Is Your Endeavor Business Knowledge Portable Application Secure?
Reena Sethy Director Product Management SAP LABS India: As indicated by Statista, an internet-based measurable gateway, nearly 33% of the total populace claims a PDA. Notwithstanding, the entrance of Business Knowledge (BI) on cell phones remains very unassuming as revealed by the DAS Versatile Processing/Portable Business Insight Market Study. One of the most well-known purposes for this unassuming utilization of BI is an information security concern. The vast majority of the BI clients on cell phones like tablets and PDAs are senior administration and deals chiefs who access exceptionally delicate information to empower them to go with choices quicker, engage their workers and groups, and remain in front of the market.
Most of the BI users on mobile devices like tablets and smartphones are senior management and sales executives who access highly sensitive data to enable them to make decisions faster, empower their employees and teams and stay ahead of the market. According to Forrester, ‘Mobile’ is now a feature for most BI solutions, so security measures are usually addressed through a combination of capabilities, as part of the underlying BI platform and by the application at the level of the mobile device.
It is important to understand how mobile users are being managed in the application. It is very important for the administrator to manage access control from one place, for ease of manageability. Usually, this is done as part of the overall BI platform that the Mobile application is part of. Security measures for Data on the network (between various entities of the mobile deployment):
Does the mobile solution support various complex deployment scenarios involving DMZs, Firewalls, Reverse Proxy, etc.?
A DMZ, or DE Militarized Zone, provides an additional layer of security to an organization's local area network by secluding the threat to only the DMZ servers and not to the internal network. Since Mobile users are mostly on the move, it is recommended to have a reverse proxy server, which is an intermediary between the client and the Web Application Server.
A Reverse Proxy Server provides an external network with indirect access to the backend. Another recommendation is to also use Hyper Text Transfer Protocol Secure (HTTPS) as the communication protocol between the client and server since HTTPS is more secure than Hyper Text Transfer Protocol (HTTP). This provides secure identification of the web server in the network and enables encrypted communication.
Mobile deployments should also add various authentication mechanisms as additional layers of security, like, basic authentication, form-based authentication, certificate-based authentication, etc. Security measures for Data at Rest (on Device): To ensure a mobile BI application is secure, it is important to understand how data is stored on the device. A few pertinent questions to ensure data security include-Is the data encrypted. How does the application store user login credential?
Is there any other data that’s getting stored as part of the application, and how is it being handled? It's recommended to have an additional password to access the mobile application after unlocking the device or support fingerprint access like Touch ID in iOS to provide secure access accompanied by ease of use. Most customers use mobile offline access so that their business users have access to data from anywhere without the need for internet connectivity, this increases security threats and vulnerability.
In such cases, it is important to understand if the downloaded data is in an encrypted or plain text format. There are many sophisticated algorithms to encrypt data on the device. Other options include authorization checks to access offline data, administrator control on what can be downloaded, remote data wiping options, etc. However, in some cases, it is also worthwhile to explore the advantages of third-party security tools offered in the space of enterprise mobility management (EMM) space.
Solutions such as Mobile App Management (MAM) and Mobile Device Management (MDM) are getting increasingly popular, because of their provisions of additional security layers and options. Using third-party security tools increases the overall cost and requires to be specialized skillets to manage the complete mobile infrastructure. Hence, before going ahead with any mobile BI solution it is important for an organization to have clarity on the minimum security requirement, data security policy, and willingness to invest in terms of skilled resources, time, and money.
It is important to understand how mobile users are being managed in the application. It is very important for the administrator to manage access control from one place, for ease of manageability. Usually, this is done as part of the overall BI platform that the Mobile application is part of. Security measures for Data on the network (between various entities of the mobile deployment):
A DMZ, or DE Militarized Zone, provides an additional layer of security to an organization's local area network by secluding the threat to only the DMZ servers and not to the internal network. Since Mobile users are mostly on the move, it is recommended to have a reverse proxy server, which is an intermediary between the client and the Web Application Server.
A Reverse Proxy Server provides an external network with indirect access to the backend. Another recommendation is to also use Hyper Text Transfer Protocol Secure (HTTPS) as the communication protocol between the client and server since HTTPS is more secure than Hyper Text Transfer Protocol (HTTP). This provides secure identification of the web server in the network and enables encrypted communication.
Mobile deployments should also add various authentication mechanisms as additional layers of security, like, basic authentication, form-based authentication, certificate-based authentication, etc. Security measures for Data at Rest (on Device): To ensure a mobile BI application is secure, it is important to understand how data is stored on the device. A few pertinent questions to ensure data security include-Is the data encrypted. How does the application store user login credential?
Is there any other data that’s getting stored as part of the application, and how is it being handled? It's recommended to have an additional password to access the mobile application after unlocking the device or support fingerprint access like Touch ID in iOS to provide secure access accompanied by ease of use. Most customers use mobile offline access so that their business users have access to data from anywhere without the need for internet connectivity, this increases security threats and vulnerability.
In such cases, it is important to understand if the downloaded data is in an encrypted or plain text format. There are many sophisticated algorithms to encrypt data on the device. Other options include authorization checks to access offline data, administrator control on what can be downloaded, remote data wiping options, etc. However, in some cases, it is also worthwhile to explore the advantages of third-party security tools offered in the space of enterprise mobility management (EMM) space.
Solutions such as Mobile App Management (MAM) and Mobile Device Management (MDM) are getting increasingly popular, because of their provisions of additional security layers and options. Using third-party security tools increases the overall cost and requires to be specialized skillets to manage the complete mobile infrastructure. Hence, before going ahead with any mobile BI solution it is important for an organization to have clarity on the minimum security requirement, data security policy, and willingness to invest in terms of skilled resources, time, and money.
written by:
Comments
Post a Comment