Mobile Security Software with Cloud Management
We might almost take the discussion for endpoint security software assessed in Chapter 9 and apply it more or less completely to mobile software. Many of the security problems are analogous. The software has to provide protections, whether it’s connected to a network or not. On the other hand, configuration and management are delivered over the network when the device is connected. In order to examine yet another architectural pattern, this example mobile security product will make use of cloud-based management software and a Software as a Service (SaaS) “reputation” service. Just for clarity, for many real-world mobility protection product implementations, the customers may deploy their own management servers, which is exactly analogous to the problems we examined for the management console of the endpoint security system. In this example, we will not take up issues related to management from a cloud-based service.
Basic Mobile Security Architecture
Figure 10.1 presents the architecture for a hypothetical mobile security protection system. Many of the components are the same in the two endpoint security architectures. Incoming and outbound communications have to be established and maintained. An engine must process system events and examine possibly malicious data items. The engine has to respond to these with protective actions while, at the same time, raising alerts to the user of the device and, perhaps, outbound to the management components. These functions will likely be relatively familiar to you, by now?
Figure 10.1 Mobile security software.
Once again, as noted previously, the processing engine must be able to examine a gamut of different file types and formats. Everything that was stated earlier about endpoint security applies just as well in this situation.
-  If you have doubts, please re-read Chapter 9’s endpoint security analysis.