My thoughts on enterprise mobility solution

The sales and support personnel in field prefer usage of mobile devices in their field trips and client visits. With limited budgets and goals to maximize ROI value for their sales spending’s, they are open to adoption of mobility practices in the organization. They are open with BYOD(bring your own device) model also, in addition to moving their server infrastructure to cloud. What are the criteria to select and implement enterprise mobile solution ?

    What are the enterprise security needs?:

  • Can we preserve the existing authentication mechanism of the company and still accommodate the mobile users?
  • Can we have the security consistent between access from mobile or a computer.
  • With authentication technologies not at matured state in mobile and cloud, should we make exceptions for mobile users?My answer is NO.
  • Is it possible sitting remotely to set profiles and push an application to a device, wipe the whole device clean and basically spy on the mobile user.
  • Enterprises have multiple applications. Is there single sign-on possible from devices and identify user uniquely across multiple applications?

I would think that Employees should be made to authenticate on regular time interval to access the documents and artifacts and the mobile client application should be able to initiate challenge. The challenges shall hold good even when the mobile device is not connected to internet. This also means that there shall be a hybrid approach to either view content online or download content to local system, where needed. The data-at-rest or data-in-transit needs to secured and hence document downloaded to mobile device needs to be be encrypted.

  • How to provide employees access to the mobile application of the enterprise?
  • For android style applications which can be install outside app store, the application can made available on the company website or the use profile page and the application can be downloaded after validating credentials on the website.
  • For apple style applications, which can be installed only through app store,the enterprise can publish secure container application on the app-store. The user on authenticating to container application shall be able to download other enterprise applications.
    How to perform “Store,Publish and Subscribe” for document ? Mobile devices can go out of internet space and that cannot come in the way of the employee’s productivity. This means there shall be way to store important needed content locally on the device also.

  • There should be auto synchronization mechanism between mobile app and back-end. Any change in downloaded documents and artifacts should be synced to mobile without user intervention.
  • The sync should delete old or outdated documents and reflect change in access for a document or permission for action on the document
  • Sync comes with the risk, when mobile device is stolen or lost or when the employee leaves the organization, how to wipe all the company related data in the device?
    What is the effective way to manage enterprise mobile application, mobile devices and BYOD devices?

  • The mobile app communicates continuously with the web server and sends a report of the device’s current location, activities on the devices in progress, and any change in the state of databases or applications. It also allows the user to backup, restore and sync data with the web server at any time. If a user forces the app closed, it automatically restarts itself to maintain security.
  • The mobile should also be able to track number of times the document is viewed and the times the document was viewed.
  • People delete apps easily and it should be easily able to re-install app(say one click). Is it possible to identify that a lost device is connecting to the enterprise?