Date post: | 14-Jul-2015 |
Category: |
Technology |
Upload: | ca-api-management |
View: | 382 times |
Download: | 3 times |
Enterprise on the Go:
Essentials for BYOD & Mobile Enablement
Copyright © 2014 CA. All rights reserved.
A Little bit about Me…
Devon Winkworth
Copyright © 2014 CA. All rights reserved.
Agenda
“Bring Your Own Device”
• BYOD and the App Explosion
• Factors Driving BYOD Adoption
Challenges
• What are the Challenges with BYOD?
• Old thinking with New Technology
Approaches
• Take care of the device
• Don’t forget about the application
Copyright © 2014 CA. All rights reserved.
BYOD: Bring your Own Device
Courtesy of Click Software
Copyright © 2014 CA. All rights reserved.
BYOD: iPad @ Work
– from IDG Connect “iPad for Business
Survey 2012”
Copyright © 2014 CA. All rights reserved.
The App Explosion
Courtesy of zendesk
Courtesy of [x]cube Labs
Copyright © 2014 CA. All rights reserved.
Key Factors Driving Firms to Deploy BYOD Programs
Source: Forrester Research, Inc.
Key Strategies to Capture and Measure the Value of Consumerization of IT (July 2012)
“Many employees expect to use their personally selected smartphones, tablets,
laptops, and other devices from Apple, Google, Research In Motion (RIM), and
other platform providers for work.”
Copyright © 2014 CA. All rights reserved.
Network
Mobile App-to-Enterprise Service Integration Challenges
Enterprise Services
Data Services
Mobile Devices
Proliferation of mobile devices increases message volumes
exponentially
Service API’s not available in mobile-friendly formats &
protocols (REST, JSON)
Composite services need API’s from
multiple providers, requiring federation
Data privacy and integrity must be
preserved end-to-end
BYOD approach mixes personal and business
use, blurring the security perimeter
API’s must be reusable across multiple mobile
and non-mobile platforms
Copyright © 2014 CA. All rights reserved.
New Technology, Old Thinking
We’ve had mobility for years now
We have effective solutions for these devices
managing and securing the information on
these devices
We have to look at the whole mobile security
challenge differently
The danger we face today is that we try and graft old
solutions onto this new technology
If there is anything that Apple has taught us is that you
cannot think of them or treat them the same way
You can’t build apps for them and you can’t secure
transactions to/from them in the same fundamental way
Copyright © 2014 CA. All rights reserved.
Who Owns your Mobile Strategy?
Driven from Executive Suite
The Question is not easily answered…
The group that ends up wearing this of course is IT
Copyright © 2014 CA. All rights reserved.
Classic Security Solution
What worked in the past…
Is this the right solution for the new world of mobility?
… and the answer is …
Directory Identity & Access
Management (IAM)VPN
Copyright © 2014 CA. All rights reserved.
What we have Today…
Software that secures, monitors, manages and supports mobile devices
deployed across mobile operators, service providers and enterprises.
Device Inventory
Locate/Track Device
Network/wifi Settings
Backup Management
Manage Synchronisation
Manage Access to Cloud
Synchronisation
Device Encryption, Wipe,
Data Fading
Password Policy, Remote
Lock
Jailbreak Detection
User Communication
App Inventory
Black List/White List
App Store Management
App Configuration
Provisioning
VPN Configuration
Provisioning
Roaming Policy
Management
Copyright © 2014 CA. All rights reserved.
MDM may not be enough…
Copyright © 2014 CA. All rights reserved.
New Technology, New Thinking
Copyright © 2014 CA. All rights reserved.
New Challenges…
I am…
A name
A Device
An App
From Location
In a Jurisdiction
At a moment in time
API Client
DevelopersAPI Server
Developers
InternalExternal
Copyright © 2014 CA. All rights reserved.
New Challenges…
Firewall
Enterprise
Network
Internal
Server
Directory
Copyright © 2014 CA. All rights reserved.
New Challenges…
Silos
App layer
Persistence
layer
Copyright © 2014 CA. All rights reserved.
Strategies
Firewall
Enterprise
Network
API
Server
API
Client
API Proxy
Security Admin
Copyright © 2014 CA. All rights reserved.
Strategies
Firewall
Enterprise
Network
API
Server
API
Client
iPhone
Developer
API Portal
API Proxy
Copyright © 2014 CA. All rights reserved.
Strategies
Firewall
Enterprise
Network
API
Server
API Proxy
Security Admin
Do SSL right
Make OAuth easy
Manage sessions automatically
Configure by Policy not Code
Copyright © 2014 CA. All rights reserved.
Putting Theory into Practice – Customer Perspectives
37+ applications deployed to both iPad & iPhone
Application focus is user experience
• Simple applications do one thing well
Mobile Device Management (MDM) part of the infrastructure
Security & Application Architecture Speeds Development
• Employ Mobile Access Gateway
• Utilise standards such as Web Services in mobile friendly way
Employ Mobile Device Management (MDM)
• Passcode requirements and remote data wipes
Plan for the worst with numerous security layers
• Utilise OAuth 2.0 for ease of use with REST and Federation to 3 Parties
Employ Mobile Access Gateway
• Integration with various Authentication Providers
• Ability to cope with multiple security protocols
Utilise simpler REST protocols over heavier SOAP
Copyright © 2014 CA. All rights reserved.
In Summary
Employees are bringing mobile
devices to work en masse…
…and IT groups must accommodate them
without compromising security and SLA’s
Mobile Apps are being built to
improve productivity and reduce cost…
…existing enterprise services can be used to
quickly and reliably enable these apps
Enterprise API Management
integrates Mobile Apps and Enterprise
Services…
…through the use of a Secure Mobile Access
Gateway, an API Portal, and open standards
Copyright © 2014 CA. All rights reserved.
Thank You