Building Secure Mobile
Applications Using MaaS360
SDK and IBM Worklight
Karthik Ramgopal/Paras Segal|[email protected]|
Why Mobile Applications are a Must?
• Rising Smartphone and Tablet penetration
• Mobile Applications enable better productivity by allowing work on the go.
• 100% Cloud Delivery
• Security is the need of the hour.
Poll Question #1
• Do you have any enterprise/home-grown mobile
applications?
a) Yes
b) No
c) Developing
Application Development Practices
• Native
– Built using the development tools and languages that the respective platforms support. Thus, they run only on their targeted platforms.
• Web
– Cross-platform mobile applications that run on multiple devices as they mostly run on browsers
• Hybrid
– Run within the webview container on the devices. The applications are thus packaged natively and have access to native API’s of the mobile OS.
Mobile Application Security Concerns
• Sensitive corporate data housed within the applications is prone to leakage
• Applications accessing corporate
data/resources ay not be fully compliant with the set of enforced corporate
policies
Poll Question #2
• Are you worried about application data security?
a) Yes
b) No
MaaS360/IBM advantages
• Products move through entire application lifecycle from development to delivery
• IBM Worklight IDE for mobile application development
• Offers a powerful SDK (Software Development Kit) targeting native (iOS, Android) and hybrid
applications
• Zero-effort integration with app wrapping
The IBM Worklight Studio IDE
• Open, complete and advanced mobile enterprise application platform for HTML5, hybrid and native mobile applications • Built atop the popular Eclipse IDE
• Tight integration with other IBM offerings like AppScan and IMC • Plethora of plugins available for one-click integration with
IBM Worklight Components
• IBM Worklight Server
• IBM Worklight Device Runtime Components • IBM Worklight Application Center
• IBM Worklight Console
IBM Worklight Enables an Organization to..
• Support multiple mobile operating environments and devices with the simplicity of a single, shared code base
• Connect and synchronize with enterprise data, applications and cloud services
• Safeguard mobile security at the device, application and network layer
• Govern the mobile application portfolio from a central interface
Q&A
MaaS360 SDK
Easy to use Software Development Kit for rapidly integrating your mobile application with the MaaS360 ecosystem.
MaaS360 SDK Integration Features
• MaaS360 enrollment/activation details
• Active Directory/LDAP integration for detailed user/group information
• MaaS360 device compliance status • MaaS360 policy information
• Get instantly notified on change in compliance status, policy, user, enrollment information, or on a container wipe
MaaS360 SDK Application Security Features
• Single Sign On (SSO) using container PIN • DLP controls
– Cut/ Copy/ Paste restrictions
– ‘Open-in’ to Whitelisted container apps only (Ex: Open docs from MaaS container in whitelisted app for printing)
• In-app VPN through Mobile Enterprise Gateway • Block usage of app on non-compliance
• FIPS 2-140 Application Data encryption
Poll Question #3
• How do you ensure application data security?
a) Build it in yourself
b) Use third party libraries
c) Still evaluating
How do I get access to the SDK?
• For Enterprise apps, the SDK can be directly obtained from MaaS360.
• For Public apps (E.g.: Salesforce), the app owner / developer obtains the SDK via the MaaS360 WorkPlace Partner
Program, integrates it into their apps, and publishes it onto a
public app store for use by mutual customers of MaaS360 and Salesforce.
Integration with other MaaS360 applications
• Open URLs from the enterprise applications in the MaaS360 Secure Browser
• Compose and send emails using MaaS360 Secure Email
• View and edit documents securely with the MaaS360 Secure Viewer and Secure Editor
Per-App Configurations
• Support for delivering customized per-app, per
customer/device/device group/user/user group configuration payloads, securely to the device
• Dynamic notification on configuration change • Support for text and binary payloads
MaaS360 SDK Provisioning and Control
• Every SDK app is provisioned per customer, per app. A unique app ID is generated for this combination for SDK activation
• IT admin can restrict access to specific SDK apps via a MaaS360 policy configuration parameter
MaaS360 SDK Utilities
• Secure application development
• Utilities for encrypting/decrypting files and strings
• Secure extensions of common building blocks like WebViews and TextFields
• Easily enforce policies like copy paste restriction in a seamless way across different device/OS versions
MaaS360 SDK Packaging
• Packaged for Android as an Android library (.jar and .so files) • Packaged for iOS as a multi-arch static library (.a file)
• Packaged for Worklight as a Worklight component
• Sample apps and documentation for all platforms included
Zero-effort SDK integration by transparently injecting the SDK and auto-enforcing policies.
MaaS360 App Wrapping
Summary
Native/Hybrid Applications (iOS/Android) can be developed with container controls such as Restrict, Cut/Copy/Paste, Single Sign On, Encrypt App Data, and Enforcement of
Authentication
Code the app with SDK for configurable security layer
by invoking APIs for setting
container controls Upload app to MaaS360 MAM portal for distribution to users/devices App available on Enterprise app store for all
users to download App deployed to user User specific policy applied to app on device Code the app
in your IDE/Worklight
Q&A
#MobileApps
Questions or follow-up?
Connect with the MaaS360 Community
• Past Webinars (http://www.maas360.com/maasters/webinars)
– Android 4.3 and Windows 8.1 -The Next Milestones in Mobile Device Management & BYOD – Achieve Enterprise Mobile Security with MaaS360 MDM and Dual Persona
– The Evolution of BYOD - Are You Set-Up for Success?
• Plus lots of How-To content in our Resources section
– How to participate in MaaS360 WorkPlace Partner Program
– The Ten Commandments of Bring Your Own Device (BYOD)
– Does Android Dream of Enterprise Adoption?
