Many organizations are embracing mobile device management (MDM) and mobile app management (MAM) solutions to secure enterprise data and apps on smartphones, tablets and other mobile devices. However, these solutions are often not enough to provide the levels of secure and seamless access required for effective mobile workforce enablement.
This webinar, featuring Forrester MDM Analyst Christian Kane and Layer 7 Chief Strategy Officer Dimitri Sirota will examine how MDM/MAM solutions can be implemented in conjunction with Mobile Access and API Management technologies in order to deliver end-to-end data and app protection.
You Will Learn
How IT consumerization and BYOD are driving enterprise demand for MDM and MAM
The security scope and limitations of MDM/MAM solutions
The role of API Management products in securing the mobile backend
The benefits of end-to-end mobile security, from device to datacenter
Top 3 Reasons to Deliver Web Apps with Application Virtualization
Similaire à Securing Your Mobile Backend featuring Forrester Research inc - Combine API Backend Security with MDM/MAM to Implement End-to-End Mobile Security
B3 mobile development and deployment platform enabled by oracle fusion midd...Dr. Wilfred Lin (Ph.D.)
Similaire à Securing Your Mobile Backend featuring Forrester Research inc - Combine API Backend Security with MDM/MAM to Implement End-to-End Mobile Security (20)
Scaling API-first – The story of a global engineering organization
Securing Your Mobile Backend featuring Forrester Research inc - Combine API Backend Security with MDM/MAM to Implement End-to-End Mobile Security
1. Securing Your Mobile Backend
Dimitri Sirota
CSO,
Layer 7 Technologies
Christian Kane
Enterprise Mobility, Infrastructure & Operations Analyst,
Forrester Research, Inc.
June 20, 2013
2. Layer 7 Confidential 2Layer 7 Confidential 2
Questions
-Chat any questions you have and we’ll answer them at the
end of this webinar
Twitter
- Today’s event hashtag: #L7webinar
Follow us on Twitter:
@layer7
@forrester
Layer 7 Confidential
Webinar Housekeeping
6. Layer 7 Confidential 6Layer 7 Confidential 6
Sample Size = 190 enterprise IT decision makers who are planning, piloting, or have implemented a BYOD program]
Source: Forrsights Hardware Survey, Q3 2012
Why does your firm support, or is your IT organization planning to support, bring-your-own device
program?
3%
16%
18%
37%
41%
42%
51%
65%
Other reason
HR believes it will help attract new hires to our
company
Executive direction or requirement
Lower support costs
Improved self-service for end users
It will help us support a mobile workforce
Lower purchase costs for the company
End users prefer it
This is Driving Demand for mobile BYOD
programs
8. Layer 7 Confidential 8Layer 7 Confidential 8
Source: Forrester’s Forrsights networks and telecommunications survey, Q1 2012
Base: 1,535 mobile technologies and services decision-makers at North American and European companies
(multiple responses accepted)
Security in BYOD is top mobile challenges
9. Layer 7 Confidential 10Layer 7 Confidential 10
8%
8%
10%
15%
15%
19%
27%
30%
33%
37%
37%
A self-service portal where employees can configure and
manage their devices
Mobile service telecom expense software
Access to detailed reporting and usage analytics
Deploy and update custom-developed apps
Deploy and manage third-party productivity apps that the
company has vetted/bought for employees
Provision data access and apps based on employee
role/function
We do not support any apps besides those that are
already on the phone
Help desk support for mobile apps
Break/fix/replace hardware service
Manage security on the device
Device configuration management
Today, which of the following capabilities does your firm provide to support
smartphones and tablets?
Source: Forrester’s Forrsights networks and telecommunications survey, Q1 2012
Base: 1,535 mobile technologies and services decision-makers at North American and European companies
(multiple responses accepted)
Most firms currently address security by
implementing basic mobile device and
application management features
10. Layer 7 Confidential 11Layer 7 Confidential 11
Most firms start with MDM…
January 2012 “Market Overview: On-Premise Mobile Device Management Solutions”
11. Layer 7 Confidential 12Layer 7 Confidential 12
…But realize they’re dealing with this
Cloud Devices Apps
12. Layer 7 Confidential 13Layer 7 Confidential 13
What are your firm's plans to adopt the following mobile technologies?
17%
22%
28%
23%
53%
35%
33%
18%
Smartphones for employees
Tablets for employees
Mobile applications
Enterprise app store solutions to
deploy and manage smartphone and
tablet applications
Planning to implement
Implemented or expanding
Source: Forrsights Budgets And Priorities Tracker Survey Q4 2012
Base = 3,753 global IT executives and technology budget decision-makers
Multiple devices means applications become much more
important
13. Layer 7 Confidential 14Layer 7 Confidential 14
MDM evolves with MAM, data management, security,
and support options
- Device support
- Windows Mobile/CE
- Windows / Mac
- App support
- Remote control
- Dual persona
- Expense management
• Application management
› Security
› SDKs/Containers
• Data containers
• Secure file sync & share
Management & Support Apps & Data
14. Layer 7 Confidential 15Layer 7 Confidential 15
Source: Forrsights Software Survey, Q4 2012
As your firm considers its mobile strategy and investments, which departments or
business groups is it most focused on?
2%
5%
8%
9%
12%
18%
19%
20%
34%
34%
42%
48%
Don't know
Other
Manufacturing (e.g., production planning/execution)
Procurement (e.g., sourcing, supplier selection)
Order fulfillment (e.g., distribution, transportation)
Office of the CEO and other executive management
Corporate services (e.g., finance, human resources)
Research and development (e.g., product portfolio planning…
Marketing (e.g., promotions, campaigns)
Customer service (e.g., returns, complaint management)
Field service (operations and maintenance)
Sales (e.g., customer segmentation, order management)
Base = 704 global software decision-makers
Investing in Customer facing apps that require backend
access
15. Layer 7 Confidential 16Layer 7 Confidential 16
Base = 1,749 North American and European information workers who use a smartphone for work
Source: Forrsights Workforce Employee Survey, Q2 2012
“What smartphone/tablet applications do you currently use for work?"
15%
18%
19%
20%
21%
25%
25%
28%
32%
36%
39%
40%
58%
73%
85%
Wikis for internal information sharing
Microblogging (e.g. Twitter)
Web meeting or webconferencing
Team document sharing sites (e.g., SharePoint)
Data dashboard or business intelligence application
Expense tracking and/or approval
Travel planning and status
Employee intranet or company portal
Specific line of business applications (e.g. sales)
Social networks (e.g. LinkedIn, Facebook)
Note taking application
Instant messaging/chat (not SMS/texting)
SMS (texting)
Calendar
Email
Investing in business and collaboration apps that
need backend access
16. Layer 7 Confidential 18Layer 7 Confidential 18
Backend data and application access means
enterprises need a strategy beyond basic MDM /
MAM support
18
• BYOD strategy
• Mobile device and security management
options
• File sync/share
• Securing, provisioning, and managing mobile
apps
• Protecting data
• Ensuring secure mobile application
development
17. Layer 7 Confidential 19Layer 7 Confidential 19
The Path To Enablement Requires Backend Data &
Application Access
MDM
• Devices:
Smartphones
• Access: Email,
contacts, calendar
Device
Independence
• Devices: Tablets
• Access: Some
business apps,
file sync & share,
corporate
systems.
Backend Data
Access
• Devices: Mobile
+ PC
• Access: Any
app, any data.
20. Layer 7 Confidential 22Layer 7 Confidential 22
Can Your Backend Applications Trust Your Apps
DMZ
DATA
21. Layer 7 Confidential 23Layer 7 Confidential 23
MDM / MAM Protect the App But Who Protects Your Applications?
DMZ
DATA
22. Layer 7 Confidential 24Layer 7 Confidential 24
Security Needs to Span Device to Datacenter
23. Layer 7 Confidential 25Layer 7 Confidential 25
Creates Need for Mobile Gatekeeper to Backend Data &
Applications
24. Layer 7 Confidential 26Layer 7 Confidential 26
Mobile Access API Gateway Provides Apps Secure Data
Access & Bridge to Enterprise Services
Render backend applications and data-sources (SQL) as RESTful APIs.
Translate XML to JSON & SOAP to REST. Compose new API from multiple
backend services.
API Adaptation
Protect enterprise application and data against attack or misuse. Secure
REST and SOAP APIs. Validate XML and JSON Data. Secure streamed
Sockets data.
Mobile Application
Firewalling
Translate token types. Map SAML and Web SSO to OAuth. Implement
OpenID Connect. Broker SSO with Cloud Services. Integrate with outside
Geo-location Services for richer access policies. Enable X-device sessions.
Identity Mapping & SSO
Improve mobile performance through compression, integration with CDN,
XML to JSON conversion, pre-fetch on hypermedia APIs, Backend
response aggregation, caching on request and response.
Optimization
Broker interactions with external SaaS providers like Salesforce. Mediate
social interactions. Push notification services. Connectivity with carrier
network APIs.
Cloud Orchestration
26. Layer 7 Confidential 28Layer 7 Confidential 28
Map Web SSO & SAML to mobile-friendly OAuth,
OpenID Connect and JSON Web Tokens
Create granular access policies at user, app and
device levels
Build composite access policies combining
geolocation, message content and other network
attributes
Simplify PKI-based certificate delivery and
provisioning
Identity: Extending Enterprise Identity to Mobile
+
27. Layer 7 Confidential 29Layer 7 Confidential 29
Protect REST and SOAP APIs against DoS and
API attacks
Proxy API streaming protocols like HTML5
Websocket and XMPP messaging
Enforce FIPS 140-2 grade data privacy and
integrity
Validate data exchanges, including all JSON,
XML, header and parameter content
Security: Mobile Application Firewalling
28. Layer 7 Confidential 30Layer 7 Confidential 30
Surface any legacy application or database as
RESTful APIs
Quickly map between data formats such as
XML and JSON
Recompose & virtualize APIs to specific
mobile identities, apps and devices
Orchestrate API mashups with configurable
workflow
Adaptation: Translate & Orchestrate Data & APIs
29. Layer 7 Confidential 31Layer 7 Confidential 31
Cache calls to backend applications
Recompose small backend calls into efficiently
aggregated mobile requests
Compress traffic to minimize bandwidth costs and
improve user experience
Pre-fetch content for hypermedia-based API calls
Optimization: Handle Scale
30. Layer 7 Confidential 32Layer 7 Confidential 32
Proxy and manage app interactions
with social networks
Broker call-outs to cloud services
like Salesforce.com
Bridge connectivity to iPhone and
Android notification services
Integrate with legacy applications
using ESB capabilities
Integration: Centralize Cloud Connectivity
31. Layer 7 Confidential 33Layer 7 Confidential 33
Questions?
Dimitri Sirota
CSO,
Layer 7 Technologies
dsirota@layer7.com
Christian Kane
Enterprise Mobility, Infrastructure & Operations Analyst,
Forrester Research, Inc.
ckane@forrester.com
32. Layer 7 Confidential 34Layer 7 Confidential 34
Upcoming Events
Layer 7 Tech Talk
June 26th – 9am PDT
APIs: Fueling Mobile, Social, IoT & Big Data
http://layer7.com/live