Mobile Data Loss Prevention through Appdome's Data at Rest Encryption

Appdome Mobile Security Snapshot: Data at Rest Encryption 

Appdome offers data at rest encryption as part of the Appdome Mobile Security Suite. Data at rest encryption falls under Appdome’s Mobile Data Loss Prevention category.  Like all features in the Appdome Mobile Security Suite, users can select this feature, combine it with other features in the security suite, or select the entire mobile security offering form Appdome. 

With Data at rest encryption enabled, all stored data generated by the app is encrypted on-the-fly using AES 256 (industry standard cryptographic protocols).  With Appdome, encryption is accomplished dynamically, without any dependencies on data structure, databases or file structures.

Data at rest encryption implemented with the AppFusion Platform does not impact app behavior.  This results in a consistent and easy to implement experience, as opposed to a DIY approach which would require the mobile developer to choose encryption components from a wide variety of libraries, cipher strengths, and key stores (and then need to integrate them together).
 
Advanced configuration options for encryption:
AppDome also provides options for customers to exclude certain files or folders from being encrypted. There is an option to automatically exclude all media files from being encrypted.  And there is another option to name specific files that you wish to be excluded from encryption. For more information about data at rest encryption check out our blog.
 
 
Key management:
Appdome dynamically generates symmetric data encryption keys at runtime.  Keys are generated by AppFusion using industry standard AES mechanisms. Keys are never stored on the device, and are derived at run-time. In addition, Appdome can factor in additional contextual information such as:  bundle ID, device ID, checksums, user input (passwords, tokens), and application state conditions (eg: existence of a debugger) into the key derivation mechanism.  See diagram below.  



As part of Appdome’s IDEAL account class, Appdome provides an option for customers to control parts of the key management process via an external key management system (KMS).  With this option, additional external factors may be introduced for key derivation.   

Thanks for visiting the Appdome knowledge base!  We hope AppFusion is living up to our mission of simplifying your mobile integrations.  If you don't already have an account, you can sign up for free.  Happy fusing!  

Did you find this article helpful?