterprises care most about securing and having fine-grain control over their applications and the information that runs across these devices. In many cases in the mobile enterprise, the devices aren’t even under full management by the enterprise. Mocana MAP is a truly innovative software manifestation of everything we have learned in the past nine years about securing mission-critical connected systems across every smart device sector of the economy.”

Mocana is clear that its solutions are much different than Mobile Device Management (MDM) solutions being adopted by enterprises to manage mobile devices. While most MDM solutions focus on whitelisting, blacklisting or determining what users should have access to certain apps, Mocana’s MAP 2.0 is focused on securing the app itself and the data it works with. MAP does work with existing mobile management solutions to extend their reach and make them more effective.

Mocana MAP goes beyond sandboxing, SDKs, containers and hypervisor technologies to make mobile apps, what the company describes as “truly self-defending”, with fine-grained security policies for each enterprise app and their users – post development, and even with third-party apps.

In addition to adding support for iOS, Mocana MAP 2.0 now includes features to help prevent loss of sensitive data by controlling who can access enterprise apps and when they can be used, including:

• For any enterprise mobile app – iOS or Android – data-at-rest automatically can be encrypted with FIPS 140-2 level 1 security, even if the app did not originally have any security built into it.

• Enterprise IT can put any app behind its own passphrase authentication prompt, allowing access only to authorized users.

• Secure cut, copy and paste help ensure that sensitive data can be shared only within the secured app itself, and not to unsecure portions of the device.

• Individual apps can create separate app-level VPN tunnels back to their enterprise gateways, with custom levels of security for each app, providing superior and more flexible security than that provided by whole-device VPNs. MAP 2.0’s IPSec-based VPN client enables apps to connect securely to almost any VPN server on the market.

• The Mocana MAP architecture allows for the rapid addition of new policies, like those based on location and motion of the mobile device, as well as date or time of day. Thus, enterprises can enable apps only during business hours, or shut them down whenever a device is in motion or outside a specific geographical area, such as the corporate campus.

“When enterprises want to go beyond delivering simple email services to smartphones, they quickly realize that more than a mobile device security management strategy is required,” said Eric Ahlm, research director at Gartner. “Savvy organizations are realizing that securing the app and information — rather than the device — allows for deployment of more apps to more devices, especially to those devices your organization doesn’t own.”

Mocana Mobile App Protection 2.0 is generally available now. Licensing is based on a subscription or perpetual model, with the option of a per-device or per-app basis.

Subscribe to the SecurityWeek Email Briefing
view counter