Data security on mobile devices


Our portfolio includes a system for professional management of mobile devices, such as PDAs, smartphones and laptops.

The system is based on Sybase Afaria, a product which aids front office field staff by securing confidential and restricted data outside the secure walls of the central office. We guarantee the application of controls and security measures of mobile resources over their entire life.



Mobile device life cycle

Mobile environments are heterogeneous, complex and often tend to slip out of control of the head office IT team. The Afaria server gives the IT organisation the ability to centralise device and data management and aids their maintenance over their entire life cycle. Each device has a life cycle composed of three stages, each of which is associated with its own set of significant issues, which all need to be dealt with by the companies' IT departments. In addition, each of those stages requires proactive management of data, devices, applications and communication with all mobile employees. The organisations which use a centralised approach to data and device management provide their information technology staff with appropriate means of control and monitoring, while on the other hand they enable their mobile employees to use the information and the applications they need in their work securely.



At the first stage of the life cycle, Afaria can be used to manage the tasks of all kinds of mobile initiatives, such as allocation to groups or policy-making, setting up devices to ensure their mutual connectivity, wireless distribution of the management client software or the initial implementation of applications. As far as security is concerned at that stage, Afaria enables IT departments to centralise managing security requirements, including establishing security rules, initialisation of the passwords entered upon device start-up, installing and encrypting data, installing antivirus software and firewalls, and controlling the ports and I/O systems on each specific device.



At the stage of device use, Afaria offers features that help manage routine tasks required to ensure effective and optimised device performance and to automate it. Such tasks include resource tracking, updates and patches, monitoring of device operation, remote controlling, maintaining and modifying the setup of devices and applications and distribution and updates of data and files. Afaria can automate electronic file distribution, managing files and directories, notifications and system registry management tasks. The key security tasks include regular data backups, installation of patches and security updates, enforcement of security rules and monitoring the device for security breaches and threats. Administrators can protect the data stored on devices using the latest generation encryption secured with a password which needs to be input upon device start-up (with anti-tamper control) and enforce data access restrictions based on the defined user privileges.



A mobile device can enter that third stage of its life cycle under a variety of circumstances. The device can be lost, stolen, withdrawn from use or assigned to other purposes. If it has been lost or stolen, Afaria's administration panel allows deleting of data permanently from the device and blocking it. If needed, the administrators can use the system's tools to re-commission the piece of equipment, deploy software to it or restore its data.


Value for Customer:


Mobile connectivity designed with enterprises in mind


Regarding the use of mobile devices by front office staff, Afaria relies on the concept of intelligent architecture with optimised capability to take appropriate decisions. The device's all connectivity management features can be implemented remotely (wirelessly), which eliminates the need to request the IT department to set up the devices manually.


Proxy server

There is not need to open input ports on the internal firewall, which makes it easier to obtain permission from the security department. The proxy server (which is installed in the network's DMZ) facilitates secure communication between mobile devices and the corporate intranet, and no open input ports need to stay open on the network. That improves the security of the network, and as there is not need to use VPN, communication becomes more secure too, with minimum impact on CPU workload or device battery level.


Scheduling and prioritising

As routine as system management can be within the head office walls, it becomes complicated if mobile devices come to play, as these are not always connected to the corporate network. Afaria facilitates routine management tasks and enables automated scheduling of device querying to check if they follow the corporate policies.


Device monitoring

Afaria responds to changes of device status and can initiate calls, record events or local processes if key characteristics of the device have changed while it was offline. Such a tool can be extremely useful to administrators, as it enables archiving the data stored on the device whose battery level dropped below the critical mark, or monitoring and enforcing installation policies and use of applications with registration and reporting. Recording the save operations on confidential files to external memory cards or their transmission to other devices is also beneficial to security.


Throughput optimisation

The Afaria server offers a dynamic bandwidth reduction feature, which frees up part of the bandwidth for other applications, if their activity increases while files are transmitted, and releases it if they remain inactive, which results in retaining a steady level of device performance. The comprehensive line bandwidth management feature works with applications in all types of networks and ensures data compression, resuming operation from the last control point and on-the-fly file segmentation.


Services for applications

Afaria enhances the applications developed in-house or by third parties by adding essential management features, fully extending the published APIs to include server-client functionality and enabling distribution of updates over a wireless network.


Reports and data recording

The capability to record and report all security-related events detected in remote devices is key to an enterprise's security system. The IT department can access a number of detailed reports on any unusual event, breach of security policies, commissioned and decommissioned devices. Afaria can generate reports in several dimensions, e.g. by type of device, user type or group.




PL / EN / RU