What is the BI mobile data access dilemma? Currently, to maintain tight security requirements (to prevent hacking) you have to trade off usability (enter security credentials multiple times to get access to data multiple times). What if BI was so pervasive that you looked at it as often as email? How can we keep it safe and still make it easy to use?
Recently, I had the pleasure of interviewing Matt Milella, Director of Product Development for Oracle Business Intelligence Mobile Apps, and Jacques Vigeant, Product Strategy Director for Oracle Business Intelligence & Enterprise Performance Management about this subject and the results were very enlightening.
We started by defining what exactly this BI data access dilemma is. Jacques explained that with respect to mobile data access, security requirements come at the cost of usability. Today when you pick up your phone to check out your KPIs, you often have to:
• Unlock your screen
• Open the BI App
• Get prompted for a password of some sort
• Open the KPI...
...and then FINALLY you get to see your KPI. This is a lot of steps to get to your number. Then you put the phone down for a little while and you have another business question and you have to perform these steps all over again. These little annoyances - Matt calls them paper cuts - become incredibly annoying and can actually become a barrier to adoption.
It seems trivial when you do it once a day, however Jacques and Matt have this crazy goal of making BI so pervasive in your life that you will look at it as often as you do email.
So, can you remove the friction points without compromising security? Well this is the gray space according to Matt. Administrators and IT want to deliver useful, timely, and actionable information, but without compromising security. “In fact we currently have a number of customers struggling with this dilemma and going forward the enterprise needs to balance usability and ease of access with data security” said Matt. This situation seems to be solved, or at least tolerated, when it comes to email. If you think about it, email is often accessible externally without VPN access and, at times without a password; or at least the password is stored. Matt explained that email probably has the most confidential information for the enterprise and it is as accessible as any consumer app on a mobile device. For enterprise apps, the balance between security and usability has not yet been found and it is up to software vendors to help IT achieve adoption of apps while keeping data secure.
So it is a gray space because it is not a standard yet, but it certainly needs to be to increase BI adoption and maintain appropriate security. So how does Oracle Business Intelligence Mobile, or BI Mobile as it is commonly called, help with this situation? Matt explained that the Oracle BI Mobile iOS and Android apps have three different login options:
Option 1- The user can login with an enterprise security foundation like Oracle Access Manager using SSO and SSL. This is very secure, and we recommend it for implementations with secure data needs. In this case, users will have to login at the same frequency and with the same password rules that they are used to with equivalent desktop (browser) based apps.
Option 2 - The user can login with standard authentication and it will ‘prompt’ users for their password on the device.
Option 3 - The user can login with standard authentication and have the password saved on the device. The password is stored on the device in the most secure ways possible, and this method, though very convenient for the user, carries the most risk in cases where a device is lost.
Administrators can ‘fine tune’ what they are comfortable with on the server. The key to solving this dilemma is giving administrators the correct level of options so they can strike a balance with their users.
Jacques told us that Oracle just recently bought a company called Bitzer Mobile, which specializes in the Mobile Device Management and Security space. Bitzer is a very welcome addition to the BI Mobile family as an additional layer of security for enterprise data. Jacques explained that it is a very pragmatic approach to security with a whole slew of capabilities to help tighten data on devices and secure communications between users and the enterprise. But what is really special is that their approach assumes the worst case scenario - at some point you are likely to get your tablet/phone stolen or lost. Bitzer can not only remotely remove all the data, but also flat-out remove the BI App from the device “automagically” next time it is turned on.
Jacques also mentioned some new features of hardware that help with flexible security. With the Motorola Skip, one of the options is that you can buy little ‘chips or stickers’ and put them on your desk or stick them on your computer. When the phone comes close to the chip, it asks you to unlock it, then it will stay unlocked until you move out of range of the chip. You’ll only have to unlock the phone once! Another soon-to-be released feature is the fingerprint sensor combined with apps. Swiping your finger is a heck of a lot easier than typing a password and helps to solve this data access dilemma!
There is so much more to this podcast. To listen to the entire podcast, click here
To learn more about BI Mobile, click here