Mocana server analyzes apps, adds security features Mocana will offer its “injectable” app security features for existing and new enterprise iOS apps as well as for Android. Developers don’t need to access the source code or write new code to protect mobile apps.Mocana’s Mobile App Protection 2.0 automatically analyzes an app, and lets IT groups choose up to four key security policies to add to it: automatic data encryption, passphrase authentication, secure cut-copy-paste to prevent data being moved outside of the app, and a per-app VPN tunnel. MAP 1.0 was released for Android in November 2011; the 2.0 release now works with iOS apps.MORE: Android phones will keep getting exploited, researchers say“We assume the underlying device is corrupted and we assume that the enterprise does not have control over the device,” says Adrian Turner, CEO for Mocana, based in San Francisco. The combination of the four protections reflect this: They can protect the data on the device, protect it in transit between the device and the enterprise, limit access to authorized users, and block users from moving the data into unsecured documents, storage, emails or IM sessions. The Mocana server decompiles the app’s binary image, and analyzes its structure, including the I/O and information flows. The company specifically targets custom iOS and Android apps developed by or for a given enterprise, according to Turner. Via a Web-based portal, an IT staffer selects from the available security features to add to the app, and the Mocana server generates and inserts the necessary code automatically.“We have a [patent-pending] code analysis capability,” Turner says. “We can decipher how the app works independent of the underlying logic. We focus on how the app interacts with the network, for example, abstracted from the application’s business logic. Then, we can inject code into the right places where it doesn’t affect the app.” For encryption, Mocana relies on FIPS 140-2 certified encryption and Suite B algorithms; its digital certificate/public key infrastructure combines standards-based and proprietary technology, optimized for mobile apps; and it can set up individual apps with a VPN client for secure communications with an array of VPN termination products.Mocana’s approach dramatically simplifies what otherwise is a major development burden. Typically, developers have to use a set of APIs, and make sure they implement security correctly for each app. An alternative approach is to sandbox the app and its components, but Turner argues this doesn’t give developers fine-grained control over specific security features for an app.A third alternative is to create a virtual machine on a device and run a separate OS for the enterprise mobile apps. “But the second OS is not secure just by being separate,” says Turner.By contrast, Mocana’s server and injected code can add specific security features to each app. According to the vendor, four of the top five Android tablets license the company’s technology.Mocana’s software is deployed in partnership with software vendors that sell enterprise app store and mobile device management (MDM) applications. An IT administrator creates the Mocana app security policies using the MDM console, then loads a completed enterprise app into the Mocana MAP server, along with the policy file. The server adds in the security features and the app is transferred to the corporate app store (or to Mocana’s own App Catalog). There can be different versions of the same app, with different security policies depending on the user, their job function and so on. The apps are download and installed as they usually are.Mocana 2.0 is available now as part of an early adopter program. General release is scheduled for June 1. The software is available via enterprise app store vendors and mobile device management vendors, so pricing can vary. These vendors typically offer a yearly, per-device subscription, that’s heavily discounted at higher volumes, according to Turner. John Cox covers wireless networking and mobile computing for Network World. : https://twitter.com/johnwcoxnww john_cox@nww.com http://www.networkworld.com/community/blog/2989/feedTwitterEmail: Blog RSS feed: Related content news analysis Cisco joins $10M funding round for Aviz Networks' enterprise SONiC drive Investment news follows a partnership between the vendors aimed at delivering an enterprise-grade SONiC offering for customers interested in the open-source network operating system. By Michael Cooney Dec 01, 2023 3 mins Network Management Software Industry Networking news Cisco CCNA and AWS cloud networking rank among highest paying IT certifications Cloud expertise and security know-how remain critical in building today’s networks, and these skills pay top dollar, according to Skillsoft’s annual ranking of the most valuable IT certifications. Demand for talent continues to outweigh s By Denise Dubie Nov 30, 2023 7 mins Certifications Network Security Networking news Mainframe modernization gets a boost from Kyndryl, AWS collaboration Kyndryl and AWS have expanded their partnership to help enterprise customers simplify and accelerate their mainframe modernization initiatives. By Michael Cooney Nov 30, 2023 4 mins Mainframes Cloud Computing Data Center news AWS and Nvidia partner on Project Ceiba, a GPU-powered AI supercomputer The companies are extending their AI partnership, and one key initiative is a supercomputer that will be integrated with AWS services and used by Nvidia’s own R&D teams. By Andy Patrizio Nov 30, 2023 3 mins CPUs and Processors Generative AI Supercomputers Podcasts Videos Resources Events NEWSLETTERS Newsletter Promo Module Test Description for newsletter promo module. Please enter a valid email address Subscribe