Building Secure Mobile Applications Using MaaS360 SDK and IBM Worklight Karthik Ramgopal/Paras Segal kramgopal@fiberlink.com psegal@fiberlink.com www.maas360.com
Why Mobile Applications are a Must? Rising Smartphone and Tablet penetration Mobile Applications enable better productivity by allowing work on the go. 100% Cloud Delivery Security is the need of the hour.
Poll Question #1 Do you have any enterprise/home-grown mobile applications? a) Yes b) No c) Developing
Application Development Practices Native Built using the development tools and languages that the respective platforms support. Thus, they run only on their targeted platforms. Web Cross-platform mobile applications that run on multiple devices as they mostly run on browsers Hybrid Run within the webview container on the devices. The applications are thus packaged natively and have access to native API s of the mobile OS.
Mobile Application Security Concerns Sensitive corporate data housed within the applications is prone to leakage Applications accessing corporate data/resources ay not be fully compliant with the set of enforced corporate policies Keep pace with new security exploits and challenges
Poll Question #2 Are you worried about application data security? a) Yes b) No
MaaS360/IBM advantages Products move through entire application lifecycle from development to delivery IBM Worklight IDE for mobile application development Offers a powerful SDK (Software Development Kit) targeting native (ios, Android) and hybrid applications Zero-effort integration with app wrapping Streamlined deployment to one/more devices using the MaaS360 app distribution platform
Plethora of plugins available for one-click integration with products like MaaS360, TeaLeaf and Trusteer. The IBM Worklight Studio IDE Open, complete and advanced mobile enterprise application platform for HTML5, hybrid and native mobile applications Built atop the popular Eclipse IDE Tight integration with other IBM offerings like AppScan and IMC
IBM Worklight Components IBM Worklight Server IBM Worklight Device Runtime Components IBM Worklight Application Center IBM Worklight Console
IBM Worklight Enables an Organization to.. Support multiple mobile operating environments and devices with the simplicity of a single, shared code base Connect and synchronize with enterprise data, applications and cloud services Safeguard mobile security at the device, application and network layer Govern the mobile application portfolio from a central interface
Q&A
MaaS360 SDK Easy to use Software Development Kit for rapidly integrating your mobile application with the MaaS360 ecosystem. Code the app with MaaS360 SDK for configurable security layer Upload app to MaaS360 MAM portal App available on Enterprise app store App deployed to user User specific policy applied to app on device
MaaS360 SDK Integration Features MaaS360 enrollment/activation details Active Directory/LDAP integration for detailed user/group information MaaS360 device compliance status MaaS360 policy information Get instantly notified on change in compliance status, policy, user, enrollment information, or on a container wipe
MaaS360 SDK Application Security Features Single Sign On (SSO) using container PIN DLP controls Cut/ Copy/ Paste restrictions Open-in to Whitelisted container apps only (Ex: Open docs from MaaS container in whitelisted app for printing) In-app VPN through Mobile Enterprise Gateway Block usage of app on non-compliance FIPS 2-140 Application Data encryption
Poll Question #3 How do you ensure application data security? a) Build it in yourself b) Use third party libraries c) Still evaluating
How do I get access to the SDK? For Enterprise apps, the SDK can be directly obtained from MaaS360. For Public apps (E.g.: Salesforce), the app owner / developer obtains the SDK via the MaaS360 WorkPlace Partner Program, integrates it into their apps, and publishes it onto a public app store for use by mutual customers of MaaS360 and Salesforce.
Integration with other MaaS360 applications Open URLs from the enterprise applications in the MaaS360 Secure Browser Compose and send emails using MaaS360 Secure Email View and edit documents securely with the MaaS360 Secure Viewer and Secure Editor
Per-App Configurations Support for delivering customized per-app, per customer/device/device group/user/user group configuration payloads, securely to the device Dynamic notification on configuration change Support for text and binary payloads
MaaS360 SDK Provisioning and Control Every SDK app is provisioned per customer, per app. A unique app ID is generated for this combination for SDK activation IT admin can restrict access to specific SDK apps via a MaaS360 policy configuration parameter
MaaS360 SDK Utilities Secure application development Utilities for encrypting/decrypting files and strings Secure extensions of common building blocks like WebViews and TextFields Easily enforce policies like copy paste restriction in a seamless way across different device/os versions
MaaS360 SDK Packaging Packaged for Android as an Android library (.jar and.so files) Packaged for ios as a multi-arch static library (.a file) Packaged for Worklight as a Worklight component Sample apps and documentation for all platforms included
MaaS360 App Wrapping Zero-effort SDK integration by transparently injecting the SDK and auto-enforcing policies. Upload app to MaaS360 MAM portal Wrap the app with configurable security layer App available on Enterprise app store App deployed to user User specific policy applied to app on device
Summary Native/Hybrid Applications (ios/android) can be developed with container controls such as Restrict, Cut/Copy/Paste, Single Sign On, Encrypt App Data, and Enforcement of Authentication Code the app in your IDE/Worklight Code the app with SDK for configurable security layer by invoking APIs for setting container controls Upload app to MaaS360 MAM portal for distribution to users/devices App available on Enterprise app store for all users to download App deployed to user User specific policy applied to app on device
Questions or follow-up? psegal@fiberlink.com kramgopal@fiberlink.com Q&A
Connect with the MaaS360 Community Past Webinars (http://www.maas360.com/maasters/webinars) Android 4.3 and Windows 8.1 -The Next Milestones in Mobile Device Management & BYOD Achieve Enterprise Mobile Security with MaaS360 MDM and Dual Persona The Evolution of BYOD - Are You Set-Up for Success? Plus lots of How-To content in our Resources section How to participate in MaaS360 WorkPlace Partner Program The Ten Commandments of Bring Your Own Device (BYOD) Does Android Dream of Enterprise Adoption?
Get Started Today! Set-up Get access to a free, fully functional trial for 30 days Provision Instantly enroll and configure your mobile devices Manage Start managing, securing, and supporting devices, apps, and docs