From Liability to Asset: How to Better Secure Enterprise Mobile Deployments

Jesus RodriguezCEO, KidoZen

From Liability to Asset: How to Better Secure Enterprise Mobile Deployments

Jesus RodriguezCEO, KidoZen

About Me

• Hackerpreneur• Co-Founder KidoZen• Advisor to software companies (Microsoft, Oracle….)• Board member• Investor• Speaker & author

• http://jrodthoughts.com• http://weblogs.asp.net/gsusx• https://twitter.com/jrdothoughts

About KidoZenCOMPANY

Enterprise Mobile App Platform (PaaS) Headquarters: Miami, FL Development Center: Buenos Aires, Argentina Privately Held Series A of $5 Million: November 2013, Third Point Ventures

WHAT WE PROVIDE

Enterprise Mobile Backend-as-a-Service API Mobile SDKs Mobile Enterprise Application Center HTML 5 Hosting Mobile Data Virtualization Mobile Data Management Mobile Analytics Mobile App Prototyper

CUSTOMERS

HIGHLIGHTS

• Large Number of Enterprise APIs• Public, Private, Hybrid Cloud &

On-Premise• Access and Manage Enterprise Data

Sources by Applying Security Policies at the Data Level for Mobility Management

• 100+ Global 1000 Customers• Pricing starts at $5k/10M API Calls/10K

Users/200GB Store per Month

25 partners in 50 countries

Canada

United States

AustraliaSouth Africa

TaiwanPhilippines

Argentina

EgyptKuwaitSaudi ArabiaUAE

MexicoIndia

MalaysiaSingaporeIndonesia

China

EuropeAustriaBelgiumCzech RepublicFranceGermanyHungaryIrelandItalyLuxembourgNetherlandsNorwayPortugalSlovakiaSpainSwedenSwitzerlandUnited Kingdom

Russia

Geographic Coverage

Today’s Agenda

• Security in the enterprise mobile world• Building blocks of an enterprise mobile security architecture• How KidoZen does it

Security remains one of the biggest challenges of enterprise

mobile solutions

What does security mean in the mobile context?

5 Building Blocks of Enterprise Mobile Security

1. User authentication2. User federation3. Mobile app protection4. API security5. Data security

User Authentication

Authenticate mobile app users against a corporate identity provider

The Challenge

Authentication Models

• Active authentication • WS-Trust

• Passive authentication• WS-Federation Passive Profile• SAML2• OAuth

• Integration with corporate identity providers

• Federation with corporate identity providers• Support for passive authentication protocols• Support for active authentication protocols• Support for various security token formats

How KidoZen Does it

Identity Federation

Enable single sign-on and federation between mobile apps and corporate

identity providers

The Challenge

Federation Models

• Implement federation protocols• WS-Federation• SAML2

• Implement token exchange and single sign-on models

How KidoZen Does it

• KidoZen Identity Federation Gateway• Support for various identity providers• Token exchange and mapping rules

Mobile API Protection

Securing mobile APIs based on corporate identity assets

The Challenge

Mobile API Security

• Enable access control rules at the API level• Enable access control policies based on user identity tokens

How KidoZen Does it

• API and Connectors security settings• Access control engine based on identity token claims

Mobile Data Protection

Protect and secure the business data assets used by mobile applications

The Challenge

Mobile Data Security

• Define the data used by a mobile application• Provide access control policies at the data level

How KidoZen Does it

• KidoZen mobile data virtualization offers a model to “virtualize” the data sources used by a mobile solution

• KidoZen mobile data management offers a way to secure “virtualized data sources” using access control policies

Mobile App Protection

Provide access control policies against the different mobile applications in an enterprise

The Challenge

Mobile App Management

• Enable a central app store• Integrate the app store with a corporate identity provider • Provide access control policies at the mobile app level

How KidoZen Does it

• KidoZen’s enterprise app center provides a central application store for enterprise mobile solutions

• The enterprise app center provides access control policies based on enterprise identity providers such as Microsoft Active Directory

Other Enterprise Mobile Security Capabilities

• Device protection• Malware detection• Usage audit

Summary

• Security is one of the most important elements of enterprise mobile architecture

• The are 5 fundamental building blocks to enterprise mobile security

• User authentication• Identity Federation• API protection• Data protection • App management

• KidoZen provides a complete mobile identity management suite as part of its enterprise mobile platform

ThanksJesus Rodriguez: jr@kidozen.com

http://twitter.com/#!/jrodthoughtshttp://jrodthoughts.com/

www.kidozen.com