• No results found

Balancing Security and Speed: Developing Mobile Apps for Enterprise

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "Balancing Security and Speed: Developing Mobile Apps for Enterprise"

Copied!
8
0
0

Loading.... (view fulltext now)

Download now ( 8 Page )

Full text

(1)

Balancing Security and Speed:

(2)

Contents

Executive Summary

3

The Realities of Developing Secure Enterprise Applications

3

(3)

Good Technology 866-7-BE-GOOD www.good.com Balancing Security and Speed: Developing Mobile Apps for Enterprise 2 Good Technology 866-7-BE-GOOD www.good.com Balancing Security and Speed: Developing Mobile Apps for Enterprise 3

Executive Summary

Mobility has become synonymous with productivity in the modern enterprise. Everyday business routines have been transformed by the ability to remotely access mission-critical corporate information from the road. Because mobile workers are always connected, highly pragmatic, independent, and demanding, enterprise application developers are constantly challenged with having to deliver secure mobile

applications quickly enough to satisfy the needs of their end users. This is a daunting task given the fleet of company-owned devices and growth of personal smartphones and tablets flooding the enterprise.

The Realities of Developing Secure Enterprise Applications

The pace and pressure that developers are under to develop mobile apps as quickly as possible has made security an afterthought in most organizations. In some cases, developers’ ability to deploy apps quickly may be the company’s only hope of staying competitive and meeting business demands. This presents a real quandary for the typical mobile developer, who has neither the additional time nor the technical skillset required to write security code for operating systems as diverse and eclectic as iOS, Android, and the myriad of web apps now widely available.

Businesses simply can’t wait. Today, the most productive companies are the ones who have found a progressive approach to mobile device management—one that allows employees to have freedom of choice in the phones and tablets they find most comfortable using. Plus, in a standard enterprise deployment, several hundred if not thousands of employees will need daily access to enterprise applications from a mobile device.

But businesses also can’t afford the risks associated with unsecured devices. To balance a respect for the privacy and freedoms of their employees without compromising the security of their corporate data, managers are looking for a security strategy that creates a strong separation between private information and the critical data employees need to get their jobs done.

How Data Leaves Mobile Devices

(4)

Partnering With A Proven Player

Fortunately, mobile application developers can secure their applications without having to acquire lots of different development tools, learn security, and ask their IT infrastructure team to invest in and build out their own security infrastructure—requiring more systems, space, and people to maintain. By finding a partner in the mobile security space, application developers who partner with a security technology provider can secure their mobile apps in as little as a day.

Good Technology is that partner. Good Technology’s recent introduction of the Good Dynamics platform brings the necessary tools, infrastructure, and APIs to developers, helping them meet the highest

standards of security in applications across devices and operating systems. By providing proven security functionality—such as encryption, app-level controls, and web-based monitoring—Good allows developers to leverage the Good Dynamics platform to dramatically speed the delivery of their application development projects to include industry-leading levels of protection and compliance.

The Good Dynamics platform offers unique security. By providing protection beyond device-level, developers can rapidly incorporate technology that “containerizes” data at the app level—wrapping a layer of protection around enterprise-deployed apps, which separates corporate data from an employee’s private information and consumer applications. By establishing a secure application environment, data loss is reduced, if not eliminated.

Containerize Before You Mobilize

From inside the “containerized” application, employees are free to be as productive as they are mobile— without behaving in an unsafe manner. Furthermore, employees can exit the “container” to use their own consumer apps without compromising company information. The overall effect is a solution that increases employee satisfaction and productivity, and ensures safety and compliance.

More importantly, the container-based method ensures that security is uncompromised at every level of transmission. The data path through the Good system is encrypted end-to-end: from the enterprise servers behind the firewall, all the way to mobile devices.

A Platform for Speedy Deployment of Secure Apps

(5)

Good Technology 866-7-BE-GOOD www.good.com Balancing Security and Speed: Developing Mobile Apps for Enterprise 4 Good Technology 866-7-BE-GOOD www.good.com Balancing Security and Speed: Developing Mobile Apps for Enterprise 5 Secure Container. Good Technology goes far beyond device-level security and allows data to be

encrypted at the file system, application, and database access levels. Plus, Good Dynamics keeps all corporate application information completely separate from a user’s personal data.

User-Level Application Security Policies. You can define and enforce user-level app policies—such

as strong application authentication—so that users are required, for example, to enter a strong password before they can launch the application. Enable remote-wipe of application data after a failed number of incorrect passwords, disable sequential numbers in passwords, or require special characters. You can also prevent applications from running on jailbroken/rooted devices.

Strong Encryption. Because Good Technology encrypts all application data with strong AES 192-bit

encryption—whether data is at rest on the device or in transit between the device and servers behind your firewall—all information is secured throughout a complete end-to-end security system.

Securing Network Access. Before transmitting data, the Good Proxy server establishes an outbound

connection through the enterprise firewall, so there’s no need to open inbound ports and expose the network. The NOC only services encrypted packets, so it authenticates applications and grants access solely to those provisioned to specific servers and services—thus preventing rogue attacks.

Securing the Platform. Strong controls include detection of jailbroken phones, and prevention of access

to other services, if necessary.

Quickly Adding Good Dynamics Security To Apps

Developers can quickly add Good Dynamics existing security libraries to their application builds— without having to learn about security or buy new tools. To get started, they simply download the Good Dynamics SDK and server installers, initiate the SDK and server installation process and rapidly integrate GD libraries into their applications.

A developer or administrator may then register the company’s new custom application with the Good Control (GC) web-based console, which includes features for providing a name, description, application ID and version. Once an application is registered, a user may be given entitlement to use the application. The enterprise IT administrator assigns the employee to the appropriate policy set, which may require

(6)

Mobile Security in the Real World

A mobilized workforce that uses a variety of devices poses many challenges for fleet managers. Organizations must maintain data and communication security, and efficiently enforce authorization policies. But they must do this with respect for the privacy and productivity of individual users.

The following scenarios provide examples of how developers can use the Good Dynamics platform to manage the various facets of a mobilized workforce. These scenarios are based on the assumption that the developer has deployed one or more mobilized apps that include embedded Good Dynamics APIs, that the GP and GC servers are in place, and that these servers can successfully relay information to the network operations center (NOC).

SCENARIO ONE: If a new employee has recently joined the company and needs mobile access to

corporate resources or data when he is out of the office, he may wish to use his personal smartphone to perform business tasks, such as checking customer information on a CRM system.

His IT administrator must first make sure that appropriate entitlement and security policies are in place for the new employee. The administrator would then provision the mobile CRM app to the employee; this action would automatically generate an access key for the employee, and send it to his email address through a Welcome email. The employee would then follow instructions in the email to download and activate the application. (Each access code is valid for one activation.)

Once the user downloads and installs the application, the app then follows its set-up instructions and performs the following tasks:

1. It asks the user to enter their email address and access key.

2. It creates a unique profile for the mobile device in the NOC and authenticates the user’s access key. The entitlement of the user to the application in use is also checked at this stage.

3. The GD-enabled application creates a secure repository for organization data on the mobile device, and populates it with whatever data the user is allowed to see and use.

4. The application downloads the appropriate policies for the user (ex., password expiration).

5. Once the user is authenticated and authorized, the Client Library establishes a secure connection to the Good Proxy server behind the firewall; the user is now able to receive profile and policy updates via a push channel.

(7)

Good Technology 866-7-BE-GOOD www.good.com Balancing Security and Speed: Developing Mobile Apps for Enterprise 6 Good Technology 866-7-BE-GOOD www.good.com Balancing Security and Speed: Developing Mobile Apps for Enterprise 7 SCENARIO TWO: An employee in the field loses their mobile device and needs to re-establish

communication with the enterprise. There are three goals in such a situation: to preserve network and data security, to reconnect the employee quickly and securely, and to de-authorize and purge the lost device of sensitive data.

Once the organization is aware of a lost device, a corporate IT administrator can use Good Control, a browser-based management console, to initiate a wipe, deleting application data from the device. In response to this request, the NOC tells the Good Dynamics-enabled application on device to erase application data. This preserves data security. The NOC then deletes the association between the disabled application and the employee; the employee is still entitled to run the application, but this particular instance of the application is no longer granted access to the corporate network. This protects network security. The employee now needs to activate the application once again on a new device. In activating an application on a new device, the NOC still recognizes the employee as an authorized user, but there is no longer a registered device associated with this person. The organization’s IT administrator must prompt the Good Dynamics system to issue a new access code so the employee can begin the registration process for the device and a new application instance. Access codes within the Good Dynamics system are only used once to ensure a high degree of security. The user can now follow the process described above to register the device and new application instance, and initialize the Good Dynamics-enabled application.

SCENARIO THREE: Invariably, there will be times when an organization needs to deploy a policy change

or update an application client. The Good Dynamics system accommodates changes to application entitlement or password and compliance policies through the GC console. The IT administrator can apply such changes to an individual employee or groups of employees. The changes are rolled out through the push notification system.

(8)

Speeding Through Security Issues

Good Dynamics is a comprehensive solution for enterprises tasked with quickly delivering secure mobile apps to the field. It lets developers get their apps out the door fast—but with a layer of security unmatched in the industry. It addresses the challenges of collaboration, connectivity, and choice, while giving IT the means to streamline the security and management of their mobile fleet. It relies on an end-to-end encryption infrastructure that is already serving the world’s largest corporations, defense and intelligence agencies, and leaders in financial services, healthcare, legal, high-tech, retail, and manufacturing.

References

Download now ( PDF - 8 Page - 437.37 KB )

Related documents

Extra Principal Loan Excel Spreadsheet Xls

Banking and principal loan excel spreadsheet to pick: if you would the home mortgage early repayment options as professional financial decisions by an amortization table is to

Efficacy of the thoracic side airbag and effective occupant protection in lateral impacts

The different load cases in the Controlled Collision Environment (barrier - with a deformable face, pole impacts - rigid nature) present problems to vehicle safety engineers as

Department of Social and Family Affairs

CIB would provide general information on all public services, including social welfare; would use the Department ‘ s information service as a source of

As worldwide growth in the mobility market surges among both business and personal users,

structured partnerships with technology vendors, software services companies, managed service providers, mobile application management vendors, mobile enterprise application

Hi and welcome to the Microsoft Virtual Academy and

Secure Boot is a UEFI firmware-based feature which helps prevent unauthorized UEFI drivers also known as Option ROMs, firmware or DLLs to be loaded at boot time.. This is done

Fairness and desert in tournaments

Assuming elation rather than desert guilt, and when the reference point is given by the expected payo¤— which will be the case in fair tournaments or unfair tournaments where

Comparing the surgical timelines of military and civilians traumatic lower limb amputations

This study identi fied that military patients were treated for longer in critical care and required more surgical interventions for their amputations.. Despite this, their time to

WHEN PROCESSES COLLIDE BANKS, RECEIVERS, ADMINISTRATORS & LIQUIDATORS

That view is reflected in Land Registry Practice Guide 36 on Administration & Receivership at para 7, which indicates that even if the power of attorney cannot be relied