IBM (IBM) Labs has introduced—and patented; let's not forget the importance of the patent—new technology that is intended to improve the security of cloud applications and mobile users. The technology aims to help businessess increase cloud security and support secure transactions by preventing mobile devices from accessing malicious software code, even if it was encrypted after it became infected.
The IBM technology was developed as a result of the increasingly common bring-your-own-device (BYOD) trend that is seeing more and more employee-owned devices enter the workplace and connect to corporate data, applications and services. According to the patent (U.S. Patent #8,341,747, in case you want to look it up), the invention is listed as a "method to provide a secure virtual machine launcher."
"This patented invention will help organizations confidently and securely embrace the advantages of a mobile workforce while remaining protected against malicious content or intent," said Andrew Cornwall, inventor and mobile software developer at IBM, in a prepared statement. "Our technique helps businesses prevent altered apps from running and unleashing their wrath on businesses, their networks and their customers."
The technology provides security controls that restrict and prevent access to apps unless their original, previously encrypted code remains unchanged and uncompromised. It sounds exactly like what customers and partners are looking for to beef up the security of their cloud applications, particularly those accessed from mobile devices both in and out of the four walls of the enterprise.
IBM explained it like this: "For example, if an app is modified after it has been encrypted—without being properly decrypted and re-encrypted—IBM's patented security mechanism will recognize that the code was altered and prevent it from running. This approach is differentiated by detecting if an app has been modified before being executed, versus after, and provides businesses with additional control over which apps can be accessed."
With the growing number of mobile devices out there in the workforce, this kind of technology could be critical to maintaining some level of security in the cloud. IBM did not indicate when the technology would be available to customers or exactly how it will go to market with it.