Armor5 provides secure access to enterprise applications from any device. Our patented web virtualization technology protects both your corporate data and your devices.
Corporate data is protected by ensuring that it is never stored or leaked on your device. Your device is protected by dramatically reducing the attack surface of your device, preventing drive-by malware attacks and malicious javascript from accessing confidential personal or corporate data on your device.
All your web traffic goes through strictly enforced SSL connections, even when your web site is not protected. This ensures that it’s safe to browse your corporate intranet from your local coffee shop.
Protecting Data
Armor5 protects your data by ensuring that it is never stored or leaked on your device. This is accomplished by sanitizing all web content in our cloud-based web virtualizer before it ever hits your device. Rather than allowing web pages to be downloaded and cached on the local device, we instead deliver our client-based application to your device’s browser. This application retrieves page content from our web virtualizer over a secure web socket connection, then builds page content on the fly in the browser’s memory. We call this DOM (Document Object Model) mirroring. It keeps corporate data from ever touching your hard disk or flash memory.
The sanitizing process looks at all content on the page. Links are rewritten to ensure that all traffic goes through our security layer. Nothing that shouldn’t be downloaded is downloaded. Common formats such as PDF and Microsoft Office are seamlessly displayed by converting these to HTML5 and passing the content over the secure socket connection. The DOM mirroring process injects this generated HTML5 markup into to your browser’s display without requring local storage of the file. We also automatically watermark all documents with your username, the date and a confidentiality notice. When you are done viewing the document, poof it is gone without a trace.
Contrast this with the usual way of viewing a Word file. You must download the Word document first, resulting in it being stored on your local drive. You would then use an external application to view the document. At this point, if you lose your device, you’ve also lost the document.
Our approach of not allowing the data to touch the device is the only way to go. The U.S. Alcohol and Tobacco Tax and Trade Bureau (TTB) has come to this same conclusion, as have others. The TTB’s CIO, Robert Hughes wrote:
“The primary TTB BYOD lesson learned is to avoid allowing data to touch the personal device. Having all data, settings and processing in a central location and using the BYOD device simply as a viewer significantly simplifies the legal and policy implications.”
Protecting the Device
By sanitizing content before it is downloaded to your browser we also protect the device. Using external applications to view documents and other files expands your device’s attack surface. By converting PDF and Word files to HTML5 we drastically reduce your device’s attack surface.
Even browsers have exploits (quite a few actually). We not only sanitize pages and prevent content from being downloaded, but we also prevent javascript from being executed locally in your browser. We protect your data and device by executing web page javascript in our secure web virtualization container. This keeps your contact list safe, and prevents exploits from finding a more permanent home on your device.
The post Protecting Data and Devices appeared first on Armor5.
