Tag Archives: Data

Rob Tiffany

April 18, 2013

The realization that Data is a Platform provides a moment of clarity. Apps just present data to users and support its manipulation and capture. Mobile devices are convenient binary execution engines that facilitate the running of apps so you can work with that data. Focus your energy on securing data in-transit and at-rest while controlling its access via user identity. If you get mobile information management (MIM) right, then an unauthorized user running the wrong app on an unsupported device won’t be a threat to your enterprise. You’ll find that Mobile Device Management (MDM) and Mobile Application Management (MAM) begin to diminish in importance. Billions of devices combine small amounts of data to create big data. Keep things in perspective and take care of your data because it’s the new platform.

-Rob

Mobile World Congress 2013 Takeaways

1 Reply

Mobile World Congress has wrapped up and most of us are back home after spending four days at Fira Gran Via in Barcelona.

Between delivering presentations, walking miles of expo halls, and participating in dozens of meetings, the event is both exciting and tiring. This conference used to be the sole domain of mobile operators, wireless equipment manufacturers, and handset makers. Something has changed…

Mobile is no longer this fringe technology that lives on the outskirts of mainstream computing and communications technology. It is now the primary technology used by consumers and corporations to get things done and stay productive and connected. With 72,000 people in attendance, this is now one of the largest and most important technology conferences in the world. Yes, the CEOs, CIOs, and CTOs of many of the worlds largest corporations were in attendance along with consulting firms looking to transform those organizations into mobile enterprises. There’s no doubt about it, I could definitely feel the increased enterprise importance all around Fira Gran Via.

So what did I see…

If there was any doubt that 2013 was going to be the year of the Phablet, MWC put those fears to rest. Launches of giant Android smartphones to compete with the Samsung Galaxy Note II included:

The 5.5″ LG Optimus G Pro
The 5.7″ ZTE Grand Memo
The 5″ Sony Xperia Z
The 6.1″ Huawei Ascend Mate

In the “not-quite-a-phablet” category, there were quite a few Android devices launched that were virtually indistinguishable from each other. I’m not advocating fragmentation, but I wasn’t jazzed by the sea of sameness represented by all these Android clones.

The only Android standout this year was the HTC One. Its truly beautiful hardware design combined with a home screen that mimics Windows Phone start screen tiles, sets it apart from its Jelly Bean competitors. Flattery I guess.

Tablets were getting smaller and I really liked the Samsung Galaxy Note 8 with the S-Pen. It was thin, light, easy to hold, super fast and it’s definitely going to give the iPad Mini a run for its money. On the opposite end of the spectrum, HP showed off its forgettable Slate 7 Android tablet to compete against the Kindle Fire and Nexus 7 in a race to the bottom. Personally, I always believed HP should have doubled-down on the innovative webOS that it paid almost $2 billion for. Instead, it unloaded this asset on LG on the first day of the conference. Can you imagine how fast the beautiful webOS would run on today’s multicore ARM processors?

Speaking of web-based mobile operating systems, Mozilla managed to line up 17 mobile operators to support its Firefox OS running on devices from LG, ZTE, and others. It’s targeting low-end devices in emerging markets with low-cost phones. It’s not a bad strategy, but they still have a lot of work to do because I found their demo devices to be both slow and unattractive. On the other hand, I found the Ubuntu Touch phone and tablet to be attractive, differentiated, and very responsive. It will definitely be a strong competitor once it gets off the ground.

In hearing the call to reach out to the “next billion” people in developing markets, Nokia launched a range of devices at progressively lower price points. From the Nokia 105 feature phone at under $20 up through the entry-level Lumia 520 Windows Phone, to the mid-range Lumia 720, Nokia made some important moves to diversify its portfolio with delightful devices.

Anyone who walked the halls of the Fira Gran Via couldn’t miss the overwhelming presence of Samsung at this event. They were most definitely the 800-pound gorilla of the show and synonymous with the success of Android in the consumer space. It’s clear that being the leader in the consumer space is no longer enough for them. They’ve recognized the Android security shortcomings that have kept this mobile OS out of the enterprise and they’re doing something about it. Following on the heels of Samsung For Enterprise (SAFE), at MWC they launched Samsung Knox.

From my vantage point as an enterprise mobility strategist, the launch of Samsung Knox is the single most impactful event this year in Barcelona. Samsung has introduced a dual-persona phone technology that may help Android break into the enterprise. Users can easily switch between the personal side of their phone to a separate, encrypted container for business. Unlike other containerization solutions, this one runs fast and the email, calendar, and apps look familiar to users of the Samsung Touchwiz user interface. Combined with the fact that the leaders from the MDM magic-quadrant were already offering secure, private app distribution solutions based on the Knox APIs, Samsung has a formidable solution for the enterprise.

I really enjoyed co-presenting with my Microsoft colleagues Andy Wigley and Larry Lieberman at the Nokia App Developer Conference on day 1 of MWC. Helping to empower developers from all over the world to do their best work targeting Windows Phone 8 is very rewarding.

Later in the week I had the privilege of serving on a panel with Benjamin Robbins, Vishy Gopalakrishna, and Ben Smith where we discussed “The Future of Enterprise Mobility.” We tackled subjects such as mobile security, BYOD, enterprise apps, the roles of mobile centers of excellence, and how to enable legacy apps for mobile consumption. I even coined the term “MSOA” which stands for Mobile Service Oriented Architecture. In other words, it’s time to replace those SOAP and XML web services with lightweight REST and JSON services + caching and compression to better serve all mobile devices over unpredictable wireless data networks.

See you in Barcelona next year,

Rob

Rob Tiffany

February 4, 2012

Wow! Just opened a 1099 tax document for 2011 from Apress. People must still be buying my old books on eMbedded Visual Basic, the .NET Compact Framework 2.0, and SQL Server Compact 2.0. The Pocket PC and Windows Mobile live on!

A separate 1099 for Hood Canal Press tells me that my SQL Server Merge Replication books are still killing it! Our world of disconnected devices require efficient data sync now more than ever. Despite a variety of sync technologies out there, Merge is still the best!

Encrypting your Credentials on Windows Phone 7.5

1 Reply

The last time I talked to you about Windows Phone security, I showed you how to encrypt your data and save it in Isolated Storage using Silverlight’s AesManaged class to create a Key and an Initialization Vector (IV) based on a password and salt value. This gave your consumer and line-of-business apps the iron-clad AES 256 encryption they needed to secure sensitive data. While this made 3rd-party Windows Phone apps the most secure in the industry, users had to deal with the hassle of entering their credentials each time they launched their secure app.

The reason users had to reenter their credentials each time is because there was no secure way to store those credentials or the key in Isolated Storage. Having the unencrypted credentials used to create the key sitting next to the encrypted data is the same as having no security at all. With the launch of Mango, all this has changed.

Windows Phone 7.5 gives us the Data Protection API (DPAPI) which makes it easy to encrypt and decrypt data. It pulls this off by generating and storing a key based on the user and phone credentials. Oh, and it gets its own decryption key, which is created the first time you run the app that’s doing the encrypting.

Using the ProtectedData class, it’s as simple as calling the Protect method to turn an unencrypted byte array into an encrypted one. On the flip side, you call the Unprotect method to convert an encrypted byte array into an unencrypted one. In cases where the data stays on the phone, this may take care of all of your encryption needs and you won’t necessarily have to jump through all the AesManaged hoops I had you jump through back before we launched Windows Phone 7. On the other hand, if you want to encrypt data on Windows Phone, send it over a network and decrypt it on a server or other endpoint, you need to stick with the stuff I taught you before.

Below is a snippet of code that shows you how to encrypt the password and salt values needed to create a key with the AesManaged class:

using System.Security.Cryptography;

//Convert Password and Salt values to byte[] arrays

byte[] PasswordByte = Encoding.UTF8.GetBytes(Password.Text);

byte[] SaltByte = Encoding.UTF8.GetBytes(Salt.Text);

//Encrypt Password and Salt byte[] arrays using Protect() method

byte[] ProtectedPasswordByte = ProtectedData.Protect(PasswordByte, null);

byte[] ProtectedSaltByte = ProtectedData.Protect(SaltByte, null);

//Save byte[] arrays as two files in Isolated Storage

…

//Read byte[] arrays from files

//Decrypt Password and Salt byte[] arrays using Unprotect() method

byte[] PasswordByte = ProtectedData.Unprotect(ProtectedPasswordByte, null);

byte[] SaltByte = ProtectedData.Unprotect(ProtectedSaltByte, null);

//Convert byte[] arrays to strings and display in the text boxes

Password.Text = Encoding.UTF8.GetString(PasswordByte, 0, PasswordByte.Length);

Salt.Text = Encoding.UTF8.GetString(SaltByte, 0, SaltByte.Length);

With this simple code above, you can now encrypt and decrypt your credentials so you can save them in Isolated Storage next to the portable, encrypted data created via the AesManaged class. So what does this buy you?

It means your users can enter their credentials just once, no matter how many times they launch your secure application. Hassle-free.

Stay safe out there,

Rob

Sync Framework v4 is now Open Source, and ready to Connect any Device to SQL Server and SQL Azure

11 Replies

The profound effects of the Consumerization of IT (CoIT) is blurring the lines between consumers and the enterprise. The fact that virtually every type of mobile device is now a candidate to make employees productive means that cross-platform, enabling technologies are a must. Luckily, Microsoft has brought the power to synchronize data with either SQL Server on-premise or SQL Azure in the cloud to the world of mobility. If you’ve ever synched the music on your iPhone with iTunes, the calendar on your Android device with Gmail, or the Outlook email on your Windows Phone with Exchange, then you understand the importance of sync. In my experience architecting and building enterprise mobile apps for the world’s largest organizations over the last decade, data sync has always been a critical ingredient.

The new Sync Framework Toolkit found on MSDN builds on the existing Sync Framework 2.1′s ability to create disconnected applications, making it easier to expose data for synchronization to apps running on any client platform. Where Sync Framework 2.1 required clients to be based on Windows, this free toolkit allows other Microsoft platforms to be used for offline clients such as Silverlight, Windows Phone 7, Windows Mobile, Windows Embedded Handheld, and new Windows Slates. Additionally, non-Microsoft platforms such as iPhones, iPads, Android phones and tablets, Blackberries and browsers supporting HTML5 are all first-class sync citizens. The secret is that we no longer require the installation of the Sync Framework runtime on client devices. When coupled with use of an open protocol like OData for data transport, no platform or programming language is prevented from synchronizing data with our on-premise and cloud databases. When the data arrives on your device, you can serialize it as JSON, or insert it into SQL Server Compact or SQLite depending on your platform preferences.

The Sync Framework Toolkit provides all the features enabled by theSync Framework 4.0 October 2010 CTP. We are releasing the toolkit as source code samples on MSDN with the source code utilizing Sync Framework 2.1. Source code provides the flexibility to customize or extend the capabilities we have provided to suit your specific requirements. The client-side source code in the package is released under the Apache 2.0 license and the server-side source code under the MS-LPL license. The Sync Framework 2.1 is fully supported by Microsoft and the mobile-enabling source code is yours to use, build upon, and support for the apps you create.

Now some of you might be wondering why you would use a sync technology to move data rather than SOAP or REST web services. The reason has to do with performance and bandwidth efficiency. Using SOA, one would retrieve all the data needed to the device in order to see what has changed in SQL Server. The same goes for uploading data. Using the Sync Framework Toolkit, only the changes, or deltas, are transmitted over the air. The boosts performance and reduces bandwidth usage which saves time and money in a world of congested mobile data networks with capped mobile data plans. You also get a feature called batching, which breaks up the data sent over wireless networks into manageable pieces. This not only prevents you from blowing out your limited bandwidth, but it also keeps you from using too much RAM memory both on the server and your memory-constrained mobile device. When combined with conflict resolution and advanced filtering, I’m sold!

I think you’ll find the Sync Framework Toolkit to be an immensely valuable component of your MEAP solutions for the enterprise as well as the ones you build for consumers.

Keep Synching,

Rob