New technology from Bluebox includes on-device as well as in-the-cloud components to ensure security.
emerged from stealth mode today with a new offering that aims to address mobile app security demands. Instead of trying to solve the bring-your-own-device (BYOD) challenge, Bluebox is positioning itself to offer bring-your-own-apps (BYOA) technology for both Android and IOS devices.
Bluebox is backed by Andreessen Horowitz and Sun Microsystems co-founder Andy Bechtolsheim, and recently announced
an $18 million round of funding to fuel its efforts.
Bluebox CEO Caleb Sima explained to eWEEK
that his company's technology is focused on data security as opposed to device security. The Bluebox offering includes a feature called instant app protect that enables an administrator to secure any application. The data-wrapping feature in Bluebox provides fine-grained control for visibility and access on a per-document level. At the enterprise level, there is a dashboard that can be tracked to manage and secure all the data.
"As data goes in and out of an application protected by Bluebox, the enterprise gets visibility into seeing what happens with a document, as well as the ability to revoke or delete the document," Sima said.
From a technology perspective, the way the Bluebox technology works on the user's device is as an isolated workspace that contains a micro virtualization hypervisor.
"The micro-hypervisor contains a control and policy layer that can retrieve policy and rules in real-time from our Network Operations Center," Sima said.
Above the policy layer is the Bluebox data engine, which analyzes what data is going in and out of a given app and also applies the proper encryption. There is also an integrity engine that looks around the space a given application operates in to see if anything has been tampered with.
There are many products in the mobile app security space that Bluebox will likely compete against. One of them is possibly Juniper's Junos AppConnect
technology, which opens up a per-app VPN tunnel for each mobile app it protects.
The Bluebox product provides a similar level of application connection security back to the Bluebox Network Operations Center, as well as securing the data at rest on a device, at a per-document level, Sima said.
The Bluebox app is downloaded from a mobile app store and installed on the user device. Once the app authenticates with the Bluebox service, a set of apps that an enterprise specifies is downloaded onto the user's device.
When in use, the Bluebox protected applications will have a small blue border around them. Users can also choose to add their own apps into the secured Bluebox workspace.
While the Bluebox technology does depend on the user having online access to be fully secured, there is also an offline mode, which is also known as insecure mode, though it does have some protections, Sima said. Bluebox administrators can set up a policy such that if a device does not connect with the Bluebox service within a specified amount of time, access keys can be erased.
With all the different solutions and approaches to mobile security currently on the market, Bluebox's primary challenge is to cut through the noise, Sima said.
"It really comes down to where the rubber meets the road for the technology, being able to cut through with a clear and direct message and being able to execute properly on sales," Sima said.
Sean Michael Kerner is a senior editor at
InternetNews.com. Follow him on Twitter @TechJournalist