Secure Mobile Apps: An Innovative Approach

By - July 31, 2013

spydrsafe

 

 

 

 

 


SpydrSafe Mobile Security

Recently I was introduced to a company called SpydrSafe Mobile Security.  SpydrSafe is a technology startup based in McLean, VA. They have an innovative new product that allows organizations to easily secure any app – native, commercial, “in-house”, web or web running on a mobile device without any modifications to the OS or the apps.

Securing mobile apps from any vendor 

Most organizations struggle with how to secure personal BYOD devices in their environment.  Organizations want to be able to control the corporate data on the devices, but they don’t want to have to overly lock down the device or create or create complex policies to handle each scenario.

Imagine the following scenario:  An organization wants to prevent a mobile user from looking at corporate information on one native app and then sharing it to another native app on their phone that is outside of corporate control.

Many organizations have used containerized solutions like Good Technology (www.good.com) that confine the end-user to one application to access secure information and prevents them from exporting any of the data.  This solution is very effective in limiting the leakage of information, but at the expense of the end user not being able to use the apps that they want to review and view the information.

SpydrSafe Security Manager™ is a SaaS (Security-as-a-Service), cloud-based security management console used by IT administrators to add and enroll new users, assign users to groups, assign policies, and access audit and reporting information.

It enables the organization to pick and choose which apps it wants to secure, and provides granular control on whether those apps allow screen shots, copy & paste functionality, or the ability to share over local networks.

Spydrsafe allows an organization to create policies that either whitelist or blacklist applications.  On a corporate issued device in which you don’t want any other applications installed other than the corporate device, Spyrdrsafe can whitelist those apps to be the only apps that are allowed to run.  Conversely Spydrsafe can blacklist apps and not allow them to be run.

So back to our scenario, if there was a confidential email that was sent and the organization wanted to prevent that user from passing it to Dropbox.  The mobile policy would be able to protect the email native app and prevent it from sharing it to Dropbox.  If the company did not want to allow Dropbox to be run on the device they could actually blacklist the Dropbox app to prevent it from launching. 

SpydrSafe Data Loss Prevention (DLP) Features 

 spydrsafehowdoesitwork

How does it work?

The process is quite easy to setup. 

  1.  An administrator simply signs up for an account
  2. The admin creates the mobile policy
  3. The admin sends out an email to end users to enroll in the policy
  4. The end users first install the SpydrSafe agent on their mobile device
  5. Receive the policy, and accept it on their device

Once that is in place the user device is protected based upon the policy’s that are in place.  If a user clicks on a SpydrSafe protected app they will be prompted to enter a password to give them access to the apps.

All other apps that end users may have on their devices continue to run and operate as usual.

How much does it cost?

SpydrSafe offers a subscription model which is priced starting at $5/device per month.  They have various pricing levels dependent on the number of devices that you enroll in this service.

Conclusion

What I liked most about SpydrSafe is the ease in which an environment could be provisioned.  I simulated creating a new company and enrolling the devices.  It took less than 30 minutes to get everything provisioned and installed on the devices.

I think it is a very interesting concept in providing native mobile app security, and it could be an affordable BYOD solution for many organizations.

For more information on mobile security within your organization, contact McGladrey’s technology consulting professionals at 800.274.3978 or email us.

By: Soren Burkhart, National Leader – Mobility Services, Technology Consulting Leader – Southeast Region

Receive Posts by Email

Subscribe and receive notifications of new posts by email.