Authentication, access control, and audit (3As) are three fundamental mechanisms in enterprise security management for countering various types of looming threats from both insiders and outsiders. There has been a variety of webbased or desktop systems implementing those mechanisms, but little supports the applicability of mobile devices in their security management. In this paper we present an approach to managing various types of enterprise security policies using mobile devices in order to effectively monitor and defend trusted domains. Specifically, we describe a security architecture for designing and implementing a mobile-enabled solution for enterprise security management, whereby various benefits such as the backup of important security policies or credentials, offline administration, immediate response, and monitoring, can be achieved. We also present a proof-ofconcept implementation using Microsoft Active Directory. Categories and Subject Descriptors K.6.5 [Management of ...