Transcription
Solution Extension Best Practices:Protecting and Securing Your MobileApplicationsSubject Matter Expert:Scott BonnellVice President,Mocana
SAP Mobile SecureAn integrated, cloud-based EMM solutionNetwork Connectivity*Secure Mobile Gateway*Network Access ControlOperating SystemMobile Device ManagementData & ApplicationsMobile App Management*Mobile App Security*Mobile Content ManagementData Loss PreventionMobile App ReputationSAP HANA Enterprise Cloudwith complete enterprise integration 2014 SAP AG. All rights reserved.2
LeadersmobileMocana inandSAP: securityVision to improve the user experienceFocus on UserExperienceIncrease Mobile AppUsageApp Level Securitywithin a Broad EMMportfolioTransform the mobile userexperience considering allaspects of the user’s interactionwith products, systems,processes, and services.Drive mobile app usage andemployee productivity for thesuccess of large scale SAPBusiness Suite investment.Provide the foundation forconsuming future enterprisedata. Focus on managementof content, apps and devices. 2014 SAP AG. All rights reserved.3
The Usage Gap for Enterprise Mobile AppsMobile App Usage in the enterprise is severely impacted due to lack ofbeautiful user experience balanced with simple enterprise integration43%*26%*Employees abandoncorporate mobileappsEmployees usingcorporate apps reportloss of productivityDriving mobile app usage and employee productivity is critical for the successof large scale mobile investment 2014 SAP AG. All rights reserved.4
SAP Mobile App ProtectionSecure the app, its data, and the connection to the enterpriseEnd user license agreementenforcement, lock-out with app expirationRestrict app usageto a geographic locationRestricts copy and paste tounsecured area of deviceEULA, icationEnterpriseAppSecureData TransferPasscode policyenforcement expiration,lock-out and help-deskassisted passcode resetData At RestEncryptionPer-App VPNGeo-fencingDisable app when the device iscompromised by jail breaking or rootingSecure VPN tunnel toenterprise networkprevents rogue apps andmalware from gainingunwanted accessFIPS 140-2 certified encryption for all datastorage. Prevent malware and rogue appsfrom accessing sensitive dataCustom B2E/B2B Apps3rd Party AppsHybrid/Web AppsMocana Secure Enterprise BrowserSecure transfer among federatedwrapped apps on the deviceFederation of apps 2014 SAP AG. All rights reserved.5
SAP Mobile App ProtectionZero-to-secure in secondsIT Admin/LoB1. Upload Enterprise AppSAP Mobile App ProtectionWeb Console and Server2. “Point and Click” Policies PassphraseData wipeSecure copy-paste Jailbreak detectionPer-app VPN Location masking SSL reverse proxyDAR encryptionFIPS 140-2 Lockout recovery Geofencing App expirationManaged orUnmanaged User Devices3. Distribute Wrapped App Mobile device mgmt Mobile app mgmt Enterprise app store E-mail IntranetUser agreement App federation Single sign-on 2014 SAP AG. All rights reserved.6
Secure enterprise browser Mobilize web apps instantly and securely Extend access to existing SharePoint, corporate intranet sites, web apps, and portals Provide seamless access to sensitive data across any mobile device Apply security policies to customize and configure the Browser's security Extend mobile web apps to unmanaged devices 2014 SAP AG. All rights reserved.7
Pairing SAP Mobile App Protection with Mocana AtlasTap and GoAlways ONAlwaysConnectedScales Smoothly forLarge EnterpriseDeploymentsDrive Mobile Usage in the Enterprise At ScaleSAP Mobile App Protection paired with Mocana Atlassecurely simplifies enterprise integration and connectivity.One Time SimpleAccess SetupSecurity PostDevelopmentEnd To EndVisibility(FIPS 140-2, DualAuthentication, SSO) 2014 SAP AG. All rights reserved.8
Tap and GoCurrent App Login ExperienceMobile Apps with SAP Mobile AppProtection paired with AtlasTapandGoCumbersome Login ExperienceMany screens, Many seams 2014 SAP AG. All rights reserved.1 Tap To ConnectStrong Security, Transparent to User9
Customer case study: Consumer Packaged GoodsCustomer Background Multinational consumer packaged goodscompany Over 15,000 mobile users Portfolio of over 50 mobile appsWhy SAP Mocana?– Ability to achieve a balancebetween development, security,and usability– Avoid cost and time of penetrationtesting for mobile appsKey Requirements and Use Cases Mobilizing SAP Fiori and other customapps User experience was top priority Simplify pen testing process for dozens ofmobile apps Solution to pair with MDM, but haveflexibility to use for extended enterprise infuture 2014 SAP AG. All rights reserved.– User is authenticated once andthen gets a certificate toauthenticate to all backendsMocana 360101
Customer case study: Retail IndustryCustomer Background Why SAP Mocana?Retail vendor delivers services toapproximately 125 million customers– Cross-platform support for iOS300,000 employees– Uniform app security regardless ofand Androidwhich (or whether) an MDMsolution was being usedKey Requirements and Use Cases Protect apps on tablets at retail Point-ofSale locations PCI & FIPS 140-2 compliance Secure email / browsing Multi-factor authentication Deliver cohesive security for apps acrossmultiple MDMs and unmanaged devices 2014 SAP AG. All rights reserved.– Mobile analytics and visibility– Ability to support rapiddeployment of new apps and userpopulations– Best-in-class securityMocana 360111
Customer case study: Insurance industryCustomer BackgroundLarge European financial services firmOver 10,000 mobile usersKey Requirements and Use Cases Field worker app that allows takingpictures and submitting claims realtime while meeting with customers Mobilizing SAP Fiori Secure browser for Intranet access Secure third-party email 2014 SAP AG. All rights reserved.Why SAP Mocana?– Seamless user experienceparticularly easy enrollment ofnew users and devices, and onetap access– Ability to deliver consistent userexperience and security policyacross multiple operating systems– Willingness to co-innovate onbusiness critical requirementsMocana 360121
THANK YOU!QUESTIONS?Let’s Win Together!Have a Great 2010!FOR FURTHER INFORMATION PLEASE CONTACT:MILJA GILLESPIEmilja.gillespie@sap.com
Mobile Application Protection ChallengesFacts needed –why does this matter?Things to consider – 3-4 2014 SAP AG. All rights reserved.15
SAP Mobile SecureAn integrated, cloud-based EMM solutionNetwork Connectivity*Secure Mobile Gateway*Network Access ControlOperating SystemMobile Device ManagementData & ApplicationsMobile App Management*Mobile App Security*Mobile Content ManagementData Loss PreventionMobile App ReputationSAP HANA Enterprise Cloudwith complete enterprise integration 2014 SAP AG. All rights reserved.16
Leadersinpartneredmobile securityWhy SAPwith Mocana?#1Recognized ByAnalystsInvented AppWrappingAndroid LeaderMocana’s platform isthe most widelydeployed embeddedsecurity technology inthe worldMocana technologyships in 5 of the top 7Android OEMs (over70% of all Androidhandsets).Dozens of patentsgranted and pending. 2014 SAP AG. All rights reserved.“App enablement is agrowing market cuttingacross key B2C, B2B andB2E organizations. SAP'send-to-end mobileportfolio and Mocana'sapp wrapping technologyare expected to helpenterprises accelerate thedeployment of gamechanging mobileapplications.”17
SAP Mobile App ProtectionOverviewSAP Mobile App Protection by Mocana helps organizations accelerate mobile initiatives byautomating app security. App wrapping technology enables enterprises to quickly secureexisting corporate and third-party applications without having to write any code. *Meet strict regulationsProtect corporate data andmeet compliance and auditrequirements in highlyregulated industries withadditional encryption andsecurity requirementsSpeed mobile initiativesAccelerate app adoption:no coding or securityexpertise required.Eliminate securitybottlenecks for operationalapp deployments at scaleIncrease flexibilityEnsure security whenmanaging the device isn’tideal (for example, BYOD)and when building B2Bapps* Available on-premise or in the cloud. 2014 SAP AG. All rights reserved.18
SAP Mobile App ProtectionSecure the app, its data, and the connection to the enterpriseEnd user license agreementenforcement, lock-out with app expirationRestrict app usageto a geographic locationRestricts copy and paste tounsecured area of deviceEULA, icationEnterpriseAppSecureData TransferPasscode policyenforcement expiration,lock-out and help-deskassisted passcode resetData At RestEncryptionPer-App VPNGeo-fencingDisable app when the device iscompromised by jail breaking or rootingSecure VPN tunnel toenterprise networkprevents rogue apps andmalware from gainingunwanted accessFIPS 140-2 certified encryption for all datastorage. Prevent malware and rogue appsfrom accessing sensitive dataCustom B2E/B2B Apps3rd Party AppsHybrid/Web AppsMocana Secure Enterprise BrowserSecure transfer among federatedwrapped apps on the deviceFederation of apps 2014 SAP AG. All rights reserved.19
SAP Mobile App ProtectionZero-to-secure in secondsIT Admin/LoB1. Upload Enterprise AppSAP Mobile App ProtectionWeb Console and Server2. “Point and Click” Policies PassphraseData wipeSecure copy-paste Jailbreak detectionPer-app VPN Location masking SSL reverse proxyDAR encryptionFIPS 140-2 Lockout recovery Geofencing App expirationManaged orUnmanaged User Devices3. Distribute Wrapped App Mobile device mgmt Mobile app mgmt Enterprise app store E-mail IntranetUser agreement App federation Single sign-on 2014 SAP AG. All rights reserved.20
Best Practice Example: (customer name) 2014 SAP AG. All rights reserved.21
Secure enterprise browser Mobilize web apps instantly and securely Extend access to existing SharePoint, corporate intranet sites, web apps, and portals Provide seamless access to sensitive data across any mobile device Apply security policies to customize and configure the Browser's security Extend mobile web apps to unmanaged devices 2014 SAP AG. All rights reserved.22
The Usage Gap for Enterprise Mobile AppsMobile App Usage in the enterprise is severely impacted due to lack ofbeautiful user experience balanced with simple enterprise integration43%*26%*Employees abandoncorporate mobileappsEmployees usingcorporate apps reportloss of productivityDriving mobile app usage and employee productivity is critical for the successof large scale mobile investment 2014 SAP AG. All rights reserved.23
Pairing SAP Mobile App Protection with Mocana AtlasTap and GoAlways ONAlwaysConnectedScales Smoothly forLarge EnterpriseDeploymentsDrive SAP Fiori Mobile Usage in the Enterprise At ScaleOne Time SimpleAccess SetupSecurity PostDevelopmentEnd To EndVisibility(FIPS 140-2, DualAuthentiation, SSO) 2014 SAP AG. All rights reserved.24
Best Practice Example: (customer name) 2014 SAP AG. All rights reserved.25
Improving the user experienceTap To GoOne TimeSimple AccessSetupSAP Fiori,SAP MoBI andother mobile apps 2014 SAP AG. All rights reserved.Always OnAlwaysConnectedSAP Mobile App Protection paired withAtlasElegantlyMobilizedExperience26
Tap and GoCurrent App Login ExperienceMobile Apps with SAP Mobile AppProtection paired with AtlasTapto GoCumbersome Login ExperienceMany screens, Many seams 2014 SAP AG. All rights reserved.1 Tap To ConnectStrong Security, Transparent to User27
THANK YOU!QUESTIONS?Let’s Win Together!Have a Great 2010!FOR FURTHER INFORMATION PLEASE CONTACT:MILJA GILLESPIEmilja.gillespie@sap.com
Mocana’s platform is the most widely-deployed embedded security technology in the world Dozens of patents granted and pending. deployment of game #1 Android Leader Mocana technology ships in 5 of the top 7 Android OEMs (over 70% of all Android handsets). Recognized By Analysts “App enablement is a growing market cutting across key B2C, B2B and
