Abstract: Security is enhanced for a user of a mobile communications device by monitoring device usage and modifying an operational context for device usage. By monitoring current activities of the mobile communications device, a current context for operation of the mobile communications device is identified, and the current context indicates that a first activity is scheduled to be performed by a first resource. However, upon determining that the first resource may not be sufficient to perform the first activity, an alternative resource for performing the first activity is identified, and the current context is modified to substitute the alternative resource for the first resource in order to perform the first activity.

Abstract: Methods and systems are provided for sharing security risk information between collections of computing devices, such as mobile communications devices, to improve the functioning of devices associated with the collections. The methods and systems disclosed may share security risk information by identifying a security risk response by a first collection and then providing the security risk response to a second collection when a relationship database profile for the first collection indicates the security response may be shared with the second collection. Methods and systems are also provided for determining whether to allow a request from an originating device where the request may have been initiated by a remote device.

Abstract: Methods are provided for determining an enterprise risk level, for sharing security risk information between enterprises by identifying a security response by a first enterprise and then sharing the security response to a second enterprise when a relationship database profile for the first collection indicates the security response may be shared. Methods are also provided for determining whether to allow a request from an originating device where the request may have been initiated by a remote device.

Abstract: Security is enhanced for a user of a mobile communications device by monitoring and controlling resource usage. First information associated with each of a plurality of mobile communications devices is collected, including configurations and settings for applications, components, resources and external resources for each mobile communications device. The collected information is used to identify an application, component, resource or external resource that is currently active on two of the mobile communications devices. Second information is transmitted to the first of the two mobile communications devices to reduce or terminate usage of the identified application, component, resource or external resource on the first mobile communications device.

Abstract: The method disclosed herein provides for performing device security corrective action based on loss of proximity to another device, such as a key device. While a mobile communication device is locked, a mobile communication device determines whether or not a key device is within a specified distance. If the key device is not within the specified distance from the mobile communication device, a notification may be displayed on the mobile communication device. If a user responds to the notification, the user may prevent or alter the mobile communication device from performing at least one device security corrective action. If, however, the user does not respond to the notification within a specified time period, the at least one device security corrective action is performed on the mobile communication device.

Abstract: Data is collected from a set of devices. The data is associated with the devices, mobile application programs (apps), web applications, users, or combinations of these. A norm is established using the collected data. The norm is compared with data collected from a particular device. If there is a deviation outside of a threshold deviation between the norm and the data collected from the particular device, a response is initiated.

Abstract: A system and method checks for harmful behavior of an application to be installed on a mobile communications device. A server computer receives from the mobile communications device data pertaining to the application to be installed and information pertaining to the mobile communications device. The server processes the data and information to determine an assessment for the application to be installed. The assessment is provided to the mobile communications device and the assessment is displayed on the device if the assessment is one of dangerous and potentially dangerous.

Abstract: A server receives from a mobile communication device information about a data object (e.g., application) on the device when the device cannot assess the data object. The server uses the information along with other information stored at the server to assess the data object. Based on the assessment, the device may be permitted to access the data object or the device may not be permitted to access the data object. The other information stored at the server can include data objects known to be bad, data objects known to be good, or both.

Abstract: A system and method to create a policy for managing personal data on a mobile communications device are disclosed. Personal data stored at one or more locations on the mobile communications device is identified by a policy management module on the mobile communications device. A policy is then created based on the personal data stored at the one or more locations. The policy management module on the mobile communications device monitors at least the personal data stored in the one or more locations on the mobile communications device.

Abstract: A computing device creates verification information and a challenge token and sends the verification information and token to a server. A server receives a command and authentication information and uses the verification information to verify the authentication information. The server creates authentication credentials based on the authentication information and the challenge token. The computing device receives the command and the authentication credentials from the server, determines whether the credentials are valid, and then processes the command if the credentials are valid.

Abstract: A system and method to create and assign a policy for a mobile communications device are disclosed. The policy may be created based on personal data associated with the mobile communications device. For example, known sources of personal data on the mobile communications device may be identified and a policy may be created based on the known personal data. The policy may then be used to identify additional personal data associated with the mobile communications device. Thus, the personal data associated with the mobile communications device may be monitored. If an application attempts to access the monitored personal data, the access will be detected.

Abstract: Methods and systems are provided for sharing security risk information between collections of computing devices, such as mobile communications devices, to improve the functioning of devices associated with the collections. The methods and systems disclosed may share security risk information by identifying a security risk response by a first collection and then providing the security risk response to a second collection when a relationship database profile for the first collection indicates the security response may be shared with the second collection. Methods and systems are also provided for determining whether to allow a request from an originating device where the request may have been initiated by a remote device.

Abstract: An action is permitted to be performed on a computing device only after the action has been confirmed by two or more authorized and/or authenticated parties. A security component receives a request from to initiate an action on a computing device. Before the action is allowed to be initiated on the computing device the security component requires the authentication of first and second parties or authorizations from first and second parties, or both the authentications of and authorizations from first and second parties. After receiving the required authorizations and/or successfully performing the required authentications, the security component allows the requested action to be initiated on the computing device.

Abstract: Mobile devices typically have some form of audio capabilities designed to be operated by the device's user, for example to place phone calls; however, if a device is misplaced or stolen, the user may wish to operate those audio capabilities remotely. Methods are provided for detecting that a security event has occurred on a portable electronic device and then establishing an audio transmission between the device and one or more clients, and in some embodiments, sending a command to initiate the audio transmission. The detection of a security event may be based on, for example, detecting that the device has been turned on, detecting movement of the device, detecting that an incorrect password has been entered, the device camera has been used, contacts have been added or deleted, the SIM card as been removed or replaced, application programs have been installed or uninstalled from the device, or uncharacteristic behavior has been detected.

Abstract: An analysis including a comparison is performed of first and second applications and a determination is made regarding whether the first is a counterfeit version of the second application, or vice-versa. Based on the analysis and comparison, and based on an assessment of the first application, an assessment of the second application may be generated.

Abstract: The method disclosed herein provides for performing device security corrective action based on loss of proximity to another device, such as a key device. While a mobile communication device is locked, a mobile communication device determines whether or not a key device is within a specified distance. If the key device is not within the specified distance from the mobile communication device, a notification may be displayed on the mobile communication device. If a user responds to the notification, the user may prevent or alter the mobile communication device from performing at least one device security corrective action. If, however, the user does not respond to the notification within a specified time period, the at least one device security corrective action is performed on the mobile communication device.

Abstract: Security is enhanced for a user of a mobile communications device by monitoring and controlling resource usage. First information associated with each of a plurality of mobile communications devices is collected, including configurations and settings for applications, components, resources and external resources for each mobile communications device. The collected information is used to identify an application, component, resource or external resource that is currently active on two of the mobile communications devices. Second information is transmitted to the first of the two mobile communications devices to reduce or terminate usage of the identified application, component, resource or external resource on the first mobile communications device.

Abstract: The security and convenience of a mobile communication device is enhanced based on a separate key device. If the key device is near the mobile communication device, the mobile communication device may be automatically unlocked without the user having to input an unlock code. The mobile communication device may be automatically unlocked into a first mode having a first level of functionality. If the user inputs a correct unlock code, the mobile communication device may be unlocked into a second mode having a second level of functionality, greater than the first level of functionality.

Abstract: Methods for assessing the current security state of a mobile communications device to determine access to specific tasks is presented. A security component on a server is configured to receive a request to access services from a mobile communications device for a specific task. The security component on the server is further configured to determine whether a security state for the mobile communications device is acceptable for access to the services. Based on the security state for the mobile device being determined to be acceptable for access to the services, access to the services is granted and a determination is whether the security state is acceptable for access to the specific task requested. Based on the security state being determined to be acceptable for access to the specific task requested, access to the specific task requested is granted by the server security component.

Abstract: User activity on a mobile device is monitored and collected, and a resource usage model is constructed. The resource usage model describes a set of contexts in which the mobile device, and is the basis for determining a first exhaustion point for a resource. Based on the monitored activity, a prediction of a second exhaustion point for the resource time is made. If the second exhaustion point is prior to the first exhaustion point, usage of the resource is reduced.