Total on-the-job control of Android devices?

There’s no going back: Smart phones, tablets and other mobile devices have become part of the enterprise, whether they’re issued by an agency or purchased in by their owners. That makes controlling access, securing data and protecting against loss and theft paramount.

A number of companies have come up with innovative approaches to protecting an agency’s data on an employee’s deice, from features that separate work data from personal data, such as BlackBerry 10’s Balance and AT&T’s Toggle, to software that can wipe official data from a device without removing personal data.

Optio Labs, a division of Allied Minds, plans to go a couple steps further with OptioCore, a custom version of Android, and OptioMDM mobile device management software. The company says it can control the data users access — and the functions available on a device — depending on location, the time of day, other apps currently running and even proximity to a fixed point.

This control is implemented through an algorithm-driven overlay called GhostBox, developed by a research group at Virginia Tech University.

This overlay makes OptioCore more intrusive than a plain app, since it is actually modifying the Android operating system. But from a security standpoint, it can give organizations increased control.

A network administration can set security rules and file access settings based on nearly any factor, such as location via Global Positioning System readings. It can even be programmed to grant certain rights when the device is in proximity to a near-field communications device. For example, a patient’s hospital records would only become available to a doctor when she entered that patient’s room. Or a workgroup’s files could only be accessed when the devices of the group’s members are nearby. Agency employees could only access certain sensitive data when they are in the office, within range of that near-field device. OptioCore can also make sure that a phone’s camera, e-mail or other functions are turned off.

“You can dream up just about any rule — it can be your GPS location, or an indoor location detection: when you are in this specific room you can use these apps and connect to this data, but the moment you walk out we will delete the data, shut down the apps, prevent you from getting access to them,” Jules White, a computer scientist at Virginia Tech and a cofounder of the company, told Technology Review.

The company has released OptioCore and OptioMDM to handset makers and integrators, and Androids with the set-up are expected to appear in late 2013.