Workers looking to show off the new camera feature on their smart phones might think twice if a Dallas-based company has anything to say about it.
Credant Technologies, which this May releases Mobile Guardian 3.5 security and management platform, wants to quell smart phones' on-premise camera use and allay security managers' concerns about sensitive information -- and photos --falling into the wrong hands.
In recent months, analysts have begun recommending enterprises discourage or even ban cell phones with cameras to prevent intellectual property theft and privacy violations. This solution is seen as one way to enforce that policy. But even its creators admit it still has its limitations.
Mobile Guardian provides security and management software that enforces policies on several different types of mobile devices -- laptops, handhelds and mobile phones. The software integrates with Active Directory, so administrators can easily customize different policies for different groups.
"An administrator sets up policies that get pushed out to that device, and so it's then locally enforced on the device. So, if you have a smart phone or PDA, based on the group you're in, there would be policies about [the] type of access control. [For example] Are you required to put in a PIN first?" explained Mary Van Zandt, director of strategic marketing for Credant. "Even control of the camera, microphone, the use of external storage card ... All of that is controlled
Workers who own smart phones with cameras, however, may not be so willing to cooperate and look for ways to skirt the software. But Credant is betting that users won't be so resistant if they can't synchronize their smart phone to the network. "It's a productivity tool. They want to sync their Outlook calendar and e-mail," said Credant's VP of engineering and co-founder, Chris Burchett.
Burchett also notes that company-issued smart phones can be prepackaged with the Mobile Guardian software, so users are already secured from the instant they turn on the smart phone.
But most companies aren't there yet -- bundling mobile security software with their smart phones. So, in most cases, Credant enforces Mobile Guardian with its gatekeeper component. Once a smart phone starts syncing with the network, "it allows administrators to say, 'If you're going to take my [company] information, you're going to take my [Mobile Guardian] software,'" says Burchett. This functionality enables Mobile Guardian to load onto a device (and depending on the policies set up by the administrator), shut down a smart phone's camera, IM and/or IR (infrared radiation) and Bluetooth ports.
This ability to disable IR, Bluetooth or a smart phone camera and enforce policies at the gatekeeper is what makes Credant unique, according to Burchett.
And what if you have a few hold-out users who resist syncing their smart phones to the network? Credant can "deploy software over the air [wireless connection]," said Burchett. "We have an install utility that pops up every time you turn the device on."
This method, though, won't stop more savvy users who remain uncooperative and find alternative ways to access the network. And for the time being, Credant can't force "unsanctioned users" to become "sanctioned users."
"We can't do it today, but in the future we will," Burchett vowed.