Security Updates in the New Mozy App

Mozy Mobile App 1.4Mozy just keeps making it better and better to access and use your data from mobile devices. This week we launch version 1.4 of Mozy’s app for both Android and iOS devices (iPhone, iPad and iPod touch).

Each time we update the Mozy app, I update the Mozy blog to tell you what’s new. The list is too long for a single post, so today we’re going to look at how we have further tightened security in the Mozy app.

The convenience of having all your Mozy-protected files at your fingertips is enormous. But mobile devices frequently get misplaced, lost or stolen. Mozy app v1.4 introduces the following new security measures to ensure your privacy in such situations:

  • Token-based Authorization - The Mozy app has switched to using an access token instead of your password. Although previous versions always used strong encryption to store the password, this new token-based system keeps the Mozy app from storing your password at all. That sets the stage for the next (and frequently requested) security feature…
  • Remote De-authorization - If your mobile device goes missing, gets stolen, or you’re just not sure where you put it, you can just go to your account page and select expire mobile access. When you do, it stops all access from the mobile app until you log in again, but your computers running Mozy online backup or Stash continue to work without disruption. (In other words, it expires just the app’s current token–it doesn’t change your password.)
  • Automatic De-authorization - As in previous versions of the app, if you choose to protect the app with a passcode (PIN), the app will automatically log out after 5 incorrect PIN attempts. The difference now is that instead of forgetting your password, the app now forgets its access token. (This also happens if you choose to log out manually from the app.)
  • Automatic Data Wipe - When you remotely de-authorize the app from your account, the app now removes any locally-stored data when launched. This includes: files you have marked as favorite on iOS, files downloaded to SD storage on Android, and even any usernames that the login screen had previously remembered.
  • Local File Encryption - If you use a personal key to encrypt your Mozy data, the Mozy app will now keep any downloaded files encrypted on local storage. It decrypts them when you share by email or send a file to another app.

In my next post, we’ll look at features that make the Mozy app even better for accessing and using your data while on the go.

If you have questions or comments about the items described above, please post a reply.

Until next time, be safe,

–Ted

Ted Haeger
Mozy Product Management