Address Security concern in general with the Enterprise Mobility CoE

Hi,

 As we know Enterprise Mobility CoE continuously tracks technology developments in this space to develop offerings that address specific needs of their different-different verticals customers. It’s the age of bring-your-own-device (BYOD) and  I.T. security professionals need a proven way to enforce and extend identity governance from the enterprise across a plethora of mobile devices. The security challenges into the Mobility CoE trends pose for customers and address them with the following competencies: 

   

   1. Integrating login authentication with customers existing active directory server

   2. Implementing Two-Factor / Two-Channel Authentication. Some of recommended solutions are below: 

• Verification through SMS
• Validating DeviceID along with UserID
• Integrating "RSA Secure ID" services
• Integrating with third party seamless services such as SecureAuth, PhoneFactors, etc. 

     3. Data encryption & compression for offline data storage

     4. Integrated admin tools that will provide unified admin experience for different mobile 

         platforms.

     5. Identify Management (IdM)

     6. Single Sign-on (SSO)

     7. Security Token Services

Difference between MDM and MAM

Hi Friends,

  I am going to highlight about the Mobile Device Management (MDM) and Mobile Application Management (MAM) concepts in this blog. First we have to understand what exactly these concepts do and how it'll be useful for the IT managements environment. MAM is very different from MDM. As we know, devices are made to be manage by heavy handed profiles into the IT to get mainly corporate information security and protection of data to the device level. That is mean if anyone lost his device , they can wipe up it from the remote. Application is management in mobile application a really meant for mobile workforce.  This is what we get the envy and come up with the great ideas of apps that empowered us , and we need to start with the platform really knows how to do this in four life cycle:

1. Environment from upfront
2. Injection of policies
3. Security Wrapping
4. Right through the deployment and management. 

Apart from the above points, using two very important things which we need to take care , i.e, user experience, no training required , getting the apps securely. And into the IT side, all over they need to do this from secure environment and they can do across a large enterprise that scales mobile application management and mobile device management.

Lets understand the standard and brief definition of MDM and MAM:

Mobile Device Management (MDM): MDM software secures, monitors, manages and supports mobile devices deployed across mobile operators, service providers and enterprises. MDM functionality typically includes over-the-air distribution of applications, data and configuration settings for all types of mobile devices, including mobile phones, smartphones, tablet computers, ruggedized mobile computers, mobile printers, mobile POS devices, etc. This applies to both company-owned and employee-owned (BYOD) devices across the enterprise or mobile devices owned by consumers.

By controlling and protecting the data and configuration settings for all mobile devices in the network, MDM can reduce support costs and business risks. The intent of MDM is to optimize the functionality and security of a mobile communications network while minimizing cost and downtime. With mobile devices becoming ubiquitous and applications flooding the market, mobile monitoring is growing in importance. Numerous vendors help mobile device manufacturers, content portals and developers, test and monitor the delivery of their mobile content, applications and services.

Implementation:

Typically solutions include a server component, which sends out the management commands to the mobile devices, and a client component, which runs on the handset and receives and implements the management commands. In some cases, 

• a single vendor may provide both the client and the server,
• in others client and server will come from different sources.

One of the next steps was to allow a client initiated update, similar to when a user requests a Windows Update.

Central remote management, using commands sent over the air, is the next step. An administrator at the mobile operator, an enterprise IT data center or a handset OEM can use an administrative console to update or configure any one handset, group or groups of handsets. This provides scalability benefits particularly useful when the fleet of managed devices is large in size.

Central functionality includes:

• FOTA - Firmware over the air updates
• Diagnostics
• Remote Configuration and Provisioning
• Security
• Backup/Restore
• Network Usage and Support
• Server Deployment
• Mobile asset tracking and management
• Remote Lock and Wipe
• Device Provisioning
• Software Installation
• Troubleshooting and Diagnostic Tools
• Policy Application
• Logging and Reporting
• Remote Control and Administration
• GPS tracking and 'breadcrumb' mapping

Over-the-air programming (OTA) capabilities are considered a main component of mobile network operator and enterprise-grade Mobile Device Management software. These include the ability to remotely configure a single mobile device, an entire fleet of mobile devices or any IT-defined set of mobile devices; send software and OS updates; remotely lock and wipe a device, which protects the data stored on the device when it is lost or stolen; and remote troubleshooting. OTA commands are sent as a binary SMS message. Binary SMS is a message including binary data.

Mobile Application Management (MAM): MAM describes software and services that accelerate and simplify the creation of internally developed or “in-house” enterprise mobile applications. It also describes the deployment and management of in-house and commercially available mobile apps used in business settings on both company-provided and “bring your own” smartphones and tablet computers (BYOD).

Mobile application management has also been defined as “the strategy and process around developing/procuring, securing, deploying, accessing, configuring, updating and removing (business) applications from mobile devices used by the employees.” Enterprise MAM has been driven by the widespread adoption and use of mobile devices in business settings. IDC reported that smartphone use in the workplace will double between 2009 and 2014 and it continuously grows in future. The BYOD (“Bring Your Own Device”) phenomenon is a factor behind mobile application management, with personal PC, smartphone and tablet use in business settings (vs. business-owned devices) rising today in IT enterprise. When an employee brings a personal device into an enterprise setting, MAM enables the corporate IT staff to provision the device, download appropriate applications, control access to back-end data, and “wipe” the device if it is lost, or when its owner no longer works with the company.

Applications types which fall under MAM:

• Corporate data access and decision support
• CRM and sales force automation
• Disaster recovery
• Factory automation/manufacturing
• GPS and location-based services
• Human resources (timesheets, expense reports, etc.)
• Inventory management
• Order entry and tracking
• Retail and point of sale
• Training tools, including video

MAM Services:

• App delivery
• App security
• App updating
• User authentication
• User authorization
• Version checking
• Push services
• Reporting and tracking

Better Mobile Security Solutions:

Better MDM provides easy-to-use, cloud based enterprise grade technology that allows IT to adapt mobile architecture for their business in fast and secure way. Better MDM enables IT in enterprises, healthcare organizations and government agencies to secure the two end-points, Device and Applications. 

Mobile App protection and Security Wrapping:

• App Wrapping- Better MDM’s Mobile App Protection and Security Wrapping solution protects your apps through the use of fine-grained usage and security policies with no source code/SDK/API or changes to the apps required. For hyper-sensitive apps, multiple layers of protection can be used; strong authentication, data-at-rest encryption, VPN to protect data-in-transit and geo-fencing to restrict access based on geographic location. In addition, Better MDM’s Data Protection wrapper protects data from being copied and pasted to unauthorized applications. Better MDM provides both native and HTML 5 based app catalog apps.

• Enterprise App Store- Enterprise App Store enables IT easily manage App deployment by selecting which applications they wish to make available to employees. With Better MDM’s solution, you can distribute, update and ensure the security of all enterprise applications.

• App Security Analyzer- Better MDM’s App Security Analyzer identifies risks in in-house or third-party apps by scanning for malware, privacy breaches and corporate data exfiltration. We perform both static analysis of the app as well as running it instrumented emulation to identify and compute the risk score.

• Security Policy Manager- Single Security Policy engine to apply and enforce corporate security policies on both mobile apps and devices.

MonoDevelop (IDE - Cross Platform): Design and develop compelling cutting edge client application software for the MacOS and iOS/Android platforms

Hi Friends,

In this blog I am going to discuss about the IDE call "MonoDevelop" which helps the developer to develop and build the mobile client applications (i.e., iOS and Android) and services (i.e., SAAS) by little understanding of C# and ASP.Net. into the cross-platform environment.

Mono is a free and open source project led by Xamarin (formerly by Novell and originally by Ximian) to create an Ecma standard compliant .NET Framework-compatible set of tools including, among others, a C# compiler and a Common Language Runtime (CLR).

The stated purpose of Mono is not only to be able to run Microsoft .NET applications cross-platform, but also to bring better development tools to Linux developers. Mono can be run on many operating systems including Android, BSD, iOS, Linux, OS X, Windows, Solaris, Unix, and some for game consoles such as PlayStation 3, Wii, and Xbox 360.

Mono is having many innovative projects in their accounts, but few of them are so famous in respects of mobile application development and services environment. Several projects extend Mono and allow developers to use it in their development environment. These projects include:

1) Cross-Platform:

• MonoCross, a cross-platform Model–view–controller design pattern where the Model and Controller are shared across platforms and the Views are unique for each platform for an optimized User Interface.
• MonoDevelop an open source and cross platform Integrated Development Environment that supports building applications for ASP.NET, Gtk#, Meego, MonoTouch, iOS/iPad/iPod, Android  and Silverlight/Moonlight.
• Moonlight, an implementation of Silverlight that uses Mono. etc.

2) MacOS:

• Cocoa# – wrappers around the native OS X toolkit (Cocoa) (deprecated).
• Monobjc – a set of bindings for OS X programming.
• MonoMac – newer bindings for OS X programming, based on the MonoTouch API design.

3) Mobile Platforms:

• MonoDroid Mono for the Android operating system. With bindings for the Android APIs.
• MonoTouch Mono for the iPhone, iPad and iPod Touches. With bindings to the iOS APIs.

 

MonoDevelop:

An open source IDE targeting both Mono and Microsoft .NET framework platforms. MonoDevelop is a free GNOME integrated development environment primarily designed for C# and other .NET languages such as Nemerle, Boo, and Java (via IKVM.NET), although it also supports languages such as C, C++, Python, Java, and Vala. MonoDevelop was originally a port of SharpDevelop to Gtk#, but it has since evolved to meet the needs of Mono developers. The IDE includes class management, built-in help, code completion, Stetic (a GUI designer), project support, and an integrated debugger. It supports MEAP concepts as well.

The MonoDoc browser provides access to API documentation and code samples. The documentation browser uses wiki-style content management, allowing developers to edit and improve the documentation.

1) OS Support:

• OSX - MonoDevelop
• Windows - Visual Studio 2010 Pro or above and MonoDevelop

2) Cross-platform:

Create amazing Android/iOS (iPhone/iPad) apps with C# and .NET

• Cross Platform 
  Easily share code between iOS, Android and Windows Phone 7.
• Native Code 
  High-performance compiled code with full access to all the native APIs, including UIKit.
• C# & .NET 
  Everything you love about .NET, including LINQ, Delegates and Events.

MonoTouch and Mono for Android:

MonoTouch and Mono for Android, both developed by Xamarin, are implementations of Mono for iPhone and Android-based smart-phones. Contrary to Mono itself, they are released under a commercial license only. 

MonoTouch - for iOS:

MonoTouch allows developers to create C# and .NET based applications that run on the iPhone. It is based on the Mono framework and developed in conjunction with Novell. Unlike Mono applications MonoTouch "Apps" are compiled down to machine code targeted specifically at the Apple iPhone. This is necessary because the iPhone kernel prevents just-in-time compilers from executing on the device.

The MonoTouch stack is made up of:

• Compilers
• C# from the Mono Project
• Third party compilers like RemObject's Oxygene can target MonoTouch also
• Core .NET libraries
• Development SDK:
• Linker – used to bundle only the code used in the final application
• mtouch – the Native compiler and tool used to deploy to the target device
• Interface Builder and storyboard integration tools
• Libraries that bind the native CocoaTouch APIs
• MonoDevelop IDE

MonoDevelop is used as the primary IDE however additional links to Xcode and the iOS simulator have been written.

From April to early September 2010, the future of MonoTouch was put in doubt as Apple introduced new terms for iPhone developers that apparently prohibits them from developing in languages other than C, C++ and Objective-C, and the use of a middle layer between the iOS platform and iPhone applications. This made the future of MonoTouch, and other technologies such as UNITY, uncertain.Then, in September 2010, Apple rescinded this restriction, stating that they were relaxing the language restrictions that they had put in place earlier that year.

 

Why you'll love MonoTouch.

MonoTouch makes creating iPhone and iPad apps easier than ever before.

• Cross platform development 

  Thinking about supporting Android in the future? In many cases, you can reuse most of your existing code when porting from iOS to Mono for Android.

• Discover iOS as you type 

  Explore APIs as you type with code autocompletion. Just like Visual Studio.

• iOS 5 ready 

  MonoTouch has all of the latest iOS 5 features bound and ready to use in the apps you create.

• Reuse existing code 

  Import existing .NET libraries and use them in your MonoTouch apps. Easily bind existing C and Objective-C libraries as well.

• XCode 4 and UI designer integration 

  Use XCode 4 and the powerful UI Designer to create interfaces and Storyboards that automatically sync with your MonoTouch project.

• Up to date 

  MonoTouch is frequently updated and ready with all of the new iOS features - typically on the same day they are released!

Mono  for Android:

Mono for Android, developed by Xamarin, is a proprietary implementation of Mono for Android-based smart-phones. It was first released on April 6, 2011. Mono for Android was developed to allow developers to more easily write cross-platform applications that will run on all mobile platforms.

In reference to the lawsuit filed by Oracle against Google over Android's use of Java, that "The type of action Oracle is taking against Google over Java is not going to happen. If a .NET port to Android was through Mono it would fall under the Microsoft Community Promise Agreement." Recently Google has won against the Oracle filed lawsuit in favor for them about the same.

The Mono for Android stack consists of the following components:

• Mono runtime
• Libraries:
• Core .NET class libraries
• Libraries that bind the native Android/Java APIs
• SDK tools to package, deploy and debug
• Visual Studio 2010 integration to remotely debug and deploy.

 

Why you'll love Mono for Android.

Mono for Android makes creating Android apps easier than ever before.

• Cross platform development 

  Thinking about supporting iPhone or iPad in the future? In many cases, you can reuse most of your existing code when porting from Android to iOS.

• Discover as you type 

  Explore APIs as you type with code autocompletion.

• Full featured 

  Mono for Android has all of the latest Android features bound and ready to use in the apps you create.

• Reuse existing code 

  Import existing .NET libraries and use them in your Mono for Android apps.

• The Full Power of Visual Studio 

  Continue using Visual Studio or use our full featured MonoDevelop IDE to create apps using Mono for Android.

• Easy To Install 

  Installing the Android SDK can be time consuming, but Mono for Android simplifies the process by installing everything you need with just a few clicks.