With companies these days justifiably concerned about the security of the mobile devices provided to their workforce, many workers find themselves carrying around two mobile phones - one for personal use and another for business. Sure, mobile phones aren't the huge pocket-stretching devices they once were but for the sake of convenience, one is most definitely better than two. Now researchers at Fraunhofer have developed software that allows the creation of two virtual smartphones in a single device, providing security for companies while letting workers install their own apps.
To create the new security solution for Android smartphones, called BizzTrust for Android, Fraunhofer security experts modified the Android operating system to separate private and business applications on a phone. With two protected areas for data and apps, the software is able to identify whether content belongs to a business or a private application and stores it separately in the appropriate partition while controlling access to the data.
This allows users to install all the potentially dangerous apps they like on the personal partition, while protecting access to business apps and data stored on the other partition. Even if attackers manage to infiltrate an unsecured app, they cannot use it to access company data, and the impact of the attack is confined to the private data on the smartphone.
Users are able to switch between work and home functions with two clicks of the touchscreen while a color symbol lets users know whether they're in the business (red) or personal (green) area.
The software allows a company to decide which applications are cleared for business use, and who has access to which parts of the company IT. Before logging into the company network via a secure VPN link, the phone's software is checked and access can be blocked to critical applications and data can be blocked if modifications are detected. With company rules on access likely to change over time, the system also lets the business applications be updated or deleted as needed when the user logs into the company network.
The Fraunhofer researchers say to provide additional security, the next step is to equip smartphones with integrated smartcards. In the meantime, they're looking to develop tools to permit IT administrators to establish a secure link with company mobile devices for wireless synchronization and backup of data or to delete data if the device is stolen.
The BizzTrust for Android software developed by Fraunhofer researchers is on show at the IT-SA trade show running at the Nuremberg Exhibition Centre in Germany until October 13.