Monday May 05, 2014

Identity Enabling Mobile Security

Authored by Suresh Sridharan, Business Manager, Security

Smart Connected Device Growth: The growth of smartphones and tablet devices has been phenomenal over the past 4 years. Global smartphone shipments have grown extensively from approximately 100m units in 2010 to 725m units in 2012, reaching 1b devices in January 2014. Simultaneously, tablet shipments have grown from 5m units in 2010 to approximately 125m units in 2012. Tablet numbers are likely to touch 400m units by 2017.

This explosion in the shipment of smart connected devices has also led to a significant change in users’ behavior and expectations.

In a corporate environment, the phenomenon of Bring Your Own Device (BYOD) is gaining momentum. Gartner predicts that 38% of all organizations will have an “all BYOD” policy by 2016, up from 6% today (2014). If the same device is being used for both personal and work purposes, users will expect the same experience across corporate and personal apps. Further, employees regularly use similar apps for both business and personal purposes examples include: WhatsApp, Skype and Facebook..

Mobile devices present benefits both for organizations and for individuals. Surveys show that a BYOD policy helps employee gain an extra 37 minutes of productive time every week. To increase sales productivity, some of our customers are mobile-enabling sales teams to ensure that they have access to the latest information when they meet with customers.

Security is one of the most significant mobile device challenges both for consumers and for enterprises. Although mobile-commerce is growing rapidly (to $25b in the US alone), 60% all retail transactions that get to the checkout stage are abandoned with security as one of the main causes, according to recent data.

As corporate data on the device co-mingles with user data on a personal device, it becomes challenging for enterprises to impose restrictions on the use of devices. About 40% of adults do not protect their smartphones with a passcode, with married adults that number goes up to 45%.
In order to address security challenges, IT should be able to define and enforce policies that meet security and privacy standards to protect intellectual property, other corporate assets and optionally, personal employee data.

There are three things to consider while implementing security in the new mobile age:

  1. Implement a strong identity management system that allows one to manage users and ensure that they are able to access information based on the principle of least privilege to carry out the necessary tasks.
  2. Implement an access management solution to secure data based on who is accessing it and the risk profile of that specific transaction.
  3. Implement a mobile security solution that will help secure data on the device and ensure corporate security policies are enforced on the device from which assets are being accessed.

In essence, organizations need to ensure that application data is secured based on the user accessing it and the device and location from which it is being secured. Securing the device and the user identity, in isolation, is not sufficient.

Interested in following security blog more closely, check out the Oracle Identity Management blog here

Monday Mar 31, 2014

Enterprise Apps - The Snowball

Author: Martin Cookson, EMEA Director for Mobility

The smartphone has really taken hold within the enterprise. With initiatives such as BYOD (bring your own device) and COPE (corporate owned, personally enabled) in typical knowledge worker industries every professional employee will have a smartphone and/or tablet.  The intelligence of these mobile devices comes down to apps. Currently most of the apps that people use are developed by third parties – and downloaded from public app stores.

Enterprise employees use their mail app, Evernote, LinkedIn, Twitter, Calendar and Contacts to name a few as business apps. Of course we have to get the security right for these dual-usage apps (watch out for future blog posts on this!) but there is immense amount of value from app such as these.

But what about apps developed by the enterprise for their own use? Here we see we have only just scratched the surface. In a survey done my MGI Research in 2012 they stated that 70% of enterprises had only 5 or less apps in development. Now in 2014 the number has probably increased slightly but the opportunity for custom built mobile apps is massive.

For B2C enterprises can provide apps for any customer contact point e.g. for eCommerce or self-service support. Any product or service that is sold could have a mobile app to go with it. Certainly your next new car or smart TV will likely have a mobile app to go with it.

For B2E and B2B, any interaction with a process or system could have a mobile app – allowing freedom in the way that employees work, improving efficiency and provide immediate access to enterprise data. Mobile apps can enhance the collaboration of mobile teams  - providing enterprise social networks and secure data and documentation sharing.


My experience working with customers on their mobile strategy is that they always have candidates for their first mobile apps – they are able to make the first snowball – if you will. Oracle helps them put these ideas into action using the Oracle Mobile Platform – a process we coin “App Fast.”

But if for some reason you can’t identify your first snowball here are some of the typical common first enterprises apps we have helped customers’ develop. They are not always large – remembering the preference for micro apps in mobile -  but they start the snowball rolling!

  1. Approvals - Allow managers to be alerted, review, and quickly take action on: people  moves, expenses, requisition requests, decisions etc.. Often the approvals span multiple back end-systems.
  2. Inspection App - Allows field workers to check status of sites, following set inspection processes including data. This is very popular with examples in: port inspections, restaurants, building sites, retails spaces etc.  The apps can use location and camera to improve the information capture.
  3. Requisitions - Many utility and field engineer applications. For example checking availability of spare parts, scanning component details, ordering parts from the field.
  4. Citizen Self-Serv - There is many examples of this in the public sector as municipal and regional governing bodies look to provide more contact to citizens and service them better. These apps allow reports of potholes in the road, street lighting not working. They provide location of local amenities and provide real time information from transport networking and parking.
  5. I am sick today - For workers operating shifts for example in manufacturing or retail shop workers providing a slick process for informing others when a worker is not able to come to work. The HR sickness reporting is incorporated into the process but then the person responsible for rescheduling rotas as well as the colleagues of the worker is also informed. The app can also capture the location of where the ill worker is when they report the illness … just as a check that the absence is valid.

For each of the apps customers have to have the technology to develop the apps securely but perhaps most importantly it is getting the organization to think mobile and to realist the incredible enterprise mobile opportunity.
About

Get the latest on all things Middleware. Join Oracle's Middleware Community today.

Find Us on facebook Follow us on twitter Catch Us on YouTube 

Search

Categories
Archives
« July 2015
SunMonTueWedThuFriSat
   
1
2
3
4
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
 
       
Today