This document discusses best practices for mobile application development. It recommends leveraging popular frameworks to accelerate front end development of hybrid apps. It also recommends using simulation for rapid design, development and testing to minimize risks. The document advocates adopting an integrated, collaborative mobile development environment to reduce time to customer feedback and accelerate software delivery. It provides an overview of components needed for essential development, runtime and client device services like messaging, analytics and security capabilities.
Mobile trends and academic opportunities presented at Strathmore and JKUAT Universities in Nairobi Aug 2013
1. Š 2013 IBM Corporation
First
#IBMMobile
IBM MobileFirst
Put your business in motion.
2. Š 2013 IBM Corporation2
First
#IBMMobile#IBMMobile
Agenda
What does SoMoClo mean?
3
1
2
4 Do I need to worry about security?
What are the trends in mobile?
Are there any best practices for mobile development?
5 What is the IBM Academic Initiative?
3. Š 2013 IBM Corporation3
First
#IBMMobile
96% of GenYers
have joined
a social network
9.6 Billion
connected
devices
2.5 Quintillion
bytes of new data
generated daily
Internet of information Internet of engagement Internet of âthingsâ
The planet is getting smarter
4. Š 2013 IBM Corporation4
First
#IBMMobile
Sources: IBM analysis, Ponemon Institute and Symantec Research
Significant shifts are giving rise to new opportunities and risks
Customers who shop on tablets tend to spend
21% more than those who shop on computers.
A data breach costs a company, on average, $5.5 million
5. Š 2013 IBM Corporation5
First
#IBMMobile
Social
Cloud
Mobile
Internet of Things
Big
Data
Business
Customers lďŹ Partners lďŹ Employees
New technologies present opportunities for business
6. Š 2013 IBM Corporation6
First
#IBMMobile
Systems of Interaction
Continuous client
experience
Partner value chainCloud-based
Services
Systems of Engagement Systems of Record
Internet of Things
CRM HR
DB ERP
A new kind of system is required
7. Š 2013 IBM Corporation7
First
#IBMMobile#IBMMobile
Mobile is primary
91% of mobile users keep
their device within arm s
reach 100% of the time
Insights from mobile
data provide new
opportunities
75% of mobile shoppers
take action after receiving a
location based messages
Mobile is about transacting
96% year to year increase in mobile cyber
Monday sales between 2012 and 2011
Mobile must create a
continuous brand
experience
90% of users use multiple
screens as channels come
together to create
integrated experiences
Mobile enables the
Internet of Things
Global Machine-to-machine
connections will increase
from 2 billion in 2011 to 18
billion at the end of 2022
Five mobile trends with significant implications for the enterprise
8. Š 2013 IBM Corporation8
First
#IBMMobile
35% of developers are currently
targeting tablets, with more than
90% plan to develop for tablets
in the near future.
Nearly 90% of developers
are currently extending
enterprise apps to mobile
or plan to in the near future.
In the next 12 months
77% of developers will
be focused on Hybrid
application development.
More than 100M people
upgraded to iOS6 in the first
week (September, 2012)
Source: Evans Data Mobile Developer Survey Mobile Development Report 2012 Volume
Source: Business Insider (September 2012)
25+ Almost all expect
to deploy more than 25 mobility
applications in the next two years
29% of mobile developers currently
focus on Hybrid app development
with another 49% expected to
focus on it in the next year.
Mobile application development is a top priority for businesses
9. Š 2013 IBM Corporation9
First
#IBMMobile
Recent VentureBeat survey: HTML5 vs native for mobile
Surveyed 4,034 Mobile App Developers:
§ď§âŻ 94% plan are using or plan on using HTML5 in
next 12 months for mobile app development
§ď§âŻ Familiarity and knowledge of existing web
development tools is #1 reason to use HTML5
§ď§âŻ Cross Platform support is second most important
reason to use HTML5 for mobile app development
10. Š 2013 IBM Corporation10
First
#IBMMobile
have major skill gaps
in mobile, business
analytics, and security
* Includes business analytics, mobile computing, social business, and cloud computing
Sources: IBM Tech Trends report 2012, Enterprise Strategy Group, CompTIA
Among organizations worldwide todayâŚ
has all the skills it needs to be
successful applying advanced
technology* for business benefit
An acute shortage of skills threatens business ability to
address emerging opportunities and risks
The Next Generation Software Engineer
Employs the skills and methodologies
needed to keep pace with the rapidly
evolving software engineering discipline
65% of enterprises face a shortage
of mobile development skills today
Mobile Dev
11. Š 2013 IBM Corporation11
First
#IBMMobile
Industry Solutions
IBM & Partner Applications
Banking! Insurance! Transport! Telecom! Government!Retail! Healthcare! Automotive!
Application & Data Platform
Strategy&DesignServices
Cloud & Managed Services
Devices! Network! Servers!
Development&IntegrationServices
Management AnalyticsSecurity
IBM MobileFirst offering portfolio
12. Š 2013 IBM Corporation12
First
#IBMMobile#IBMMobile
What does SoMoClo mean?
3
1
2
4 Do I need to worry about security?
What are the trends in mobile?
Are there any best practices for mobile development?
5 What is the IBM Academic Initiative?
13. Š 2013 IBM Corporation13
First
#IBMMobile
Social
CloudMobile
Social + Mobile + Cloud
§ď§âŻ Cloud is the delivery, mobile is the ubiquitous access, and social is the personal
engagement
§ď§âŻ SoMoClo (social, mobile and cloud) is the convergence of collaborative, on-the-go
technologies that allow users to access data and applications from anywhere at any time.
14. Š 2013 IBM Corporation14
First
#IBMMobile#IBMMobile
60 Second Primer on Cloud
Infrastructure / IaaS
Platforms / PaaS
Applications / SaaS
Cloud Applications = SaaS
15. Š 2013 IBM Corporation15
First
#IBMMobile
Forecast: Global Public Cloud Market Size, 2011 To 2020
16. Š 2013 IBM Corporation16
First
#IBMMobile#IBMMobile
Mobile cloud services
Mobile cloud services are high-value middleware capabilities
designed to be consumed by mobile applications.
For example, a Passes service would enable businesses to easily
engage with consumers by sending them loyalty coupons, tickets,
etc.
MyApp
Boarding
Store Card
Event
Coupon
17. Š 2013 IBM Corporation17
First
#IBMMobile#IBMMobile
Social
If mobile devices are the platform, social media is the glue
that keeps people engaged
Commenting allows users to engage with friends and
communities, and provides valuable earned media for you
Location-based promotion is fun, low-commitment, and
also provides indirect endorsement
And social integration also provides another major benefitâŚ
18. Š 2013 IBM Corporation18
First
#IBMMobile#IBMMobile
User recognition
â˘âŻ Unique visitor counts often highly inflated
â˘âŻ Logging in is a pain!
Use social sign-on to register and remember user
device(s)
Better yet: capture registration information at
mobile app download/activation!
19. Š 2013 IBM Corporation19
First
#IBMMobile#IBMMobile
Encourage users to engage socially
â˘âŻ Offer value in exchange for social permission
â˘âŻ Add gamification â check-ins, badges, awards
â˘âŻ Make opt-in seamless, easy, and safe!
â˘âŻ But beware your customersâ wrath â and use the data if
you collect it!
20. Š 2013 IBM Corporation20
First
#IBMMobile#IBMMobile
What does SoMoClo mean?
3
1
2
4 Do I need to worry about security?
What are the trends in mobile?
Are there any best practices for mobile development?
5 What is the IBM Academic Initiative?
21. Š 2013 IBM Corporation21
First
#IBMMobile
Why mobile development is different
â˘âŻ Smaller screens pulling content from more
sources: need to choreograph content from
multiple repositories and applications , both on
premises and in the cloud
â˘âŻ Greater challenges of application governance,
distribution, and version management
â˘âŻ AppStore Terms of Service present challenges
for managing B2C apps
Development is different.Mobile apps are different.
â˘âŻ They are more strategic â Greater urgency
urgency and immediacy of engagement
â˘âŻ They are context-aware âknow where you are and
what you are doing
â˘âŻ They run on unstable networksâinterruption is the
norm, not the exception
â˘âŻ Smaller footprint â More challenging to make
compelling and easy to use
â˘âŻ Always on â An opportunity to deliver greater value
Management is different.
Security is different.
â˘âŻ Faster development cycles
â˘âŻ More devices to support, each with its own set
of capabilities, OS and UI behaviors
â˘âŻ More development approaches to choose from
â Web, HTML, Native
â˘âŻ More third-party and open-source tools,
frameworks and libraries to choose from
â˘âŻ Greater risks of exposing applications and data
on small, light and always on portable devices
â˘âŻ Greater authentication challenges associated
with content mashups
â˘âŻ AppStore Terms of Service can limit security
options
22. Š 2013 IBM Corporation22
First
#IBMMobile
Cross-Platform
Development
Catalog
Management
App
Versioning
Push
Notifications
Analytics
Integration
Security
~30%
Â
~70%
Â
Overall
 EďŹort
Â
User Interface
Beyond the UI â Why you need a comprehensive strategy
23. Š 2013 IBM Corporation23
First
#IBMMobile
Scan & Certify!
Instrument!
Test!
Integrate!Obtain Insight!
Manage!
Deploy!
Design & Develop!
The IBM mobile application development lifecycle
24. Š 2013 IBM Corporation24
First
#IBMMobile#IBMMobile
What a mobile architecture looks like
Systems
 of
Â
Record
 Data
Cloud
 Services
(includes
 APNS,
Â
GCM,
 etc.)
Social
Â
Integration
3rd
 Party
Â
Partners
Omnichannel
Â
Experience
Mobile
Gateway
Proxy
VPN
System
 of
 Engagement
Â
Data
 (NoSQL)
Cache
SSO
User
 RegistrySecure
 Zone
Mobile
 Middleware
App
 runtime
(client
 &
 server)
Management
Data
 Access Analytics
Engagement
Logic
App
Distribution
App
 Production
Tools
Testing
(Automated
 &
Â
Field
 Driven)
App
Â
Certification
Device
OS
Native
Â
Sandbox
Hybrid
HTML
 /
Â
CSS
 /
 JS
Client
Â
Runtikme
25. Š 2013 IBM Corporation25
First
#IBMMobile
Mobile Lifecycle
Management & Testing
Data Access
& Integration
Building & Deploying
Mobile Apps
§ď§âŻSecure code and reuse across
platforms
§ď§âŻManagement needs for
B2C / B2B / B2E
§ď§âŻAnalytics & continuous
improvement
§ď§âŻAddress multi-channel and
multi-tier
§ď§âŻRapid Prototyping
§ď§âŻAccess to device inventory
§ď§âŻTest automation & planning
§ď§âŻLifecycle management
§ď§âŻTeam collaboration
§ď§âŻFit within existing enterprise
development process
§ď§âŻShort project cycles &
integration effort
§ď§âŻDifferent data usage
patterns for mobile
§ď§âŻContent delivered in context
§ď§âŻDriving engagement (push)
across multi-tier systems
How do I develop &
deliver across platforms?
How do I test and manage
the lifecycle of the app?
How do I integrate into
existing systems?
Understand that mobile is different
Mobile application development imperatives and challenges
26. Š 2013 IBM Corporation26
First
#IBMMobile
Mobile Lifecycle
Management & Testing
Data Access
& Integration
Building & Deploying
Mobile Apps
§ď§âŻRequirements
Collect user requirements
and feedback
§ď§âŻCollaborate
Coordinate agile
development teams
§ď§âŻTest
Automated test for mobile
devices
§ď§âŻDeploy
Push to production with
controlled distribution
§ď§âŻContinuous Experience
Gather continuous feedback
from user and iterate
§ď§âŻDefine Endpoints
Choose backend and
cloud application
§ď§âŻIntegrate
Rapidly connect to back end
and combine data
§ď§âŻConvert
Deliver back end data in
mobile friendly format
§ď§âŻPush
Receive events from back
end and push to appropriate
device
§ď§âŻSynchronize
Keep data in sync while
off line
§ď§âŻPlan
Plan project scope and goal
§ď§âŻDesign
Define user experience for
mobile and use latest
device features
§ď§âŻBuild
For cross platform and
manageability
§ď§âŻSimulate
Ensure app functionality
and usability
§ď§âŻPost for review
Gather feedback from stake
holders
Think through mobile application development"
Embrace the challenge!
27. Š 2013 IBM Corporation27
First
#IBMMobile
dev¡ops noun 'dev-äps
Enterprise capability for continuous software delivery that enables clients
to seize market opportunities and reduce time to customer feedback
Adopt an integrated, collaborative mobile development environment
Mobile intersects with devops
Reduce time to
obtain and respond
to customer
feedback
Balance speed,
cost, quality and risk
DevOps Lifecycle
Continuous Feedback and Improvements
Operations/ProductionDevelopment/TestCustomers Business Owners
Accelerate
software delivery
28. Š 2013 IBM Corporation28
First
#IBMMobile
Simplify the mobile app user experience
choose your approach wisely
29. Š 2013 IBM Corporation29
First
#IBMMobile#IBMMobile
Leverage popular frameworks
accelerate front end building hybrid applications
Frameworks for UI components, HTML manipulation, MVC
structure, data access, and more
Cordova (formerly known as PhoneGap) provides cross platform
device feature access
30. Š 2013 IBM Corporation30
First
#IBMMobile
Use simulation for rapid design, development and test
minimize the risk
§ď§âŻ Simulators let you see the app across multiple devices & form factors side by side
§ď§âŻ Device capabilities can be simulated quickly for walkthroughs across device
§ď§âŻ Used for fast development cycle times; then in conjunction with inventory or device
cloud for testing
31. Š 2013 IBM Corporation31
First
#IBMMobile
Open standards-based
development environment
with mobile-specific
Application Lifecycle
Management (ALM)
Mobile application server
provides mobile-specific
notifications, analytics, security.
Messaging appliance scales
to millions of connections and
messages.
Integrate apps across the enterprise
Leverage existing investments and extend your enterprise to mobile devices
Client device layer
enables client-side
security, enforces app
upgrades, secures local
storage and allows access
to device features.
Essential development, runtime and
client device services
Messaging
Appliance
32. Š 2013 IBM Corporation32
First
#IBMMobile#IBMMobile
Equip cross platform apps with common runtime capabilities
build the best app possible
§ď§âŻ Push notification: mapping users & devices to the right delivery channel
§ď§âŻ Analytics data capture: captures client-side usage data to support operational,
experience, and business intelligence analytics
§ď§âŻ Geo-location: location data & triggers for GPS aware apps
§ď§âŻ Encrypted storage: Encrypted storage for sensitive data with offline access
§ď§âŻ Data synchronization: Synchronize data items that were accessed or modified
offline against REST services. Typically used in conjunction with a local
encrypted store
§ď§âŻ App security framework: Cross application SSO, authenticity checking, etc.
§ď§âŻ App container management: Remote disable and direct update
§ď§âŻ Custom containers: Tailor the application sandbox to match corporate
governance needs
33. Š 2013 IBM Corporation33
First
#IBMMobile
Exploit the power of hybrid
Remote management via direct updates
Mobile
Middleware
Native Shell
Pre-packaged
resources
1 Download
4 Update web
resource
App Store
Web
resources
Cached
resources
2 Transfer
3 Check for
updates
§ď§âŻ Web resources can be pushed down
to the device & access locally
§ď§âŻ Address critical security concerns or
application errors
§ď§âŻ Prompt or silent
34. Š 2013 IBM Corporation34
First
#IBMMobile#IBMMobile
Understand data access considerations
optimize access through mobile friendly technologies
§ď§âŻ Mobile apps that offer personalization , convenience , or context typically integrate
multiple source of back-end data in unique ways
§ď§âŻ Systems of record are typically optimized for large payloads of enterprise data. Not optimal
for high latency networks or where bandwidth constrained
§ď§âŻ Most enterprises have complex SSO flows, which may not be optimized for mobile. Must
further be linked to certification management for TLS
§ď§âŻ Mobile apps typically operate on JSON data structures
§ď§âŻ Best practices today have people storing new forms of engagement data in No-SQL
databases like MongoDB or graph databases like neo4j to front systems of record
§ď§âŻ End resulting best practice: a gateway acts as a mediator for back-end data access
35. Š 2013 IBM Corporation35
First
#IBMMobile#IBMMobile
Streamline the feedback loop
improve development insight, before and after release
Developer Tester Users
Distribute
to testers
and users
1
Bug reporting2
Crash log reporting3 user feedback
4
AppStore analysis
5Build it
Install
it Test it
36. Š 2013 IBM Corporation36
First
#IBMMobile
Be Agile!
Use outside-in design & rapid response to user feedback
Definition Develop & Test Pilot & Trial Go-Live
Trial #1 Target:
LOB Stakeholders
Trial #2 Target:
Developers & FVTers
Trial #3 Target:
LOB Stakeholders
Trial #4 Target:
Segment of end users
(internal / external)
Trial #5 Target:
End users
Visually create set of
pages or views of the
application
Pages generate hybrid
HTML code with dummy
data
Link pages together to
enable simple
navigation
Deploy âmockup that
runsâ to device for
stakeholders to
evaluate
Add code to some
subset (or all) pages to
incorporate live data
Add supporting
business logic to those
pages
Connect back end
services to provide the
data
Enable navigation
based on data
At any point when
adding additional data,
provide update to
stakeholders (mix of
dummy pages & live
pages) for evaluation
Gather feedback
Freeze code and identify
who will conduct the pilot
For B2C apps, may
choose to do internal pilot
or create a special app for
external app store
For B2E apps, identify the
subset of users to trial
Gather feedback & use
analytics for more detailed
usage feedback
Publish app across the
enterprise or in an
external app store
Use analytics to gather
feedback.
Quickly rollback to
previous versions if
needed
Force update if needed
37. Š 2013 IBM Corporation37
First
#IBMMobile
Make testing and quality a priority
Understand how mobile application testing is different
§ď§âŻ The size of the device configuration matrix is vast and
continues to expand
-âŻiOS, Android, BlackBerry, Windows Phone, Symbian,
etc.
-âŻMultiple form factors and screen resolutions
-âŻThere are literally thousands of potential device
configurations from hundreds of manufacturers
-âŻNew devices are being released at a rapid pace
â˘âŻ In 2011 alone, there were over 300 new smart
phones and tablets released
§ď§âŻ New capabilities to test
-âŻCamera, GPS, direction, orientation, voice, etc.
§ď§âŻ More network considerations
-âŻMultiple carriers
-âŻVariable throughput and latency
-âŻDisconnected use
-âŻNetwork switching
-âŻAccess to multi-tier data
38. Š 2013 IBM Corporation38
First
#IBMMobile
41% of projects fail to deliver expected business ROI
Test early; test often!"
Accelerate delivery of high quality, multi-tiered mobile applications
Solutions to improve ROI:
1.⯠Extend testing to the start of the development
cycle
2.⯠Automate UI and Performance tests for mobile
apps
3.⯠Virtualize back-end services to maintain agility
4.⯠Improve manual test case management and
optimize execution across multiple mobile
devices
39. Š 2013 IBM Corporation39
First
#IBMMobile#IBMMobile
Combine strategies to reduce response time to feedback
continuously deliver and manage feedback
The best mobile apps evolve rapidly
in response to feedback and needs
Release cycles take too
long and cost too much
Late understanding of user
feedback
Continuous Build & Test
â˘âŻ Earlier identification of build/test
issues
â˘âŻ Efficient use of test automation
â˘âŻ More time for quality
improvement
Feedback Management
â˘âŻ Involve testers and users early
in the development process
Build it
â˘âŻ Distributed
build for
each target
platform
Install it
â˘âŻ Automated
install to
emulators,
simulators or
devices
Test it
â˘âŻ Automated
functional
testing
â˘âŻ In-app bug reporting
â˘âŻ Crash logs
â˘âŻ In-app user feedback
â˘âŻ App Store analytics
â˘âŻ Crash results
App
passed
build and
tests
Feedback can focus
on real user
feedback, not basic
build/test bugs
40. Š 2013 IBM Corporation40
First
#IBMMobile
Implement internal app stores
support an agile delivery process and production environment
Iterative outside-in
elaboration of the app
Integrated version
management
Targeted deployment to
specific populations
(users, groups, devices)
Cross-platform
distribution
User-driven feedback
& analytics
Apps &
State
41. Š 2013 IBM Corporation41
First
#IBMMobile
The Key to Successful Mobile App Developmentâ¨
Starts With Design, IT and LOB Working Side By Side
â¨
â¨
"
Design IT LOB
42. Š 2013 IBM Corporation42
First
#IBMMobile
Align to key industry use cases
Industry Solutions!
Mobile Applications!
MobileServices!
LOBBuyers!
IBM Mobile Foundation!
ITBuyers!
Application and Data Services!
Banking" Insurance" Retail" Transport" Telecom" Government" Healthcare" Automotive"
Mobile
banking
Customer &
agent care
Mobile
commerce
Mobile
commerce
Subscription
& service
management
Unified first
response
management
Closed-loop
âCircle of
Careâ
Connected
Car
Mobile
payments
Mobile claims Next
generation
shopping
experience
Customer
experience
management
Mobile
device
management
& analytics
Mobile-
enable
government
agents
Membership
management
& claims
Next gen
automotive
retail
experience
Customer
servicing
Mobile
marketing
Mobile
marketing
Maintenance
& operation
management
Field service
management
Citizen self-
service
Spending
analysis &
reporting
Automotive
finance
Devices Servers
43. Š 2013 IBM Corporation43
First
#IBMMobile#IBMMobile
Forrester Consulting finds Five-Year Risk-Adjusted ROI of IBM Worklight to
be 363%!
Source: The Total Economic Impact Of IBM s Worklight Platform , a commissioned study conducted by Forrester Consulting on behalf of IBM.
Published April 2013.
Study available at ibm.com/mobilefirst/worklight-forrester
44. Š 2013 IBM Corporation44
First
#IBMMobile
Gartner
 does
 not
 endorse
 any
 vendor,
 product
 or
 service
 depicted
 in
 its
 research
 publica8ons,
 and
 does
 not
 advise
 technology
 users
 to
 select
 only
 those
 vendors
 with
 the
 highest
Â
ra8ngs.
 Gartner
 research
 publica8ons
 consist
 of
 the
 opinions
 of
 Gartner's
 research
 organiza8on
 and
 should
 not
 be
 construed
 as
 statements
 of
 fact.
 Gartner
 disclaims
 all
 warran8es,
Â
expressed
 or
 implied,
 with
 respect
 to
 this
 research,
 including
 any
 warran8es
 of
 merchantability
 or
 ďŹtness
 for
 a
 par8cular
 purpose
Â
Magic Quadrant for Mobile Application
Development Platforms
Ian Finley, Van L. Baker, Ken
Parmelee, David Mitchell Smith, Ray
Valdes, Gordon Van Huizen
Aug 7, 2013
Â
Â
This Magic Quadrant graphic was published by
Gartner, Inc. as part of a larger research note and
should be evaluated in the context of the entire
report. The full report is available at
http://ibm.co/13TU2Dm
Gartner has recognized IBM as a leader in the Magic Quadrant for Mobile
Application Development Platforms
âAs unprecedented numbers of enterprises
build mobile applications, the
mobile application development platform
market continues to grow and
evolve rapidly.â
45. Š 2013 IBM Corporation45
First
#IBMMobile#IBMMobile
What does SoMoClo mean?
3
1
2
4 Do I need to worry about security?
What are the trends in mobile?
Are there any best practices for mobile development?
5 What is the IBM Academic Initiative?
46. Š 2013 IBM Corporation46
First
#IBMMobile
IBM examines the challenges of delivering mobile security for
today's always-connected workforce
47. Š 2013 IBM Corporation47
First
#IBMMobile
Enterprises need confidence to put mobile firstâŚ
48. Š 2013 IBM Corporation48
First
#IBMMobile
Mobile
devices are
shared more
often
Mobile
devices are
used in more
locations
Mobile
devices
prioritize the
user
Mobile
devices are
diverse.
Mobile
devices have
multiple
personas
â˘âŻPersonal phones
and tablets
shared with family
â˘âŻEnterprise tablet
shared with co-
workers
â˘âŻSocial norms of
mobile apps vs.
file systems
â˘âŻWork tool
â˘âŻEntertainment
device
â˘âŻPersonal
organization
â˘âŻSecurity profile
per persona?
â˘âŻOS immaturity for
enterprise mgmt
â˘âŻBYOD dictates
multiple OSs
â˘âŻVendor / carrier
control dictates
multiple OS
versions
â˘âŻA single location
could offer public,
private, and cell
connections
â˘âŻAnywhere,
anytime
â˘âŻIncreasing
reliance on
enterprise WiFi
â˘âŻConflicts with
user experience
not tolerated
â˘âŻOS architecture
puts the user in
control
â˘âŻDifficult to enforce
policy, app lists
Mobile devices: Unique security challenges
49. Š 2013 IBM Corporation49
First
#IBMMobile
Device
Management
Network, Data,
and Access Security
Application Layer
Security
Security for endpoint
device and data
Achieve visibility and
adaptive security policies
Develop and test
applications
IBM MobileFirst s approach to security
50. Š 2013 IBM Corporation50
First
#IBMMobile#IBMMobile
Why take an integrated approach to mobile security?
Speed time to deployment of enterprise
mobile apps and updates, while improving quality
Improve WiFi network management for greater reliability,
employee productivity, and minimize business interruptions
Enhance end-to-end security to help prevent loss of
intellectual property and regulated data
Less total infrastructure for lower hardware, admin costs
Reduce help desk calls, device and service lifecycle
costs
51. Š 2013 IBM Corporation51
First
#IBMMobile#IBMMobile
What if context determined capabilities automatically & securely?
â˘âŻ Context
§ď§âŻ On-site inside emergency room
§ď§âŻ On the hospital network
§ď§âŻ Authorized doctor on shift
§ď§âŻFunction: All app features
§ď§âŻData: Full data access and storage
§ď§âŻSecurity: Single-factor authentication
â˘âŻ Context
§ď§âŻ At coffee shop
§ď§âŻ On an unsecured network
§ď§âŻ Authorized doctor on call
§ď§âŻFunction: Designated features only
§ď§âŻData: Specific encrypted data
§ď§âŻSecurity: Multi-factor authentication
Governed
Policy
52. Š 2013 IBM Corporation52
First
#IBMMobile
Mobile devices are twice as
appealing. Hackers can obtain
personal and business data.
Try getting a corporate app
10Billion32x
A Clear and Present Danger
The Security Risk is Real!
Access has never been easier.
By the end of 2011, Android app
downloads reached
53. Š 2013 IBM Corporation53
First
#IBMMobile
Android Malware Increase Dramatically in 2011
Spyware and SMS Trojans Top Two
Source: Juniper Mobile Threat Report, 2/12
The Security Risk is Real!
54. Š 2013 IBM Corporation54
First
#IBMMobile#IBMMobile
Mobile Computing Losses Are Real
Symantec's 2012 State of Mobility Survey⌠polled over 6,000 organizations in 43
countries⌠discovered that mobile computing is the biggest IT security concern
Source: Symantec
2012 State of
Mobility Survey
The Security Risk is Real!
55. Š 2013 IBM Corporation55
First
#IBMMobile
No One Is Spared
Source: Arxan State of Security in the App Economy â 2012
The Security Risk is Real!
56. Š 2013 IBM Corporation56
First
#IBMMobile#IBMMobile
Security Risk a Function of Mobile Application Type
Mobile Native applications
Mobile Hybrid applications
Mobile Web applications
57. Š 2013 IBM Corporation57
First
#IBMMobile#IBMMobile
Permissions May Introduce Security Risk
â˘âŻ Users donât understand
â˘âŻ Applications over permissioned
â˘âŻ Permissions vary by OS & release
58. Š 2013 IBM Corporation58
First
#IBMMobile
§ď§âŻ Confidentiality leaks
â⯠Private conversations leaked to
public
â⯠Private contact information
leaked to public
â⯠Location leaked to public
§ď§âŻ Integrity violations
â⯠Corruption of local databases
â⯠Fraudulent use of application
§ď§âŻ Abuse of privileges
â⯠Sending text messages
â⯠Placing calls
â⯠Surveillance of deviceâs user
Which QR code is evil?
â˘âŻ QR Code contained a URL to
download malware
â˘âŻ The malware sent SMS
messages to a premium rate
number (US $6 per message)
Native Mobile Application Security Risks
59. Š 2013 IBM Corporation59
First
#IBMMobile#IBMMobile
What does SoMoClo mean?
3
1
2
4 Do I need to worry about security?
What are the trends in mobile?
Are there any best practices for mobile development?
5 What is the IBM Academic Initiative?
60. Š 2013 IBM Corporation60
First
#IBMMobile#IBMMobile
Our mission: Partner with faculty to develop the skills needed
to build a more competitive IT workforce & address the talent
gap
What we offer:
â˘âŻ Access to IBM software & courseware at no
charge
â˘âŻ A deep repository of business & technical
articles, expert blogs, videos, white papers,
Red Books, Tech Trends reports, C-level
studies, case studies & industry success
stories that are useful to weave into
curriculum
â˘âŻ Skill building programs, from ecosystem
events to student competitions to serious
games
IBM Academic Initiative
61. Š 2013 IBM Corporation61
First
#IBMMobile#IBMMobile
developerWorks Mobile
§ď§âŻ Downloads
§ď§âŻ Forums
§ď§âŻ Training materials
§ď§âŻ Developer community
§ď§âŻ Events
Resources for IT Professionals & Academics
Academic Initiative Mobile
§ď§âŻ Designed for faculty
§ď§âŻ Courseware
§ď§âŻ Downloads
§ď§âŻ Training materials
§ď§âŻ Community
§ď§âŻ Events
62. Š 2013 IBM Corporation62
First
#IBMMobile
Leveraging Mobile Requires â¨
More Than Just Apps"
It takes a new set of skills to prosper in this environment."
Rethink Your
Business
Processes"
Leverage â¨
Real Time
Information"
Reimage The
Customer
Experience"
Design Different
Security
Approaches"
63. Š 2013 IBM Corporation63
First
#IBMMobile
Three ways for you to get started with IBM MobileFirst"
Leverage the IBM Academic Initiative
â˘âŻ Ask your professors to visit the IBM MobileFirst Academic Initiative
â˘âŻ Follow us on Twitter - @IBMSkills @IBMMobile @IIC_Nairobi
2!
3!
Get certified for IBM MobileFirst
â˘âŻIBM Certified Mobile Application Developer - IBM Worklight
â˘âŻIBM Certified Solution Developer - IBM Worklight and WebSphere Portal
1!
Visit the new IBM MobileFirst web page
â˘âŻ Expand your knowledge with IBM tech talk series for Mobile
â˘âŻ Evaluate software and build skills with IBM developerWorks Mobile
64. Š 2013 IBM Corporation64
First
#IBMMobile
The Broadest â¨
Portfolio of
Mobile
Solutions â¨
!
The Deepest
Set of Services
Expertise !
!
Industry
Partnerships
and Resources
for Developers
Asante! Thank you!"
Any questions?"