Monday May 05, 2014

Identity Enabling Mobile Security

Authored by Suresh Sridharan, Business Manager, Security

Smart Connected Device Growth: The growth of smartphones and tablet devices has been phenomenal over the past 4 years. Global smartphone shipments have grown extensively from approximately 100m units in 2010 to 725m units in 2012, reaching 1b devices in January 2014. Simultaneously, tablet shipments have grown from 5m units in 2010 to approximately 125m units in 2012. Tablet numbers are likely to touch 400m units by 2017.

This explosion in the shipment of smart connected devices has also led to a significant change in users’ behavior and expectations.

In a corporate environment, the phenomenon of Bring Your Own Device (BYOD) is gaining momentum. Gartner predicts that 38% of all organizations will have an “all BYOD” policy by 2016, up from 6% today (2014). If the same device is being used for both personal and work purposes, users will expect the same experience across corporate and personal apps. Further, employees regularly use similar apps for both business and personal purposes examples include: WhatsApp, Skype and Facebook..

Mobile devices present benefits both for organizations and for individuals. Surveys show that a BYOD policy helps employee gain an extra 37 minutes of productive time every week. To increase sales productivity, some of our customers are mobile-enabling sales teams to ensure that they have access to the latest information when they meet with customers.

Security is one of the most significant mobile device challenges both for consumers and for enterprises. Although mobile-commerce is growing rapidly (to $25b in the US alone), 60% all retail transactions that get to the checkout stage are abandoned with security as one of the main causes, according to recent data.

As corporate data on the device co-mingles with user data on a personal device, it becomes challenging for enterprises to impose restrictions on the use of devices. About 40% of adults do not protect their smartphones with a passcode, with married adults that number goes up to 45%.
In order to address security challenges, IT should be able to define and enforce policies that meet security and privacy standards to protect intellectual property, other corporate assets and optionally, personal employee data.

There are three things to consider while implementing security in the new mobile age:

  1. Implement a strong identity management system that allows one to manage users and ensure that they are able to access information based on the principle of least privilege to carry out the necessary tasks.
  2. Implement an access management solution to secure data based on who is accessing it and the risk profile of that specific transaction.
  3. Implement a mobile security solution that will help secure data on the device and ensure corporate security policies are enforced on the device from which assets are being accessed.

In essence, organizations need to ensure that application data is secured based on the user accessing it and the device and location from which it is being secured. Securing the device and the user identity, in isolation, is not sufficient.

Interested in following security blog more closely, check out the Oracle Identity Management blog here

Monday Mar 31, 2014

Enterprise Apps - The Snowball

Author: Martin Cookson, EMEA Director for Mobility

The smartphone has really taken hold within the enterprise. With initiatives such as BYOD (bring your own device) and COPE (corporate owned, personally enabled) in typical knowledge worker industries every professional employee will have a smartphone and/or tablet.  The intelligence of these mobile devices comes down to apps. Currently most of the apps that people use are developed by third parties – and downloaded from public app stores.

Enterprise employees use their mail app, Evernote, LinkedIn, Twitter, Calendar and Contacts to name a few as business apps. Of course we have to get the security right for these dual-usage apps (watch out for future blog posts on this!) but there is immense amount of value from app such as these.

But what about apps developed by the enterprise for their own use? Here we see we have only just scratched the surface. In a survey done my MGI Research in 2012 they stated that 70% of enterprises had only 5 or less apps in development. Now in 2014 the number has probably increased slightly but the opportunity for custom built mobile apps is massive.

For B2C enterprises can provide apps for any customer contact point e.g. for eCommerce or self-service support. Any product or service that is sold could have a mobile app to go with it. Certainly your next new car or smart TV will likely have a mobile app to go with it.

For B2E and B2B, any interaction with a process or system could have a mobile app – allowing freedom in the way that employees work, improving efficiency and provide immediate access to enterprise data. Mobile apps can enhance the collaboration of mobile teams  - providing enterprise social networks and secure data and documentation sharing.

My experience working with customers on their mobile strategy is that they always have candidates for their first mobile apps – they are able to make the first snowball – if you will. Oracle helps them put these ideas into action using the Oracle Mobile Platform – a process we coin “App Fast.”

But if for some reason you can’t identify your first snowball here are some of the typical common first enterprises apps we have helped customers’ develop. They are not always large – remembering the preference for micro apps in mobile -  but they start the snowball rolling!

  1. Approvals - Allow managers to be alerted, review, and quickly take action on: people  moves, expenses, requisition requests, decisions etc.. Often the approvals span multiple back end-systems.
  2. Inspection App - Allows field workers to check status of sites, following set inspection processes including data. This is very popular with examples in: port inspections, restaurants, building sites, retails spaces etc.  The apps can use location and camera to improve the information capture.
  3. Requisitions - Many utility and field engineer applications. For example checking availability of spare parts, scanning component details, ordering parts from the field.
  4. Citizen Self-Serv - There is many examples of this in the public sector as municipal and regional governing bodies look to provide more contact to citizens and service them better. These apps allow reports of potholes in the road, street lighting not working. They provide location of local amenities and provide real time information from transport networking and parking.
  5. I am sick today - For workers operating shifts for example in manufacturing or retail shop workers providing a slick process for informing others when a worker is not able to come to work. The HR sickness reporting is incorporated into the process but then the person responsible for rescheduling rotas as well as the colleagues of the worker is also informed. The app can also capture the location of where the ill worker is when they report the illness … just as a check that the absence is valid.

For each of the apps customers have to have the technology to develop the apps securely but perhaps most importantly it is getting the organization to think mobile and to realist the incredible enterprise mobile opportunity.

Tuesday Oct 15, 2013

Unleashing Your Mobile Workforce

Author: Kevin Moulton, Oracle

Your employees use their smartphones and tablets in every aspect of their lives. The days of carrying a second mobile device for corporate calls and emails are over. They don't want to carry multiple devices to do the same job, and they sure don't want to have to go to the office or go back to their desk just to access some corporate application. They want mobile access!

Sure, you have to deal with the challenges of BYOD, but that's for another day. Today, let's talk about how to get your employees what they are demanding. In other words, how do you unleash your mobile workforce?

There are many advantages. Think of your employees out in the field, in the showroom with your customers, or on your manufacturing floor, with all of the data they need to answer questions, make decisions, or write proposals right at their fingertips. Think about the efficiency of your business processes when your employees can complete their workflow tasks anytime, and from anywhere.

Developing Mobile Apps

Oracle ADF Mobile allows you to quickly develop applications using your existing HTML, CSS and Java skills that can be deployed to iOS and Android. There is no need to train or hire staff to write native mobile OS code.  ADF Mobile uses HTML5 for displaying content and Java for business logic. Write the code once, and you have an app that will work on the Apple and Android smartphones and tablets that your employees own and carry. ADF Mobile will render the content appropriately for whatever device the content need be displayed on. In this way, ADF mobile gives you the flexibility of a mobile web app combined with the control of the device capabilities of a native app, such as camera control, location services, and contacts. It is truly the best of both worlds.

Connecting to Back-End Data

The key to a successful mobile workforce is access to applications and data. You want your employees to have access to what they need to get their jobs done without having to go back to the office or back to their desks. Most mobile apps will connect to an application server in order to retrieve, create, and modify data. With ADF Mobile and Weblogic, you can connect to your back-end data with REST-based web services. Weblogic Server supports the WebSocket protocol, included in the HTML5 standard, which allows the client and the server to send data independently of one another over a single connection.

While REST and JSON can be used to connect your mobile apps to your back-end data, enterprise applications are generally not built using these technologies. You need a translator to mediate the changes in protocol and data formats between the mobile apps and your back-end applications. Oracle Service Bus is that mediator. 

Oracle Service Bus can provide a connection via many protocols, including REST, SOAP, HTTP, JMS, RMI, and FTP. Adapters are available for numerous applications, including E-Business Suite, PeopleSoft, Siebel, and SAP.

Business Process Management

Human interaction is often required to complete a business process. For example, expense reports must be approved by managers, tasks need to be routed through different departments, and purchases need to be requested, approved, and fulfilled. With your mobile workforce, your employees will demand the ability to complete their workflow tasks on their smartphones and tablets.  Oracle Business Process Management (BPM) can accomplish your workflow needs, and BPM includes a task list application for iPad, iPhone, and Android.


The pressure to provide mobile access to enterprise applications is growing by the day.  Oracle Fusion Middleware provides all of the components you need to build mobile apps and give them access to your back end applications and data.

Oracle provides a complete solution to unleash your mobile workforce.

About the Writer:

Kevin Moulton has been in the IT industry for more than 25 years, and with Oracle for 7 years. Kevin is responsible for facilitating technology discussions on social and mobile technologies. He is also a Distinguished Toastmaster. Follow Kevin on Twitter at, where he sometimes tweets about technology, but might also tweet about running, beer, food, baseball, football, good books, or whatever else grabs his attention. Kevin is a regular contributor to this blog so stay tuned for more posts from him.

Wednesday Sep 18, 2013

OOW General Session: Change the Game – Embrace BYOD!

Author: Rimi Bewtra, Senior Director, Oracle

Mobile is a game changer … it has changed our lives … the way we live, work, communicate and connect. Enterprises realize they need to meet the growing demand for simplicity, speed, security and scalability – from their customers, partners and employees. To do this, organizations must embrace a platform that supports any app on any device, integrated to any data source with complete security.

Join us for:

General Session: Simplify Mobile Innovation with Oracle Fusion Middleware [GEN8994]

Date: Tuesday, Sept. 24, 2013

Time: 10:30 AM – 11:30 AM

Location: Moscone South - 309

We have invited our customers and partner to join us on stage to share how they are mobile enabling existing applications for their customers, employees and other partners. In this session, you will get a better understanding of how organizations are simplifying their mobile application architecture and defining their enterprise mobility strategy? Oracle Mobile Platform, built on Oracle Fusion Middleware, is a proven platform for developing, deploying, integrating, securing, and managing enterprise applications easily and cost effectively.

Mobile is everywhere and Oracle Open World 2013 is no exception! For More details on this and other Mobile sessions, download your copy of the Focus On Mobile document.

Monday Mar 18, 2013

Do you Trust Social, Mobile, Cloud?

Identity Management Product Marketing Team

The last decade or so there has been a complete transformation in the way we work or how we consume information. Work is no longer about geography, it is an activity. “Company resources” are not just servers and systems in your server room, these could be in a data center, in the cloud or even the employees’ smart phones, iPads, tablets and more. Users of these “company resources” could be employees with physical badges, vendors, partners or customers connecting through the social media channels as Facebook, Twitter or Pinterest. Work can happen anywhere, via any device, through any network (intranet/social media channels/internet) leveraging company resources.

And why are organizations adapting this “work anywhere, anytime” model? The reasons are plenty - to improve efficiency, bring agility, build user productivity, offer seamless user experience to its customers or to simply establish a trust relationship with the customer. Social, Mobile and Cloud (SoMoClo) together is a business opportunity, a competitive advantage that organizations are seeking. And Security is the lynchpin in this new work order. Without a secure, seamless digital experience, it all falls apart.

With each new experience, the security risk increases. Each channel presents its own security points of failure. How can my company enable social trust as a means of connecting to customers & employees? How do I accommodate dynamic workgroups and teams of people around the globe that need to be part of my value chain? Is the Bring Your Own Device (BYOD) threatening the security of my digital and intellectual property? How can I securely connect mobile devices to my enterprise without compromising security? Are my applications secure enough to be cloud ready?

The security solution, thus, needs to scale and span across all the channels, encompass the growing breadth of both the “company resources” and the user population. The solution needs to provide the foundation (a platform) that feeds uniform security policies and extends identity context to the complete digital experience.

Naresh Persaud, Director, Security and Identity Management at Oracle, discusses the IT transformation driven by SoMoClo and underscores the need for a sound security solution. Catch this brief screencast on Securing the New Digital Experience to learn how the latest advances in Oracle Identity Management and Oracle Fusion Middleware solutions are fueling the transformation that is driving innovation in IT today.

Engage with Us


Get the latest on all things Middleware. Join Oracle's Middleware Community today.

Find Us on facebook Follow us on twitter Catch Us on YouTube 


« October 2015