THE MOBILE HELIX DATA SECURITY PLATFORM

Similar documents
VMware Horizon Workspace Security Features WHITE PAPER

Securing Office 365 with MobileIron

BEYOND AUTHENTICATION IDENTITY AND ACCESS MANAGEMENT FOR THE MODERN ENTERPRISE

GLOBALPROTECT. Key Usage Scenarios and Benefits. Remote Access VPN Provides secure access to internal and cloud-based business applications

Product Brief. Circles of Trust.

WHITE PAPER AIRWATCH SUPPORT FOR OFFICE 365

Augmenting security and management of. Office 365 with Citrix XenMobile

Mobile Security using IBM Endpoint Manager Mobile Device Management

Introduction. The Safe-T Solution

PCI DSS Compliance. White Paper Parallels Remote Application Server

Data Loss Prevention Whitepaper. When Mobile Device Management Isn t Enough. Your Device Here. Good supports hundreds of devices.

Implementing Your BYOD Mobility Strategy An IT Checklist and Guide

OpenIAM Identity and Access Manager Technical Architecture Overview

TECHNOLOGY Introduction The Difference Protection at the End Points Security made Simple

Chapter 9. Firewalls

Salesforce1 Mobile Security White Paper. Revised: April 2014

Zero Trust with Okta: A Modern Approach to Secure Access from Anywhere. How Okta enables a Zero Trust solution for our customers

Security context. Technology. Solution highlights

Microsoft 365 Security & Compliance For Small- and Mid-Sized Businesses

Phil Schwan Technical

WHITE PAPER. AirGap. The Technology That Makes Isla a Powerful Web Malware Isolation System

Make security part of your client systems refresh

Google Identity Services for work

BULLETPROOF365 SECURING YOUR IT. Bulletproof365.com

RSA Solution Brief. The RSA Solution for VMware. Key Manager RSA. RSA Solution Brief

BULLETPROOF365 SECURING YOUR IT. Bulletproof365.com

ipad in Business Security Overview

SECURE, CENTRALIZED, SIMPLE

AXIAD IDS CLOUD SOLUTION. Trusted User PKI, Trusted User Flexible Authentication & Trusted Infrastructure

WHITE PAPER. Good Mobile Intranet Technical Overview

2013 InterWorks, Page 1

SAP Security in a Hybrid World. Kiran Kola

TIBCO Cloud Integration Security Overview

Quick Heal Mobile Device Management. Available on

INCREASE APPLICATION SECURITY FOR PCI DSS VERSION 3.1 SUCCESS AKAMAI SOLUTIONS BRIEF INCREASE APPLICATION SECURITY FOR PCI DSS VERSION 3.

DreamFactory Security Guide

Integrated Access Management Solutions. Access Televentures

Security Enhancements

Zero Trust on the Endpoint. Extending the Zero Trust Model from Network to Endpoint with Advanced Endpoint Protection

Sentinet for Microsoft Azure SENTINET

Passwords Are Dead. Long Live Multi-Factor Authentication. Chris Webber, Security Strategist

BYOD: BRING YOUR OWN DEVICE.

Exam : Title : Security Solutions for Systems Engineers. Version : Demo

Authentication Methods

VMWARE HORIZON CLOUD WITH VMWARE IDENTITY MANAGER QUICK START GUIDE WHITE PAPER MARCH 2018

The SANS Institute Top 20 Critical Security Controls. Compliance Guide

Securing Today s Mobile Workforce

Progressive Authentication in ios

Nukona Policy Management

VMware AirWatch Integration with F5 Guide Enabling secure connections between mobile applications and your backend resources

RHM Presentation. Maas 360 Mobile device management

Integrating Password Management with Enterprise Single Sign-On

SECURE DATA EXCHANGE

DEFINING SECURITY FOR TODAY S CLOUD ENVIRONMENTS. Security Without Compromise

Secure IT consumeration (BYOD), users will like you How to make secure access for smart mobile devices

10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS

PCI DSS and VNC Connect

COMPUTER NETWORK SECURITY

white paper SMS Authentication: 10 Things to Know Before You Buy

Enterprise Mobility Management

Google Cloud Platform: Customer Responsibility Matrix. December 2018

ACS-3921/ Computer Security And Privacy. Chapter 9 Firewalls and Intrusion Prevention Systems

Adaptacyjny dostęp do aplikacji wszędzie i z każdego urządzenia

BlackBerry Dynamics Security White Paper. Version 1.6

Technical Overview of DirectAccess in Windows 7 and Windows Server 2008 R2. Microsoft Windows Family of Operating Systems

Administering Jive Mobile Apps for ios and Android

Cato Cloud. Software-defined and cloud-based secure enterprise network. Solution Brief

Security Policy (EN) v1.3

Mobile Security Overview Rob Greer, VP Endpoint Management and Mobility Product Management Dave Cole, Sr. Director Consumer Mobile Product Management

905M 67% of the people who use a smartphone for work and 70% of people who use a tablet for work are choosing the devices themselves

W H IT E P A P E R. Salesforce Security for the IT Executive

Cloud Access Manager Overview

Sentinet for BizTalk Server SENTINET

RSA Solution Brief. Providing Secure Access to Corporate Resources from BlackBerry. Devices. Leveraging Two-factor Authentication. RSA Solution Brief

SECURITY STORY WE NEVER SEE, TOUCH NOR HOLD YOUR DATA

Complying with PCI DSS 3.0

IBM Secure Proxy. Advanced edge security for your multienterprise. Secure your network at the edge. Highlights

Mobile Devices prioritize User Experience

Best Practices in Securing Your Customer Data in Salesforce, Force.com & Chatter

Optimizing Pulse Secure Access Suite with Pulse Secure Virtual Application Delivery Controller solution

SEPARATING WORK AND PERSONAL

Security Fundamentals for your Privileged Account Security Deployment

The Mobile Risk Management Company. Overview of Fixmo and Mobile Risk Management (MRM) Solutions

Aerohive and IntelliGO End-to-End Security for devices on your network

MEMORY AND BEHAVIORAL PROTECTION ENDPOINT SECURITY NETWORK SECURITY I ENDPOINT SECURITY I DATA SECURITY

AKAMAI CLOUD SECURITY SOLUTIONS

M2M / IoT Security. Eurotech`s Everyware IoT Security Elements Overview. Robert Andres

Pulseway Security White Paper

Mobile Data Security Essentials for Your Changing, Growing Workforce

Digital Workspace SHOWDOWN

TECHNOLOGY LEADER IN GLOBAL REAL-TIME TWO-FACTOR AUTHENTICATION

CIS Controls Measures and Metrics for Version 7

Secure access to your enterprise. Enforce risk-based conditional access in real time

SafeNet Authentication Service

ENTERPRISE MOBILITY MANAGEMENT & REMOTE ACCESS SOLUTIONS

Minfy MS Workloads Use Case

ForeScout Extended Module for VMware AirWatch MDM

ANATOMY OF AN ATTACK!

How-to Guide: Tenable Nessus for Microsoft Azure. Last Updated: April 03, 2018

Choosing a Full Disk Encryption solution. A simple first step in preparing your business for GDPR

Transcription:

SECURE ENTERPRISE HTML5 THE MOBILE HELIX DATA SECURITY PLATFORM A MOBILE HELIX WHITEPAPER

THE MOBILE HELIX DATA SECURITY PLATFORM The innovation in mobility has created an incredible opportunity to innovate in IT and the line of business. Anytime, anywhere access to data and applications has the potential to both drive revenue and reduce cost while simultaneously inspiring a more satisfied workforce. Rare opportunities like this cannot be overlooked, but at the same time mobility introduces legitimate concerns that must be resolved before companies can begin to enjoy the benefits of mobility. Chief amongst those concerns is data protection. Data protection in a mobile context refers to protection of data in transit to and from the device, protection of data at rest on the device, and protection against data loss. This paper introduces the Mobile Helix Data Security Platform, which addresses the challenge of securing corporate data in a mobile-first enterprise. Introduction Corporate IT is immersed an unstoppable march towards anytime, anywhere access to data on both personal and corporate devices. Whether your organization has invested in and embraced this transition or is still wary of it, the question is no longer if this transition will happen but rather when and how it will happen. Mobility creates a tremendous opportunity to deliver innovative applications that drive top-line and bottom-line results. Employees enjoy working on their mobile devices far more than their corporate laptops, and mobile devices are a constant companion, both inside and outside of the office. These benefits do not come without risks, though, and foremost amongst those risks is the challenge in securing corporate data in a mobile World. This challenge is composed of a few distinct parts: Mobile devices operate on a public network, and that network is inherently untrustworthy. Any data security solution over-the-air must account not only for standard network conditions, but also creative attempts to compromise the network via technical and social attacks. 1

Mobile devices are lost and stolen at a far higher pace than corporate laptops. This is due in part to one of their most essential benefits they are with an employee on both personal and company business. However, it is also due to the fact that mobile devices are often shared amongst family members and friends. Mobile devices blend personal functionality and corporate functionality in a way that IT cannot control. Unlike corporate laptops, there is no such thing as a locked down mobile device, no matter how much policy is pushed to that device. With device management solutions, IT either risks circumventing the corporate Data-Loss Prevention (DLP) infrastructure or prohibiting access to essential data to prevent such a breach. The Mobile Helix Data Security platform offers a compelling solution to these challenges and a compelling alternative to device management solutions. By focusing on protecting corporate data and creating an impermeable encryption barrier surrounding that data, both at rest and in transit, Mobile Helix protects corporate data regardless of the device operating system or device state (e.g., rooted/jailbroken, protected with a device management policy or not, etc.). In addition, the Mobile Helix Data Security Platform offers a level of policy flexibility that enables corporate IT to determine what data is available on a device based on the source of that data and the circumstances of the data access (online/offline, location, etc.). Finally, by routing all communication to and from the device through the corporate intranet infrastructure, existing DLP solutions are naturally integrated into the Mobile Helix solution ensuring that IT s investments in DLP are not rendered ineffective in a mobile World. This paper describes the Mobile Helix Data Security Platform in depth, starting with an introduction to the Link system and the Mobile Helix technology architecture, followed by a deep dive into the technology underlying the Data Security Platform. Link System Overview The Mobile Helix Link system consists of four components: The Link Gateway, which is a reverse proxy that is the central entry point to the enterprise network. The Gateway controls and optimizes traffic between the external, public Internet and the private, corporate Intranet. The Gateway is deployed in the DMZ in an on-premises deployment, and a large-scale deployment will have many gateways for redundancy and load balancing. The Link Controller is the system management console. The Controller manages all users, all devices, and all apps available on a mobile device via the Link system. The 2

Controller integrates with Active Directory (AD) or LDAP to import users and groups, and the Controller manages authentication via AD, LDAP, or any SAML-based single sign-on solution. The Controller uses a role-based security and policy architecture to enable IT administrators to set flexible device, applications, and data policies from a central console. The Controller also monitors the Link system and collects audit data and analytics in a central database. The Link Application Server hosts Mobile Helix's pure HTML5 apps. Each app is built using the Link HTML5 SDK and is hosted in a standard Java EE container. Examples of Link apps include Link Content Share and Link E-mail. Enterprises can host their own HTML5 apps built with or without the Link HTML5 SDK and legacy web applications available for mobile access using existing web server, application server, or portal infrastructure. The Link Application Servers are firewall protected and integrate with standard HTTPS load balancers. THE MOBILE HELIX LINK SYSTEM CONSISTS OF 4 COMPONENTS: 1. Link Gateway 2. Link Controller 3. Link Application Server 4. Link Container The Link Container runs on mobile devices and ensures secure access to corporate assets by encrypting data at rest and in motion. The Container includes browser technology supporting critical HTML5 features including offline storage and video. In addition, the Container is enhanced with Apache Cordova (formerly PhoneGap) to enable browser access to device features that are not available across platforms via the HTML5 standard. Link may be deployed fully on-premises or in a hybrid deployment with selected components in the Cloud. In a cloud deployment, the Link cloud can either integrate with existing VPN infrastructure to access the corporate network or it can use a relay architecture to transmit encrypted data via a persistent, outbound connection from the corporate network to the cloud for routing to the mobile device. Mobile Helix Technology Architecture Overview The Mobile Helix technology architecture shown above outlines how different technology platforms, implemented across the Link system components described in the previous section, work together to enable the development and delivery of pure HTML5 apps, to protect corporate data, and to apply policies to the Link system. The Mobile Helix technology architecture includes: The Link HTML5 SDK, which is a fully standards-compliant HTML5 SDK for creating rich mobile apps that are intuitive, cross platform, and, when integrated with the Link system, transparently secured. 3

The Mobile Helix Secure Delivery Platform, which ensures end-to-end secure delivery of pure HTML5 1 mobile apps, enterprise web applications, and enterprise content and data., which ensures that data is uniformly protected at rest on all supported devices and enables granular policy and rolebased control of enterprise data stored on mobile devices. The Mobile Helix Administration Platform, which enables IT to manage and provision users and endpoints accessing the Link system, track and audit data delivered to mobile devices, provision pure HTML5 mobile apps and enterprise web applications for mobile access, and monitor the Link system. Figure 1: The Mobile Helix Technology Architecture This paper describes the unique capabilities and design of the Mobile Helix Data Security Platform. Mobile Helix Data Security Platform Introduction describes a series of integrated technologies across each component of the Link system whose role is to protect corporate data and to implement secure policies governing that data. The Data Security Platform particularly focuses on the most real and present threats to sensitive corporate data that is available 1 Pure HTML5 apps are fully standards-compliant HTML5/CSS3/JavaScript apps delivered by standard Web servers, app servers, or portal servers via HTTPS. Pure HTML5 means 100% open, standards-based, and cross-platform mobile app development integrated transparently into a secured, containerized browser that operates across all of the major mobile platforms. 4

on a mobile device. We begin by describing those threats. In light of those threats, we then describe how data is secured over-the-air, how data is secured at rest, and how data policies govern the availability and lifetime of data: Figure 2: Threats to Corporate Data Mobile Helix s Data Security Platform and key management protocols adhere to a handful of important principals based on the types of threats a corporation must defend against. There are four major threat categories accounted for in Link s architecture: Data attacks over-the-air, which consist primarily of transparent proxies designed to fool an application into routing https traffic through a proxy that decrypts that traffic before forwarding it to the intended destination. Malware-born attacks against corporate data at rest on the device. These attacks use social engineering, browser vulnerabilities, or other application vulnerabilities to inject code rogue code into a device and steal data that is at rest on that device. These attacks are increasingly sophisticated in their targeting, but they are limited by the fact that they must be automated. They may be launched directly against the device or against a desktop computer with the intent to propagate to the device via itunes or a USB connection to that device. Espionage via a lost or stolen device. In this case, a sophisticated attacker can devote an extended period of time to attack a device. During the initial period of attack, the device owner may not yet realize the device is lost or stolen. After a certain period of time, IT will have deleted the device and issued a remote wipe. The device must be kept offline by the attacker to avoid the wipe command. The final major category of threat is an insider attack. While an insider is still employed and in good standing this attack category is an independent threat. 5

Once the rogue employee is identified as such, an insider attack is no different than an act of espionage targeting a stolen device. To protect against these attacks, the Mobile Helix Data Security Platform adheres to a few essential principals, each of which is explored in further detail below: All data must be encrypted, in transit and at rest, and all encryption keys must be generated from strong credentials. All sessions must be authenticated with strong credentials, and IT must be able to implement secure session management policies. All communications must be verified, end-to-end, precluding the possibility of unauthorized proxy access along the way. IT must have the tools available to implement the principle of least privilege. Data should be available to mobile employees who have a legitimate business case for using that data on a mobile device, and it should only be available under the circumstances (online/offline, location) justified by that business case. All encryption technology is implemented independent of the underlying device platform, ensuring that attacks against the device OS runtime do not impact the Data Security Platform. Data Encryption Fundamental to any data security strategy are the encryption algorithm and the associated key management architecture. Mobile Helix utilizes AES-256 encryption to protect all data at rest, and SSL with 2048-bit RSA keys to protect all data in motion. Once encrypted, data is protected using state-of-the-art algorithms that are infeasible to compromise. However, data protection is only as good as the associated key, and it is Mobile Helix s key management architecture that ensures that sensitive corporate data is safe. Mobile Helix generates all encryption keys from strong credentials. Strong credentials are very expensive to guess via an automated attack, and they are secrets that users are trained to protect from unauthorized disclosure. As discussed in the next section, IT already manages such a strong credential (a user s Active Directory or LDAP username and password), with the associated data security and education to protect that credential. Hence, by default, all Mobile Helix sessions are initiated with the user s corporate credentials. 6

Once a session is authenticated, Mobile Helix adds an additional layer of data protection and policy flexibility with the Data Security Platform s unique key hierarchy. The Data Security Platform uses four different types of keys to protect data during a session: The online-only key is generated from a 32 byte, secure, random string that is encrypted and stored in the Mobile Helix Controller. This key cannot be generated from any secret that an employee knows. The reason for this protection is to ensure that even insiders cannot compromise data marked online-only by policy once access to the corporate network is revoked. The offline persistent key is generated from a user s active directory credentials and, optionally, an additional pincode credential. This offline persistent key is used to protect data that should be persistent online indefinitely (as defined by policy) and to protect offline transient keys (described next). The offline transient keys are used to protect data on the device that has a limited lifetime, as specified by IT policies applied to the user, the user s device, or the application that is the source or the data. Data policies are described in further detail below. As offline transient keys expire, the key and all data encrypted with that key are deleted from the device. The session key is a 32 byte, randomly generated encryption key that is only used for the lifetime of the current session. All session-specific data is encrypted with this key, and all session data along with the key is destroyed when the session expires or the session is terminated via the Link Controller. Encryption keys are only stored in transient memory on the device, and they are explicitly cleared from memory when the application terminates or when a session ends. Using this combination of keys, the Mobile Helix Data Security Platform ensures that (a) data is protected from all other applications on the device, even if the device is compromised, and (b) IT has the flexibility to define policies that govern when data can be consumed, by whom, and how often a user must re-authenticate in an online session to preserve data on the device. Authentication and Authorization The best and first line of defense against any attack is a good password. IT has invested a significant amount of time, training, and technology in ensuring that corporate credentials (i.e., users LDAP or Active Directory credentials) are strong. It is essential to leverage that same credential for authentication on the device to ensure that when each online session is initiated it begins with an effective authentication event. 7

By integrating with an organization s existing authentication and SSO infrastructure, Mobile Helix extends the enterprise s existing investment in strong authentication to the mobile realm. In addition, because Mobile Helix integrates directly with the existing corporate intranet infrastructure, all authorization policies that apply to existing servers and services are seamlessly extended to mobile access. While IT can place more restrictive policies on mobile data access, Mobile Helix does not allow a user to access any more data than she could access from her laptop at her desk. When a device is offline, any offline sessions must be authenticated without involving the corporate infrastructure. Mobile Helix uses the bcrypt hash algorithm to safely hash credentials and store them for offline comparison. IT may have a policy that corporate credentials should never be cached on a personal device. In this case or when a second authentication factor is desired, Link allows IT to require users to create an offline pincode, which is a strong credential used exclusively for offline access. IT can set a policy to ensure the pincode is of sufficient length and complexity to properly protect the device. Link synchronizes a user s offline pincode across devices on each online authentication, hence IT can enforce pincode expiration policies for offline pincodes without deleting a user s offline data, and users can define a single offline pincode of sufficient strength rather than using simpler pincodes per device to make it easier to remember them. Once a user is authenticated via corporate systems, the Mobile Helix Controller applies an additional layer of authorization and policy to that user s session. These additional policies are determined based on the device s location, the specific device, and the user s role. The data protection policies available in Link are described further below. Session Management Mobile Helix provides a flexible policy infrastructure for implementing session management policies that apply to online and offline sessions. Session management policies govern how long a session is active and under what circumstances a user must re-authenticate. IT can create separate session management policies that control: How long a user session persists when the session is initiated via an online authentication How long a user session persists when the session is initiated via an offline authentication What credentials are used to protect offline sessions (corporate password/separate offline pincode/both) The composition of offline pincodes and how often they expire 8

What circumstances trigger re-authentication With these policy options IT can flexibly balance user experience with security, making context-aware decisions regarding how a user authenticates and how often that user must re-authenticate. Protecting the Integrity of Communications to the Mobile Helix Gateway SSL-based encryption is effective for over-the-air communications because it ensures that data is protected against common network-born attacks, such as man-in-the-middle and replay attacks. However, without proper care, SSL-based communication is vulnerable to transparent proxy attacks. This category of attacks refers to placing a proxy server in between the device and the intended destination of its communications. Such a proxy could quietly establish a secured SSL session with the device and the destination, while inserting itself in the middle and decrypting data that it receives from the device. The most common way to implement such an attack is by deploying a rogue wireless access point, then using a social attack to convince a user to install the proxy for communication via the rogue access point. Preventing such attacks is simply a matter of verifying that validity of the destination of all SSL communications before sending any data. Mobile Helix does so by ensuring that all Mobile Helix Gateways and the Mobile Helix Controller must be installed with certificates that are either signed by an enterprise s own certificate authority or by Mobile Helix. The Mobile Helix Container verifies these certificates prior to any communications to the corporate infrastructure. Implementing Data Policies divides data into 3 categories online data, offline persistent data, and offline transient data. IT uses role-based policies to segregate data from each application into one of the 3 categories. Online data is only accessible during an online session, which begins with an authentication request to the Link Controller and continues as long as the session has not expired and the device is online. Offline data is accessible both during an online session and during an offline session. Offline sessions begin with a local authentication on the device, either using the user s corporate credentials or the user s offline pincode as described above. Offline data is further segregated into two categories offline persistent data, and offline transient data. Offline persistent data is available indefinitely on the device, although it may be deleted from the device if the local cache storage quota is exceeded or the device is wiped remotely (for a further discussion of application-specific offline data, see the paper entitled Link Offline Data Architecture. ). Offline transient data is available for 9

a specified period of time on the device. If that data is not refreshed during an online session prior to the expiration, then the data is automatically deleted from the device. IT has the option to specify that all offline data is transient. Data policies may be attached to user groups (via a role-based scheme), devices or applications. During any given session, the most restrictive intersection of these policies is determined based on the user s device, the user s role, and the application that is providing the data. Policies may be further refined to only apply when the user authenticates from certain locations, allowing context aware policy definitions. Once data is categorized via policy, it is protected at rest according to the categorized encryption keys described above. Remote Data Wipe The Link Controller enables IT to issue a remote wipe command to any single device or to all devices owned by a single user in order to delete the data stored in the Link Container. This command does not impact a user s personal data in any way it will only wipe corporate data from the device. This remote wipe command is delivered as a push notification to the device, and the push notification is re-sent until the device is confirmed as wiped or IT chooses to stop the wipe command. Once a device or user is deleted, all online access to the Link system is instantly revoked for that device or user respectively. Protecting the Link Container In the event that a device is compromised via a malware that jailbreaks or roots the device, that malware can subsequently disable all attempts to detect compromised devices (via a device management technology) and it can attempt to compromise the device OS es runtime system to interfere with encryption. Both ios and Android use runtime systems (for Objective-C and Java respectively) that create a single point of failure for compromising the runtime system. While this category of attack requires sophisticated technology to implement, it is devastating in its effect if successful. To protect against this category of attack, all Link encryption algorithms and APIs are implemented directly in the Link Container, without reference to or usage of the underlying device runtime. This design decision ensures that no automated attacks against the device OS will succeed in compromising Link and it ensures a uniform level of data protection across all supported platforms, regardless of the particular device OS. In addition, by using static linking, inlining, and other obfuscation techniques to create the Link binaries, Link further ensures that compromising the Link Container requires extended, direct contact with a device by an expert hacker and cannot be launched via automated malware. While no application is safe from a sophisticated, determined hacker with a debugger and a compromised device, we apply the industry s best techniques to protect the Link Container binaries from compromise. 10

Data Loss Prevention (DLP) Fundamental to any data protection strategy is a DLP solution. IT uses DLP solutions to filter e-mail content and web traffic and ensure that sensitive data is not leaked outside the enterprise in e-mails, e-mail attachments, webmail, web storage services, or other websites. Link is designed to extend existing DLP infrastructure to the mobile device by: Routing all outbound e-mail sent with the Link Email solution through the existing mail infrastructure Supporting the existing corporate proxy infrastructure in the Link Gateway with PAC support All traffic sent to the Link Gateway is, if configured to do so, routed to existing proxy infrastructure to ensure that the mobile device is not an escape route for sensitive corporate data. Conclusion In an app-first enterprise, the mobile data protection strategy should be the strongest link in the enterprise s data security strategy. is designed to protect sensitive data from today s most advanced threats. Whether it is espionage, insider attacks, or malware that are most threatening to your business, Mobile Helix applies the industry s best technology to keep sensitive data safe. By integrating with the investments IT has already made in data protection, Mobile Helix also extends the enterprise s existing security infrastructure and best practices to the mobile endpoint. Mobile Helix employs state-of-the-art techniques in encryption and in the implementation of each component of Link, ensuring that Link offers the industry s most comprehensive approach to protecting sensitive corporate data. With Mobile Helix, you can be assured that your corporate data is safe. 11

About Mobile Helix Link Mobile Helix is an enterprise application and data security platform provider focused on enabling unrestricted enterprise productivity. We are redefining endpoint computing by evolving and extending existing IT infrastructure and standards rather than reinventing them. At our core are three fundamental principles that are at the center of everything that we do: 1) we are applicationand data-centric we embrace the blurring lines between phones, tablets and laptops, permitting IT to relinquish control of the endpoint device entirely and embrace a bring-your-own-anything policy; 2) we provide unmatched yet unobtrusive security for sensitive corporate data by intelligently securing the data rather than the devices; and 3) simplicity is embedded into the DNA of our products, our designs and our communications. Our solution, Mobile Helix Link, is the industry s first pure HTML5 platform that combines unparalleled data security, a unique HTML5 application development and delivery platform, and breakthrough patent-pending performance enhancement technology. To learn more about Mobile Helix Link please visit us at. MOBILE HELIX INC. Mobile Helix Inc. 1140 Avenue of the Americas, 9th Floor New York, NY. 10036 USA +1.646.801.3650 phone contact@mobilehelix.com

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback