White paper. Selecting and Implementing Secure



Similar documents
IFS ApplIcAtIonS For Document management

White paper. Engineer to Order Manufacturing

WHITE PAPER WHY ENTERPRISE RESOURCE PLANNING SOFTWARE IS YOUR BEST BUSINESS INTELLIGENCE TOOL

We decided that we would build IFS Applications on standards so our customers would not be locked into any particular technology. We still do.

einvoice A fully automated digital solution for companies of all sizes

IFS ApplIcAtIonS For ElEctronIc components xxxxxxxxxxxxx

We decided that we would build IFS Applications on standards so our customers would not be locked into any particular technology. We still do.

White paper. Selecting ERP for Enterprise 2.0 and Social Media Functionality

White paper. Four reasons why you need to consolidate your packages

White paper. 5 ROI Tips for

WHITE PAPER THREE FIELD SERVICE MANAGEMENT TRENDS YOU CAN T IGNORE

White paper. Why Aerospace and Defense Maintenance Needs

WHITE PAPER SIX ESSENTIAL CONSIDERATIONS WHEN CHOOSING A FIELD SERVICE SOFTWARE SOLUTION

and technology engineered for agile business

How To Get The Ifs Cloud On Microsoft Azure 2.5 On A Microsoft Cloud On A Cloud On An Ios (Cloud) On A Server On A Supermicrosoft Cloud (Cloud On A Mini

WHITE PAPER FIELD SERVICE MANAGEMENT SOFTWARE FOR ENTERPRISE COMPANIES

White paper. Why ERP fails at

WHITE PAPER AVOIDING UNPLEASANT ERP SURPRISES

WHITE PAPER IMPROVING PERFORMANCE WITH AN ADAPTIVE PLATFORM FOR ENTERPRISE OPERATIONAL INTELLIGENCE HIGHLIGHTS P1 P4 P5.

White paper. Selecting Field Service Management Software

White paper. Understanding Reverse Logistics in Field Service Management

WHITE PAPER TEN CRUCIAL CONSIDERATIONS FOR EVALUATING AND SELECTING FIELD SERVICE MANAGEMENT SOFTWARE

WHITE PAPER 3 WAYS YOUR FIELD SERVICE MANAGEMENT PROJECT CAN GO HORRIBLY WRONG

White paper. Using ERP to Deliver ecommerce for Companies

WHITE PAPER PROJECT PORTFOLIO MANAGEMENT VS PROJECT ERP

White paper. Selecting Enterprise ASSet Management

ENTERPRISE OPERATIONAL INTELLIGENCE BUSINESS INTELLIGENCE TOOLS ALONE ARE NO LONGER SUFFICIENT TO SUPPORT THE DEMANDS OF THE ENERGY & UTILITIES MARKET

WHITE PAPER CAPTURING PROJECT COST IN PROJECT ERP

Foreign Taxes Paid and Foreign Source Income INTECH Global Income Managed Volatility Fund

WHITE PAPER USING SERVICE MANAGEMENT SOFT- WARE TO ENHANCE THE CUSTOMER EXPERIENCE

White paper. Software for the Mining Industry

White paper. 10 Ways to Use ERP to Lean the Manufacturing Supply Chain

IFS ApplIcAtIonS For customer relationship management

World Consumer Income and Expenditure Patterns

WHITE PAPER USING ERP FOR PROCESS MANUFACTURING QUALITY MANAGEMENT

The big pay turnaround: Eurozone recovering, emerging markets falter in 2015

Report on Government Information Requests

41 T Korea, Rep T Netherlands T Japan E Bulgaria T Argentina T Czech Republic T Greece 50.

WHITE PAPER ERP FOR DCAA COMPLIANCE

Global AML Resource Map Over 2000 AML professionals

Report on Government Information Requests

Report on Government Information Requests

Global Economic Briefing: Global Inflation

Appendix 1: Full Country Rankings

GfK PURCHASING POWER INTERNATIONAL

DSV Air & Sea, Inc. Aerospace Sector. DSV Air & Sea, Inc. Aerospace

Reporting practices for domestic and total debt securities

SuccessFactors Employee Central: Cloud Core HR Introduction, Overview, and Roadmap Update Joachim Foerderer, SAP AG

Supported Payment Methods

Supported Payment Methods

We d Like That on Our Laptops, Notebooks, Tablets and Smartphones, Please

How To Get A New Phone System For Your Business

Hybrid Wide-Area Network Application-centric, agile and end-to-end

E-Seminar. Financial Management Internet Business Solution Seminar

Configuring DHCP for ShoreTel IP Phones

The Path Forward. International Women s Day 2012 Global Research Results

OCTOBER Russell-Parametric Cross-Sectional Volatility (CrossVol ) Indexes Construction and Methodology

Enterprise Mobility Suite (EMS) Overview

MERCER S COMPENSATION ANALYSIS AND REVIEW SYSTEM AN ONLINE TOOL DESIGNED TO TAKE THE WORK OUT OF YOUR COMPENSATION REVIEW PROCESS

CMMI for SCAMPI SM Class A Appraisal Results 2011 End-Year Update

Brochure More information from

Sybase Solutions for Healthcare Adapting to an Evolving Business and Regulatory Environment

White paper THREE TYPES OF FIELD SERVICE SCHEDULING SOFTWARE

White paper. Selecting ERP for oil and gas industry contractors and

White paper. How To Use Projects to Master Asset Management

Building on +60 GW of experience. Track record as of 31 December 2013

Cisco IOS Public-Key Infrastructure: Deployment Benefits and Features

Report on Government Information Requests

White paper. CMMS vs EAM: What

Digital Evolution Index

WHITE PAPER SELECTING AGILE SERVICE MANAGEMENT SOFTWARE. By Tom Bowe Director, Service Industry HIGHLIGHTS P1 P2 P5. May, 2015

Sulfuric Acid 2013 World Market Outlook and Forecast up to 2017

Credit & Debit Card Payments. Factsheet

The Age of Cloud Computing

AVOIDING BUSINESS RISK: THE HIDDEN BENEFIT OF SOFTWARE AS A SERVICE

Table 1: TSQM Version 1.4 Available Translations

QuickSpecs. HP Wireless Keyboard and Mouse. Models

Accuracy counts! SENSORS WITH ANALOG OUTPUT

Lawson Business Intelligence. Solutions for Healthcare

A Nielsen Report Global Trust in Advertising and Brand Messages. April 2012

Consolidated International Banking Statistics in Japan

It looks like your regular telephone.

TOYOTA I_SITE More than fleet management

International Financial Reporting Standards

UP IN THE CLOUD

BT Premium Event Call and Web Rate Card

Know the Facts. Aon Hewitt Country Profiles can help: Support a decision to establish or not establish operations in a specific country.

SunGard Best Practice Guide

Cisco Conference Connection

Mobile Application Testing

E-Seminar. E-Commerce Internet Business Solution Seminar

CISCO IP PHONE SERVICES SOFTWARE DEVELOPMENT KIT (SDK)

The face of consistent global performance

What Proportion of National Wealth Is Spent on Education?

MANUFACTURING DATA MANAGEMENT FOR MASTERCAM

Agenda. Company Platform Customers Partners Competitive Analysis

How do you manage the brain of the business in a way that supports the opportunities your organisation wants to take advantage of?

Ensure Optimal Infrastructure Support for Mobility

I can finally afford UC without making a huge upfront investment. COO, market leader in the health care industry

Transcription:

White paper Selecting and Implementing Secure Mobile ERP

Content Why now?... 1 Challenges and opportunities... 2 Not a new problem... 3 Striking a balance... 4 Work with your ERP vendor... 5 Conclusion... 6 About IFS... 7

Selecting and Implementing Secure Mobile ERP By Rick Veague Chief Technology Officer IFS North America Handheld devices are proliferating and increasing in power. This is leading to rising expectations among enterprise resource planning (ERP) and enterprise asset management (EAM) users for constant mobile access to business data. With the trend towards bring your own device (BYOD), a CIO or IT department is finding it increasing difficult to dictate the hardware platform used to access enterprise data, presenting new security challenges and forcing a more collaborative relationship between IT and end users. In this whitepaper, we will discuss the reasons for this movement towards mobile device access to ERP and EAM data, and consider the resulting security risks and propose some technologies and steps that can be taken to mitigate those risks. Why now? Why is this trend hitting us right now? There are four main drivers that are pushing the use of mobility with enterprise applications specifically. The first and foremost of these drivers is the fact that information systems are beginning to shift from a tactical to a strategic role in many organizations. As applications move beyond the tactical role of handling transactions, they are increasingly taking on the strategic role of decision support using enterprise information to drive business agility and profitability. This is happening because the solutions themselves are more mature and are able to offer more capability and also because new technologies, applications and faster networks offer more access to data while on the go. Competitive pressures are also a factor. We all know the pace of business life is increasing faster than ever. Today, if you are a decision maker in an organization, you have to be in the loop and you have to have access to quality data or you can t function effectively and efficiently. A recent Aberdeen study found that since the economic downturn began, 57 percent of businesses reported customers have become more demanding. They are asking for lower prices, better service and expect vendors to do things they didn t do before. If a vendor can t respond to these pressures, somebody else will. Access to data in real time, to allow that executive to make a profit/loss decision regarding a customer demand, becomes essential. 1

The nature of the workforce is also changing, with more and more knowledge workers working remotely. A growing percentage takes their office with them in a bag or increasingly in their shirt pocket. These people are often engaged in work not just during work hours, but literally around the clock. Bring Your Own Device (BYOD) is becoming a driving force as individual end users proactively, without the involvement of IT, access enterprise systems using their smartphones and pads. That same Aberdeen study found that best-in-class enterprises with well executed mobile strategies also have a time-to-decision, or elapsed time between the appearance of a business challenge and its solution, that is 70% faster than their peers. Clearly, mobility can drive business value and agility. A fourth and final trend pushing us towards mobile ERP is the general consumerization of IT, which presents both challenges and opportunities. In years past, an executive or manager would discover a business problem and then IT would be brought in to solve that problem. Today, technologies are entering the enterprise environment and end users are finding ways to put them to use. Consider the ipad, for example. Apple brought that product to market without a clear understanding of what problem it was going to solve. They didn t really know who was going to use it or how they were going to use it, yet it has become one of the most rapidly adopted technologies by both consumers and industry in history. End users are now coming into the workplace with mobile devices that blur the line between corporate and private life, and they expect to be able to use them to access enterprise systems and data in ways that are difficult for IT to predict and control. All of these trends are driving the increased need and desire by ERP end users to be connected, to be on-line and to be engaged with enterprise systems and data wherever they are, whenever they need to. Challenges and opportunities One of the most obvious challenges presented by mobile ERP is security, and controlling access to corporate data. Security has always been a concern in enterprise computing. If you look back over time, we see a progression of information technology, from paper based to largely workstation based, where an end user goes to an office and uses a workstation to connect to servers. Next, it was laptops that provided the first step in mobility. But once end users migrate to smart phones and pads, the information is literally hard to pin down in terms of where it is physically located. And that raises some challenging questions about data security versus access to that data for the people who really need access whenever and wherever they are at. Different technologies can be used to access data in the mobile world. From a security standpoint, a browser based app may be most desirable. A browser based interface is preferred because data is not stored on the mobile device. But browser 2

IFS Cloud IFS Uplink Running Applications (Resources Customer Application Server IFS approach is to use a cloud-based intermediary between the mobile device the enterprise server. This approach implements a secure connection between the cloud and customer s servers, and the cloud and the end user mobile devices. This yields a secure method of mobile access, but also greatly reduces connectivity and provisioning overhead. IT uses a cloud portal to control which users are allowed use various apps and disable access quickly in the event a device is lost or an employee is terminated. based apps lack the optimization for mobile devices that native apps provide, often because they are not designed for the small screen and tend to have a rather keyboardcentric approach. Native apps, which do reside on the phone or pad itself and do require some distribution of enterprise data, can offer a highly optimized user experience. But they are easier to use on mobile devices. Native apps can take full advantage of the device s capabilities, including cameras and GPS services. Finally, native apps tend to work better on slow, sometimes spotty mobile networks than browser based apps do. From a usability standpoint, native apps with data on the device is the preferred approach. Corporate IT has a choice. In reality, IT has little choice but to address the challenge head on or risk alienating their user community. From the viewpoint of a CIO, mobility introduces significant new challenging in protecting corporate data. If you own the servers and the data stays on the servers, you have pretty good control. But once you start allowing distribution of that data across multiple devices that may not be controlled or owned by the company, the single point of control has been lost. Proprietary and potentially valuable customer information is now being carried around on devices that are easily lost, hijacked or stolen. An effective IT organization needs to figure out how to strike a balance between how to limit the data that is distributed, how to protect that data, and yet still meet the expectations of their users. 3

Not a new problem Mobile data security is not a new problem. It was not so long ago that all data was disseminated on paper, and we really had the same problem. Executives carried sensitive customer information on paper in their briefcases, which were also easily lost, stolen or compromised. More recently, laptops with huge hard drives full of corporate information have posed an even greater data security threat. We are dealing with an old problem with new technological challenges. What is different is the rate of change. Management of laptops evolved along with the use of those laptops, allowing IT to (more or less) keep up. Not so with the mobile revolution; the technology is evolving faster than ever making is difficult for traditional IT to keep up. As we entered the digital age, traditional IT organizations were built around servers and conventional workstations which are now well managed and mature technologies. Laptops are typically well managed also, even though they are mobile devices. When laptops initially became mainstream corporate devices, they were costly and complex to network, and as a result IT had to drive the roll out of these devices. But smart phones, smart devices and pads are comparatively low cost devices and consumer-oriented, which means it does not require a skilled IT staff to get them in users hands. Some early smart phones such as BlackBerry included corporate control mechanisms, but these devices are rapidly being supplanted by iphones and Android devices, which by their consumer oriented nature are less secure. These newer devices can be made secure, but the rapid rate of adoption of these devices has left IT scrambling to keep up. Androids can be secure devices, but they are vulnerable in part because of their openness and the wide variety of variations within the devices themselves. Striking a balance It is clear that mobile users have very different expectations than traditional users, and these expectations must be balanced with the need for a centralized approach to data security. The relationship between mobile users and IT must be based on a collaborative relationship that results in a balance between access and security. This collaboration can start with a shared decision as to the types of applications that you want to use to support your enterprise, what data ends up on these devices and what your management policy for mobile devices is. It is apparent that mobile applications are used very differently than traditional business applications. An individual will not sit down and churn through long form tasks on a mobile device. Mobile applications are characterized by support for very lightweight tasks what is increasingly referred to as information grazing. You approve things, you reject things and you defer things as opposed to heavy usage of deep application functionality. The mobile application needs to be less about application bloat than it is about focusing on the key lean features that you really need to 4

access at all times in order to support your business while minimizing the data that ends up on a handheld device. The realities of the mobile device user experience and connectivity, native apps will be the most intuitive and desirable way to work on mobile devices. And when you look at the rate at which native apps are being produced specifically for the different mobile platforms versus traditional web applications that are optimized for mobile devices, it becomes even more apparent that this is the way more and more of enterprise application end users will be working. What this means is that an IT department must still be able to track mobile assets that have access to corporate data, who has these mobile devices and what mobile apps are they running. If IT implements and documents best practices around mobile security, and makes sure end users understand and adhere to them, most end users will cooperate and balance between security and access can be reached. Policies must cover basic practices, such as the need to lock devices or wipe the data on them when they are lost. A collaborative decision as to what apps are to be used to access enterprise data can also help minimize vulnerability and achieve the business agility users are demanding. Work with your ERP vendor Most organizations only need a fairly limited set of apps that really drive business value, and until recently most business apps were built by IT departments at key organizations. Home grown apps can be difficult to support and maintain, and may not be as elegant as something developed for a broad community of users. Furthermore, homegrown apps tend to tunnel in directly to an ERP or other enterprise solution, which can create security issues. Fortunately, today more and more vendors of ERP, EAM or field service solutions are delivering more packaged mobile applications. The approach we have taken at IFS is to offer a series of native mobile apps with built in provisions for device security, encryption for data that is on the device and basic user management elements such as the user ID s and pins. These applications are also designed to limit the amount of data that is actually on the device to just what is necessary to accomplish specific lightweight tasks. Our focus is on understanding what mobile tasks really drive business value, building those apps that are sufficient for these tasks and the type of user and then relying on technology to help secure that data in the event the device is lost. The cloud can also play a role in reducing both IT management cost and security vulnerabilities. With a lot of the home grown mobile apps, we see mobile devices with direct connections into an ERP or EAM solution or database. An IT department must then deal with a number of firewall-related questions, which adds complexity. Of course the need to navigate a firewall can result in a connection that is finicky and can leave security vulnerabilities wide open. 5

Our approach has been to use a cloud-based intermediary between the mobile device and a customer s enterprise environment. This approach implements a secure connection between the cloud and customer s servers, and the cloud and the end user mobile devices. No data is stored in the cloud, and no mobile device connects directly to the customer s servers. This yields a secure method of mobile access, but also greatly reduces connectivity and provisioning overhead. Users obtain their apps from the usual sources, including itunes or the Android market, so users manage their own devices and use their credentials to connect to the cloud which in turn acts as a broker to talk to the back office application. Meanwhile, IT uses a cloud portal to control which users are allowed use various apps and disable access quickly in the event a device is lost or an employee is terminated. Conclusion Mobile apps not just web-based apps but native mobile apps are here to stay. They are the workstation of the future the new normal. Allowing mobile access to enterprise data and systems can drive business value by taking non-value added time out of business processes. The ability to support mobile devices is something you should be looking for in your current enterprise solution, or if you evaluating new enterprise solutions. A CIO and IT department of an organization of any size must plan to allow for BYOD and the growing consumerization of enterprise IT. Because if they don t, users will find a way circumvent whatever controls you put in place. In order to come to terms with this reality, IT must collaborate with end users and arrive at a way forward, and then look to enterprise software vendors to offer a technology platform that meets business needs and user expectations while mitigating security concerns. Rick Veague is Chief Technology Officer with IFS North America, and is based in the Schaumburg, Ill. headquarters. In this role, Veague provides direction for IFS use of Service- Oriented Architecture (SOA) and works with IFS leading customers to leverage SOA to provide state-of-the-art ERP. 6

About IFS IFS is a public company (OMX STO: IFS) founded in 1983 that develops, supplies, and implements IFS Applications, a component-based extended ERP suite built on SOA technology. IFS focuses on agile businesses where any of four core processes are strategic: service & asset management, manufacturing, supply chain and projects. The company has more than 2,000 customers and is present in 50+ countries with 2,700 employees in total. More details can be found at www.ifsworld.com. For further information, e-mail to info@ifsworld.com Americas....+1 888 437 4968 Argentina, Brazil, Canada, Mexico, United States Asia Pacific... +65 63 33 33 00 Australia, Indonesia, Japan, Malaysia, new Zealand, Philippines, PR China, Singapore, Thailand Europe east and central asia...+48 22 577 45 00 BALKANS, Czech Republic, GEORGIA, Hungary, Israel, KAZAKHSTAN, Poland, RUSSIA and cis, Slovakia, Turkey, UKRAINE Europe Central...+49 9131 77 340 AUSTRIA, Belgium, GERMANY, ITALY, netherlands, SWITZERLAND Europe West...+44 1494 428 900 France, Ireland, Portugal, Spain, United Kingdom Middle East and africa................................................+971 4390 0888 India, South Africa, Sri Lanka, United Arab Emirates Nordic...+46 13 460 4000 Denmark, Norway, Sweden Finland and the Baltic area.... +358 102 17 9300 Estonia, Finland, Latvia, Lithuania www.ifsworld.com This document may contain statements of possible future functionality for IFS software products and technology. Such statements of future functionality are for information purposes only and should not be interpreted as any commitment or representation. IFS and all IFS product names are trademarks of IFS. The names of actual companies and products mentioned herein may be the trademarks of their respective owners. IFS AB 2012 En5004-1 Production: IFS Corporate Marketing, February 2012.

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information