Solution Extension Best Practices: Subject Matter Expert...

Solution Extension Best Practices:

Protecting and Securing Your Mobile

Applications

Subject Matter Expert:

Scott Bonnell

Vice President,

Mocana

© 2014 SAP AG. All rights reserved. 2

SAP Mobile Secure An integrated, cloud-based EMM solution

Operating System

Mobile Device Management

Network Connectivity

*Secure Mobile Gateway*

Network Access Control

Data & Applications

Mobile App Management

*Mobile App Security*

Mobile Content Management

Data Loss Prevention

Mobile App Reputation

SAP HANA Enterprise Cloud with complete enterprise integration


Leaders in mobile security

Focus on User

Experience

Transform the mobile user

experience considering all

aspects of the user’s interaction

with products, systems,

processes, and services.

Increase Mobile App

Usage

Drive mobile app usage and

employee productivity for the

success of large scale SAP

Business Suite investment.

App Level Security

within a Broad EMM

portfolio

Provide the foundation for

consuming future enterprise

data. Focus on management

of content, apps and devices.

Mocana and SAP: Vision to improve the user experience


The Usage Gap for Enterprise Mobile Apps

Mobile App Usage in the enterprise is severely impacted due to lack of

beautiful user experience balanced with simple enterprise integration

Driving mobile app usage and employee productivity is critical for the success

of large scale mobile investment

26%*

Employees using

corporate apps report

loss of productivity

43%*

Employees abandon

corporate mobile

apps


EULA, App

Expiration

Per-App VPN Jailbreak/

Rooting

Detection

Geo-fencing Data At Rest

Encryption Secure

Data Transfer

SAP Mobile App Protection Secure the app, its data, and the connection to the enterprise

Disable app when the device is

compromised by jail breaking or rooting

Restrict app usage

to a geographic location

FIPS 140-2 certified encryption for all data

storage. Prevent malware and rogue apps

from accessing sensitive data

Restricts copy and paste to

unsecured area of device

Secure VPN tunnel to

enterprise network

prevents rogue apps and

malware from gaining

unwanted access User

Authentication

Enterprise

App

Passcode policy

enforcement expiration,

lock-out and help-desk

assisted passcode reset

End user license agreement

enforcement, lock-out with app expiration

Federation of apps

Secure transfer among federated

wrapped apps on the device

Mocana Secure Enterprise Browser

Hybrid/Web Apps

3rd Party Apps

Custom B2E/B2B Apps


SAP Mobile App Protection Zero-to-secure in seconds

SAP Mobile App Protection

Web Console and Server

IT Admin/LoB

1. Upload Enterprise App 2. “Point and Click” Policies 3. Distribute Wrapped App

Mobile device mgmt

Mobile app mgmt

Enterprise app store

E-mail

Intranet

□ Passphrase

Secure copy-paste

Per-app VPN

□ SSL reverse proxy

DAR encryption

FIPS 140-2

□ Lockout recovery

□ Single sign-on

Managed or

Unmanaged User Devices

Data wipe

□ Jailbreak detection

□ Location masking

□ Geofencing

□ App expiration

User agreement

□ App federation


Secure enterprise browser

Mobilize web apps instantly and securely

Extend access to existing SharePoint, corporate intranet sites, web apps, and portals

Provide seamless access to sensitive data across any mobile device

Apply security policies to customize and configure the Browser's security

Extend mobile web apps to unmanaged devices


Pairing SAP Mobile App Protection with Mocana Atlas

Drive Mobile Usage in the Enterprise At Scale SAP Mobile App Protection paired with Mocana Atlas

securely simplifies enterprise integration and connectivity.

One Time Simple

Access Setup

Tap and Go

Always ON

Always

Connected

Security Post-

Development (FIPS 140-2, Dual

Authentication, SSO)

Scales Smoothly for

Large Enterprise

Deployments

End To End

Visibility


Tap and Go

Tap

and

Go

Mobile Apps with SAP Mobile App

Protection paired with Atlas Current App Login Experience

Cumbersome Login Experience

Many screens, Many seams

1 Tap To Connect

Strong Security, Transparent to User


Customer case study: Consumer Packaged Goods

Customer Background

• Multinational consumer packaged goods company

• Over 15,000 mobile users

• Portfolio of over 50 mobile apps

Key Requirements and Use Cases

• Mobilizing SAP Fiori and other custom apps

• User experience was top priority

• Simplify pen testing process for dozens of mobile apps

• Solution to pair with MDM, but have flexibility to use for extended enterprise in future

Mocana 360 1

0

Why SAP + Mocana?

– Ability to achieve a balance between development, security, and usability

– Avoid cost and time of penetration testing for mobile apps

– User is authenticated once and then gets a certificate to authenticate to all backends


Customer case study: Retail Industry

Customer Background

• Retail vendor delivers services to

approximately 125 million customers

• 300,000 employees


• Protect apps on tablets at retail Point-of-

Sale locations

• PCI & FIPS 140-2 compliance

• Secure email / browsing

• Multi-factor authentication

• Deliver cohesive security for apps across

multiple MDMs and unmanaged devices

Mocana 360 1

1

Why SAP + Mocana?

– Cross-platform support for iOS and Android

– Uniform app security regardless of which (or whether) an MDM solution was being used

– Mobile analytics and visibility

– Ability to support rapid deployment of new apps and user populations

– Best-in-class security


Customer case study: Insurance industry

Customer Background

Large European financial services firm

Over 10,000 mobile users


• Field worker app that allows taking

pictures and submitting claims real-

time while meeting with customers

• Mobilizing SAP Fiori

• Secure browser for Intranet access

• Secure third-party email

Mocana 360 1

2

Why SAP + Mocana?

– Seamless user experience particularly easy enrollment of new users and devices, and one-tap access

– Ability to deliver consistent user experience and security policy across multiple operating systems

– Willingness to co-innovate on business critical requirements

Let’s Win Together!

Have a Great 2010!

THANK YOU!

QUESTIONS?

FOR FURTHER INFORMATION PLEASE CONTACT:

MILJA GILLESPIE

[email protected]

mailto:[email protected]



Mobile Application Protection Challenges

Facts needed –why does this matter??

Things to consider – 3-4


SAP Mobile Secure An integrated, cloud-based EMM solution

Operating System

Mobile Device Management

Network Connectivity

*Secure Mobile Gateway*

Network Access Control

Data & Applications

Mobile App Management

*Mobile App Security*

Mobile Content Management

Data Loss Prevention

Mobile App Reputation

SAP HANA Enterprise Cloud with complete enterprise integration


Leaders in mobile security

Invented App

Wrapping

Mocana’s platform is

the most widely-

deployed embedded

security technology in

the world

Dozens of patents

granted and pending.

#1

Android Leader

Mocana technology

ships in 5 of the top 7

Android OEMs (over

70% of all Android

handsets).

Recognized By

Analysts

“App enablement is a

growing market cutting

across key B2C, B2B and

B2E organizations. SAP's

end-to-end mobile

portfolio and Mocana's

app wrapping technology

are expected to help

enterprises accelerate the

deployment of game-

changing mobile

applications.”

Why SAP partnered with Mocana?


SAP Mobile App Protection Overview

SAP Mobile App Protection by Mocana helps organizations accelerate mobile initiatives by

automating app security. App wrapping technology enables enterprises to quickly secure

existing corporate and third-party applications without having to write any code. *

Increase flexibility Meet strict regulations Speed mobile initiatives

Ensure security when

managing the device isn’t

ideal (for example, BYOD)

and when building B2B

apps

Accelerate app adoption:

no coding or security

expertise required.

Eliminate security

bottlenecks for operational

app deployments at scale

Protect corporate data and

meet compliance and audit

requirements in highly

regulated industries with

additional encryption and

security requirements

* Available on-premise or in the cloud.


EULA, App

Expiration

Per-App VPN Jailbreak/

Rooting

Detection

Geo-fencing Data At Rest

Encryption Secure

Data Transfer

SAP Mobile App Protection Secure the app, its data, and the connection to the enterprise

Disable app when the device is

compromised by jail breaking or rooting

Restrict app usage

to a geographic location

FIPS 140-2 certified encryption for all data

storage. Prevent malware and rogue apps

from accessing sensitive data

Restricts copy and paste to

unsecured area of device

Secure VPN tunnel to

enterprise network

prevents rogue apps and

malware from gaining

unwanted access User

Authentication

Enterprise

App

Passcode policy

enforcement expiration,

lock-out and help-desk

assisted passcode reset

End user license agreement

enforcement, lock-out with app expiration

Federation of apps

Secure transfer among federated

wrapped apps on the device

Mocana Secure Enterprise Browser

Hybrid/Web Apps

3rd Party Apps

Custom B2E/B2B Apps


SAP Mobile App Protection Zero-to-secure in seconds

SAP Mobile App Protection

Web Console and Server

IT Admin/LoB

1. Upload Enterprise App 2. “Point and Click” Policies 3. Distribute Wrapped App

Mobile device mgmt

Mobile app mgmt

Enterprise app store

E-mail

Intranet

□ Passphrase

Secure copy-paste

Per-app VPN

□ SSL reverse proxy

DAR encryption

FIPS 140-2

□ Lockout recovery

□ Single sign-on

Managed or

Unmanaged User Devices

Data wipe

□ Jailbreak detection

□ Location masking

□ Geofencing

□ App expiration

User agreement

□ App federation


Best Practice Example: (customer name)


Secure enterprise browser

Mobilize web apps instantly and securely

Extend access to existing SharePoint, corporate intranet sites, web apps, and portals

Provide seamless access to sensitive data across any mobile device

Apply security policies to customize and configure the Browser's security

Extend mobile web apps to unmanaged devices


The Usage Gap for Enterprise Mobile Apps

Mobile App Usage in the enterprise is severely impacted due to lack of

beautiful user experience balanced with simple enterprise integration

Driving mobile app usage and employee productivity is critical for the success

of large scale mobile investment

26%*

Employees using

corporate apps report

loss of productivity

43%*

Employees abandon

corporate mobile

apps


Pairing SAP Mobile App Protection with Mocana Atlas

Drive SAP Fiori Mobile Usage in the Enterprise At Scale

One Time Simple

Access Setup

Tap and Go

Always ON

Always

Connected

Security Post-

Development (FIPS 140-2, Dual

Authentiation, SSO)

Scales Smoothly for

Large Enterprise

Deployments

End To End

Visibility


Best Practice Example: (customer name)


SAP Fiori,

SAP MoBI and

other mobile apps

SAP Mobile App Protection paired with

Atlas

Elegantly

Mobilized

Experience

One Time

Simple Access

Setup

Tap To Go

Always On

Always

Connected

Improving the user experience


Tap and Go

Tap

to Go

Mobile Apps with SAP Mobile App

Protection paired with Atlas Current App Login Experience

Cumbersome Login Experience

Many screens, Many seams

1 Tap To Connect

Strong Security, Transparent to User

Let’s Win Together!

Have a Great 2010!

THANK YOU!

QUESTIONS?

FOR FURTHER INFORMATION PLEASE CONTACT:

MILJA GILLESPIE

[email protected]



Solution Extension Best Practices: Subject Matter Expert...

Documents

Transcript of Solution Extension Best Practices: Subject Matter Expert...