Top Enterprise Mobility Things To Think About 3 of 10

Top Enterprise Mobility Things To Think About 3 of 10

Top Enterprise Mobility Things To Think About 3 of 10

 

“How does the solution work if there is no network connectivity”

 

 

 

If may be hard to believe but wireless Wi-Fi and WWAN networks are not always available or reliable. In many scenarios your enterprise mobility app will need to be designed to contain all the business logic data and process it needs but residing on the handheld device itself. This enables functionality both online and offline by returning the unit back to a dock. Historically this is a common approach with .NET based devices. Same logic applies where Android or iOS are being used. Some apps like Direct Store Delivery are often used in physical environments where network access is spotty and going off to find coverage to compete a transaction would take too much time.

Where wireless or wired access is available mobile workers can communicate with host business systems in real-time. Make sure your remote app can automatically or on command send and receive queued transactions content and messages via a secure connection like Netmotion Mobility XE. Features such as this optimise user productivity while minimizing transmission costs.

"How does the solution work if there is no network connectivity"

The benefits of using Wireless either across Wi-Fi or WWAN are clear but make sure you allow for both on and off line scenarios.

Enterprise Mobile Device Security – Part 3

Enterprise Mobile Device Security – Part 3

Enterprise Mobile Device Security - Part 3

Having covered the software side of enterprise mobile device security in Parts 1 & 2, this blog will cover the hardware options to make your device and data secure.

If you are thinking “adding an SSL or Mobile VPN and device management software seems expensive why not cut out the data over the air and just use local Wi-Fi or docked Ethernet when in the office”. Limiting data transfer to within the four walls makes it very difficult for “eavesdroppers” to listen in. Jobs for the day can be synchronized to the device over night, the user can complete the jobs throughout the day and then return the unit to a cradle when the shift has finished.

This obviously limits what the mobile system can do. No new jobs can be sent to the user, no changes to the jobs, jobs cannot be assigned to a different user, no remote support or monitoring no results sent back in real-time so orders cannot be processed until the next working day. Overall when going mobile the pro’s of using a secure connection and device management outweigh the con’s.

With hardware, how can a log in confirm the user is psychicaly present? Using a biometric finger print scanner is one option. The user can slide their finger over the scanner which will confirm it against the device or against the backend server. It makes the device very secure as only that specific user can login. Application can also asked for user name and password is the finger print scanner becomes damaged or too dirty. You will find a bio metric scanner on some laptops and rugged PDAs such as the Motorola ES400, or an attachment for the MC75a.

Instead of finger print sensors, an alternative option is a smart card. Just like a security card is using to access through a door, a user can touch a smart card to a sensor. The card can then be validated over the network and the user granted access. The issue with this is that a user can still lose the card. If available for your chosen device like a rugged handheld  the initial purchase and card replacements will not be cheap though.

The last hardware piece to cover is a TPM (Trusted Platform Module). These chips are installed on the motherboard, which store certificates, passwords, but primarily encryption keys. Threat of hacking (software or accessible hardware) or physical device theft is reduced, and device authentication must pass via this chip. Currently these chips are only found in desktops, laptops like the XRW and tablets but could be installed to all devices.

So in three parts we have looked at device security out of the box, the potential problems if not secure and the options available to further secure you device, data and network.

Key point: Think about mobile device security in the planning stage and before your project gets off the ground!

Enterprise Mobile Device Security - Part 3Do not get spooked by potential enterprise mobile device security problems call us to discuss how we can help your project to address your key business issues.

 

Enterprise Mobile Device Security – Part 2

Enterprise Mobile Device Security – Part 2

Enterprise Mobile Device Security Part 1 covered the basics of locking down a device using the in built features. These are a good start to locking down a device/applications but more can be done to be ensure device and data integrity.

Enterprise Mobile Device Security – Part 2A mobile application normally always require a login ideally with an admin console back in the office where the passwords can be easily controlled by an administrator. Linking the password to Active Directory is another security feature some applications can use meaning the credentials will be confirmed against the business network.

This means password polices can be enforced, and user only needs one login to access the network from PC or mobile device.

Passing login data and and other sensitive data over the Internet in plain text is never a wise option. “Eavesdroppers” can essentially pick out the data travelling from device the server. The quickest and cheapest option is the add a SSL (Secure Sockets Layer) certificate on the server. This certificate provides encryption (usually 128-bit encryption and above) meaning only the device and server can de-crypt the data. An SSL certificate is also recommended when using web applications. You’ll commonly see an SSL certificate when entering payment details for online shopping.

A step above SSL is to use a Mobile VPN. There quite a few Mobile VPNs available from service providers but also available as software to purchase. An example is Mobility XE. Software such as this allows remote workers secure, and robust access to network resources. They offer FIPS 140-2 (Federal Information Processing Standard Publication 140-2) encryption which is a US government standard for non-classified information. Needless to say it is highly secure with very strong encryption levels. This level of encryption is becoming more and more popular with large organisations and local government.

When the communications is secure the next step is to lock down and control a device. There are a few different options for this. First is a simple lock down tool on the device, the master device is locked down, allowing access to specific applications and settings such as Bluetooth settings. This master file can then be deployed to rest of the device pool. The next level above this and a method of mass file deployment is a device management platform. SOTI MobiControl is a very popular product for just this.

MobiControl has lots of enterprise mobile device security features including configurable device lock down, remote control and help desk, location tracking, deploy files/software, allow/deny access for resources, enforce security policies and importantly manage a number of differing OS devices in the same pool, and kill the device if stolen. Killing device means the device will become inoperable by the thief.

Limiting and allowing access to specific websites can also increase productivity if the user cannot surf the web or access games on the device. There are other similar offerings, but SOTI is probably the most popular now, especially as Motorola now recommend SOTI as the remote management tool of choice.

Some application software can provide lockdown and remote control out of the box, but it very much depends on how many units the customer has and the level of remote support/control the customer wants to provide its users.

There are many software solutions for security, of which the more popular have been covered. Security of your data is down to the customer and the sensitivity of the data. The more sensitive the data, or desirable to a third party you feel it is, the more secure the data should be.

The final part in this series next week will look at security hardware for your mobile device.

Enterprise Mobile Device Security - Part 2

Do not get spooked by potential enterprise mobile device security problems call us to discuss how we can help your project to address your key business issues.

How Does Mobility XE Mobile VPN Software Work?

How Does Mobility XE Mobile VPN Software Work?

We have known the Mobile VPN guys at NetMotion for some years. Their software aims to make mobile workers more productive because their work is not interrupted by lost connections or by moving from one network to another. With Mobility XE workers do not have to continually stop what they’re doing, reconnect with their VPN and re-start their applications allowing them to focus on their jobs – not the wireless technology. So how does Mobility XE Mobile VPN software work?

Traditionally describing this can get a bit tedious…

…so they came up with this great cartoon as way of explaining what a Mobile VPN can do for your enterprise mobile project. Bravo guys!

Find out more about putting a Mobile VPN on one of our rugged laptop rugged handheld or rugged tablet PC‘s.

Try a Rugged Mobile Device for 10 days FREE

Yes, We Are Open !

MobileWorxs are accepting and processing orders. Sales service and logistics teams are ready to assist you. Use the chat function to get in touch or send an email to sales@mobileworxs.com. Some products may have extended lead times during this period.