Self-protecting apps and the future of mobile application management
One of the more interesting areas of mobile security right now is the future of mobile application management (MAM). Earlier this year, I had a chance to speak with Andrew Blaich, lead security analyst at Bluebox Research who introduced me to the concept of self-protecting mobile apps.
Blaich explained to me that self-protecting apps are aware of where they’re running. The apps are aware of attacks that can happen on the application, passive or active attacks. Because self-protecting apps are device and environment independent, such apps could be an interesting option for an app you are deploying to partners and customers.
There are tools that malicious actors can use to hook into mobile apps to affect the app’s behavior or to change modification patterns. A self-protecting app can detect and protect against such malicious hooking.
He also gave me the example of a company that’s deployed a mobile app out to its employees. The company still allows its employees to use rooted devices. A self-protecting app can detect if the employees are trying to tamper with the app, trying to access data residing in the app, or trying to reverse engineer the app.
An app policy can either notify the admin or clear the data from the app.
Blaich points to Bring Your Own Device (BYOD) deployments and the fact that there are lots of Android device manufacturers doing their own thing. It’s a mass proliferation of Android devices with only a few vendors following Google’s Android standards. This lack of standards make is especially challenging to secure Android devices in enterprise mobility and BYOD environments.
Jailbroken devices remain a security threat across enterprises of all sizes. People can jailbreak their devices intentionally, or it can be something they aren’t aware of when they buy a device on Craigslist or eBay.
Blaich also pointed out to me that the mass proliferation of Android devices from vendors isn’t about to stop anytime soon.
“They all just do their own thing for the most part,” he said. You can do anything you want with Android, and with iOS for that matter. It’s a fact of life that mobile security professionals have to face and adjust their security strategies accordingly.
He also mentioned that his company examined some Android mobile devices where the true vendor origins of the devices were in doubt. Blaich and his team couldn’t be sure whether a given device was actually from that vendor or not.
Blaich gave the example of a Chinese-manufactured Android device where everything looks like it’s the real device, but the software on the device has been modified in a way where it introduced malware on the system.
“You’re continually going to have this problem where the devices might get modified in line in the distribution channel,” Blaich explained.
Self-protecting apps, MAM, and the future
Change has been the only constant in the mobile threat landscape, and that’s not about to change. The self-protecting app concept that Blaich introduced to me thrives on a changing threat landscape.
While I subscribe to a platform-centric future for mobile security, self-protecting apps complement such platform-based mobile security strategy. I especially like the concept of self-protecting apps for applications that an organization distributes to partners and customers since they’ll never have control over those user devices.
Where do you see the future of mobile application management going?
Image by Thom via Unsplash.com
Will Kelly is a technical writer and analyst based in the Washington, DC area. His writing experience includes writing technology articles for CNET TechRepublic and other sites. Will’s technology interests include collaboration platforms, enterprise mobility, Bring Your Own Device (BYOD), project management applications, and big data. Follow him on Twitter: @willkelly.