It’s Time to Dump your 1990s App Authentication

Orlando

Migrate Win32 applications secured by client/server database logins to mobile apps that use OAuth & enterprise cloud directories for authentication instead.

Do you know Scott Tiger? Are you familiar with SA and no password? If so, you probably worked with client/server database security mechanisms from companies like Oracle, Microsoft, IBM and others. Anyone who’s built client/server, multi-tier database systems over the years has worked with Oracle Net Listener, TNSNames, Sybase DBLIB, ISAM and VSAM drivers plus a revolving door of Microsoft drivers. App logins were typically the same as the database login. DBAs were in control and app developers worked with what they were given. Sometimes data access was secured through the use of views or stored procedures. Things improved when databases started supporting integrated authentication where data access could be controlled by users and groups found in the company Active Directory.

Today’s mobile apps don’t connect to client/server databases this way. Win32 apps connecting via the LAN or VPN can kick the can down the road a bit longer. Everything else talks to databases with web APIs or sync. While these mobile-friendly APIs use database authentication to connect, the services they expose must be secured by an enterprise directory. This pattern provides identity management to mobile apps. Furthermore, cloud-based enterprise directories must be kept in sync with existing on-premises directories to keep the login procedures seamless for employees. Add multi-factor authentication to boost security and avoid consumer auth providers like Facebook or Twitter.

Reduce risk to your organization by decoupling app security from database authentication and make the move to company-wide directory services. Has your employer switched all its enterprise apps to modern authentication methods yet?

Learn how to digitally transform your company in my newest book, “Mobile Strategies for Business: 50 Actionable Insights to Digitally Transform your Business.”

Book Cover

Click to purchase a copy of my book today and start transforming your business!

Sharing my knowledge and helping others never stops, so connect with me on my blog at http://robtiffany.com , follow me on Twitter at https://twitter.com/RobTiffany and on LinkedIn at https://www.linkedin.com/in/robtiffany

Reduce Business Expenses and Accelerate Mobile Integration with Backend Servers

Bellevue

Accelerate the mobile integration and delivery of server resources to any device utilizing mobile middleware solutions like MEAP, MADP, MRAD or mBaaS.

Enterprise mobile apps don’t live in a vacuum. They typically communicate with a backend system. Some newer, vertically-integrated packages provide the backend system and mobile apps to get you up and running quickly. That said, most backend systems aren’t very helpful when it comes to talking to a variety of mobile devices.

There’s a class of mobile middleware systems that accelerate the development of connected enterprise apps. They simplify authentication with enterprise directories, deliver push notifications, provide adapters to connect to other disparate systems and facilitate data sync with devices to name a few. The first of these systems were called mobile enterprise application platforms (MEAP). Over time these systems evolved to something called mobile application development platform (MADP) to support a broader range of scenarios. Hallmarks of both MEAP and MADP was the use of proprietary technologies to rapidly create user interfaces and connect to backend systems. This made it harder to find developers since the programming environments were anything but mainstream. The newer, cloud-based iterations of these systems are called mobile backend as a service (mBaaS). This delivers half the solution as developers code with popular programming languages and interface with backend services via APIs from an mBaaS SDK. In case you need another four letter acronym to accelerate your development, check out the new class of mobile rapid application development tools (MRAD).

Reduce business expenses by getting your mobile solution to market faster with fewer development resources so you can start making money sooner. What is your company doing to accelerate mobile app development?

Learn how to digitally transform your company in my newest book, “Mobile Strategies for Business: 50 Actionable Insights to Digitally Transform your Business.”

Book Cover

Click to purchase a copy of my book today and start transforming your business!

Sharing my knowledge and helping others never stops, so connect with me on my blog at http://robtiffany.com , follow me on Twitter at https://twitter.com/RobTiffany and on LinkedIn at https://www.linkedin.com/in/robtiffany

Reduce Business Risk by Protecting Corporate Assets and IP from BYOD Employees

Los Angeles

Send “Bring your own Device” BYOD employees to the Internet via a separate Wi-Fi network versus giving them direct access to internal servers.

Many companies today have a guest network. This is a separate Wi-Fi network that visitors use to access the Internet when they come meet with employees. Some of these guest networks require a password given to them by the person at the front desk and others don’t use security.

Now imagine a guest network on steroids serving all your mobile employees when they’re in the office and extending the data plans on their personal devices.

I’m sorry, but I still don’t believe in the concept of the trusted enterprise wireless network where mobile employees have direct access to internal servers. Compromised mobile devices and apps can unwittingly attack those networks and servers. Send them out to the Internet and have them come back into the Intranet through a secure path. Your company has already spent a lot of time and effort creating a secure Extranet for employees who need remote access. Put your reverse proxies, firewalls, routers, VNETs and switches to use for all mobile employees. Instead of maintaining two classes of access to internal resources, just reuse the one you already have.

Moving into the future, Intranet resources will disappear as everything migrates to the cloud. Concepts like remote access and internal servers will vanish and your super-fast guest network will look like a stroke of genius.

Reduce Risk to you corporate assets and intellectual property by blocking direct Wi-Fi access to Intranet resources. Is your organization allowing employees to access internal servers with their personal mobile devices?

Learn how to digitally transform your company in my newest book, “Mobile Strategies for Business: 50 Actionable Insights to Digitally Transform your Business.”

Book Cover

Click to purchase a copy of my book today and start transforming your business!

Sharing my knowledge and helping others never stops, so connect with me on my blog at http://robtiffany.com , follow me on Twitter at https://twitter.com/RobTiffany and on LinkedIn at https://www.linkedin.com/in/robtiffany

Enterprise Mobility Exchange 2014

Enterprise Mobility Exchange

Join me in Las Vegas for the Enterprise Mobility Exchange at Caesars Palace on October 27-28.

I’ll be discussing the current state of enterprise mobility as well as future trends that definitely need to be on your radar.  I’ll also be talking about the Internet of Things (IoT) phenomenon and how sensors, beacons, and real-time telemetry can not only improve productivity but positively impact the bottom line of your organization.  Joined by mobile analysts and executives, you’ll get a chance to learn from some of the top mobile thought leaders in world.

Come meet me in Vegas!

Sharing my knowledge and helping others never stops, so connect with me on my blog at http://robtiffany.com , follow me on Twitter at https://twitter.com/RobTiffany and on LinkedIn at https://www.linkedin.com/in/robtiffany

Mobile World Congress in Pictures

Hola

While Winter rages on in most of the northern hemisphere, Mobile World Congress brings us Springtime in lovely Barcelona.

Hola from sunny Barcelona!  Mobile World Congress 2014 is bigger than ever with over 85,000 attendees.  With mobility firmly in control as the world’s largest megatrend in both consumer and enterprise technology, MWC14 has cemented itself as the most important global conference.  Once the domain of network equipment manufacturers, handset makers, and mobile operators, this event now attracts entrepreneurs and executives from virtually every major company.

Hola

Having Mark Zuckerberg on hand for the keynote to kick things off definitely tells me something has changed.  Most of his keynote focused on having mobile operators work with Internet.org to deliver free bandwidth to connect the 2/3rds of the world that aren’t connected.  I won’t dwell on the $19 billion WhatsApp acquisition except to say that there’s never been a better time to be a mobile developer.

Zuckerberg_MWC14

This first announcements of the event came from Microsoft where we added to our existing lineup of partners (HTC, Huawei, Nokia and Samsung).  New hardware partners include: Foxconn, Gionee, JSR, Karbonn, Lava (Xolo), Lenovo, LG, Longcheer and ZTE.  This expands Windows Phone’s reach to 56% of the global smartphone markets.  Just as important was our announcement to lower of bill of materials (BOM) costs of Windows Phone hardware by supporting Qualcomm Snapdragon 200 and 400 series chipsets and soft keys.  This allows Windows Phones to penetrate more price-sensitive markets and go after the next billion smartphone users.  Along the way, we further enhance our adoption by supporting dual SIM phones and supporting all major cellular technologies, including LTE (TDD/FDD), HSPA+, EVDO and TD-SCMA.

ReyJuanCarlos

Targeting emerging markets, Nokia announced the X family of low-cost Android smartphones.  Positioned below the Windows Phone Lumia range, these devices swap out Google services for Microsoft services including things like OneDrive, Outlook.com, Here maps, and Skype.  With the announcements made by Microsoft the previous day to lower Windows Phone hardware BOM costs, this new line of devices may find themselves bumping into the low end of the Lumia line.  They definitely have apps on their side with reports that they’ll run 75% of Google Play apps out of the box.  Speaking of low-cost, the Nokia Lumia 520 won the Global Mobile Award for Best Low Cost Smartphone at MWC this year.

NokiaX

Via its Unpacked event, Samsung launched the Galaxy S5, Gear 2, Gear Neo, and Gear Fit health band.  The Galaxy S5 looks a lot like the GS4 with a dimpled back cover, finger scanner, heart rate monitor, and an upgraded camera.  I suppose it’s the same kind of “yawner” upgrade that Apple gets away with each year with the iPhone.  Of all their new wearables, the sleek, Gear Fit stole the show with a colorful, curved display reminiscent of the Nike Fuel Band.

SONY DSC

On the enterprise side of the house, Samsung has made updates to their KNOX technologies.  KNOX 2.0 takes advantage of the multiuser capabilities of Android KitKat to provide dual/multi persona container capabilities without requiring app wrapping.  This means that just about any app in the Google Play store should work unmodified which eliminates the “hassle factor” of app wrapping to run a particular container.  Speaking of containers, KNOX 2.0 will now work with 3rd party containers such as Good’s secure container, Fixmo’s SafeZone and MobileIron’s AppConnect.  Last but not least, Samsung also launched KNOX EMM and Marketplace which support mobile device management, Identity and Access Management, and apps from the cloud with Galaxy and iOS devices.

Samsung KNOX

Lots of folks liked to hang out in the Sustainability Garden to take a break under the bubble.

SONY DSC

Almost everyone found themselves grabbing a snack and talking to other attendees in the various Networking Gardens.

SONY DSC

In other news, Samsung is taking over the world via the clever use of footballers.

SONY DSC

AppMachine facilitates rapid, multiplatform development of native apps via their web apps and Lego blocks.  Very impressed with their demo!

SONY DSC

Embarcadero keeps Delphi development relevant across mobile devices.  Let’s hear it for Object Pascal and the enduring legacy of Anders Hejlsberg!

SONY DSC

kwamecorp is an agency doing very cool mobile design and development work around the world.  They also fund startups that they think will drive positive change in the world.

SONY DSC

MicroStrategy has a mobile app platform that allows you to turn any business function into a mobile app without writing any code.

SONY DSC

The W3C is here to remind us that HTML5 is the only open, multiplatform development technology that isn’t controlled by any one company.  I’m a fan!

SONY DSC

vserv.mobi is one of many mobile advertising platform companies present in the App Planet hall in Fira Gran Via.

SONY DSC

This just looks cool.

SONY DSC

Globo demonstrated their secure container solution for Windows Phone 8 and Windows 8.1 for me.  Their container included an Exchange Active Sync client and remote file access.

SONY DSC

Nice to see Washington State representing all our great local technology companies.

SONY DSC

The beautiful HTC One snagged the Global Mobile Award for Best Smartphone at MWC this year.  They also launched the mid-range Desire 610.

SONY DSC

SAP is charging into the world of enterprise mobility with the one-two punch of Afaria for device management and SAP Mobile Platform to build apps across all mobile operating systems.  They also announced a new partnership with Xamarin to allow Microsoft Visual Studio developers to link to SAP’s Mobile Platform.  Merging Sybase Unwired Platform (SUP) and Syclo Agentry platform and implementing OData represents their MEAP/MADP roadmap.

SONY DSC

Panasonic is the real deal when it comes to enterprise mobility solutions.  I was excited to see them launch the Toughpad FZ-E1 running Windows Embedded 8 Handheld.  If you can build Windows Phone apps, you can build apps for their new rugged handheld.  Get after it!

SONY DSC

I found a company trying to cash in on the likenesses of Bill Gates, Steve Jobs, and some other guy.

SONY DSC

fitbit is one of the wearable fitness pioneers, but you’d never know it if you judged them by the size of their booth at this giant, mobile beauty pageant.

SONY DSC

SOTI touted their MobiControl Android+ technology to enable, optimize and secure Android for the enterprise.

SONY DSC

Sophos talked-up IDC’s research note that found the 25% of SMB organizations currently utilize Sophos Mobile Control as their MDM solution to govern and manage their mobile devices.

SONY DSC

Who doesn’t love GoPro?  I need to head back to Whistler.

SONY DSC

Citrix announced XenMobile for Samsung KNOX and claims the most KNOX-certified apps.

SONY DSC

Huawei launched the MediaPad X1 tablet with a 7-inch screen and cellular connectivity, which means it also serves as a giant smartphone.  They also introduced TalkBand wearables that pair with the X1 via Bluetooth to provide fitness data.

SONY DSC

LG launched the G Pro 2 phablet as well the G2 Mini.  LG’s Knock Code is an interesting security feature that allows you to tap the phone on the correct quadrant of the display to unlock it.

SONY DSC

Sony had a giant booth that seemed like a spaceship.  The launched their flagship Xperia Z2 smartphone and Xperia Z2 tablet.

SONY DSC

Sony also released their SmartBand fitness and tracker wearable that works with their new smartphone.

SONY DSC

The world’s top PC company introduced 3 new Android smartphones as well as a new 10-inch Yoga Tablet that gets 18 hours of battery life.

SONY DSC

Bill is doing a great job of demonstrating Microsoft’s 3 screen strategy across Xbox, Windows and Windows Phone.

SONY DSC

ZTE launched their ultra slim Grand Memo II LTE phablet with a 6 inch screen.  Additionally, they showed-off their ZTE Open C built in partnership with Mozilla and Telefonica.  It looks like they’re covering the high-end with Android and the low-end with Firefox OS.  They also talked about their smart city solution, ZTE iCity.

SONY DSC

Qualcomm chipsets power more mobile devices found at MWC than anyone else.

SONY DSC

John Chambers, the chairman and CEO of Cisco, claimed the Internet of Things space has the potential to generate $19 trillion worth of profit and economic benefits over the next decade.  That’s a lot of cash.

SONY DSC

Newly-acquired AirWatch had a massive booth and really emphasized their Secure Content Locker (MCM) technology this year.

SONY DSC

This small version of Oracle’s Americas Cup sailboat was the coolest thing at their booth.

SONY DSC

A $25 Firefox OS reference design was the talk of MWC.  I played with their HTML5 mobile operating system running on Alcatel and ZTE phones and they’ve definitely come a long way since last year.

SONY DSC

I actually kinda like Asus’ new ZenUI for the ZenFone.  Gotta differentiate from other Android handset makers somehow.

SONY DSC

What are my broad takeaways from this event?

  • There’s lots of unimaginative Android rectangles for sale that are undifferentiated from competitors
  • There’s a flood of fitness wearables taking advantage of Bluetooth LE
  • Lots of new players entering an already crowded EMM space
  • The device I saw people using most often was a Moleskine + Pen
  • Reaching out to the next billion people with low cost phones and connectivity is trending

See you next year!

Sharing my knowledge and helping others never stops, so connect with me on my blog at http://robtiffany.com , follow me on Twitter at https://twitter.com/RobTiffany and on LinkedIn at https://www.linkedin.com/in/robtiffany

Mobile Enterprise App Platform (MEAP)

In this week’s episode of “Inside Windows Phone,” Matthijs Hoekstra and I discuss how to build the Microsoft Mobile Enterprise App Platform (MEAP).

Mobility is the top priority for Chief Information Officers (CIOs) today.  To drive their business, they must empower their mobile employees by unlocking the value of their enterprise systems.  To do this, they must be able to move business-critical data from any backend system out to any employee device in a scalable, performant, reusable, and secure manner.  This is where the principles of MEAP come into play as discussed by Matthijs and myself:

Mobile developers that need to make the jump from consumer to enterprise must become skilled at building Web-Scale backend systems capable of supporting millions of devices.  It’s no longer just about building the mobile app.

– Rob

Sharing my knowledge and helping others never stops, so connect with me on my blog at http://robtiffany.com , follow me on Twitter at https://twitter.com/RobTiffany and on LinkedIn at https://www.linkedin.com/in/robtiffany

Sign Up for my Newsletter and get a FREE Chapter of “Mobile Strategies for Business!”

[mc4wp_form id=”5975″]

Enterprise Mobile Management with Intune

In this week’s episode of “Inside Windows Phone,” Matthijs Hoekstra and I discuss enterprise mobility management with Microsoft Intune.

Yes, we covered exciting acronyms like EMM, MDM, MAM, MIM and MCM.

– Rob

Sharing my knowledge and helping others never stops, so connect with me on my blog at http://robtiffany.com , follow me on Twitter at https://twitter.com/RobTiffany and on LinkedIn at https://www.linkedin.com/in/robtiffany

Sign Up for my Newsletter and get a FREE Chapter of “Mobile Strategies for Business!”

[mc4wp_form id=”5975″]

CTO Replaces his Laptop and iPad with a Surface Pro

Kindle

This Chief Technology Officer wants to be productive with his tablet.

Sharing my knowledge and helping others never stops, so connect with me on my blog at http://robtiffany.com , follow me on Twitter at https://twitter.com/RobTiffany and on LinkedIn at https://www.linkedin.com/in/robtiffany

Sign Up for my Newsletter and get a FREE Chapter of “Mobile Strategies for Business!”

[mc4wp_form id=”5975″]

SQLite for Windows and Windows Phone: Data Definition

SQLite

SQLite WinRT allows Windows and Windows Phone developers to create and manipulate database objects through the SQLite Data Definition Language (DDL).

SQLite supports DDL statements including CREATE, ALTER, and DROP to work with objects like Tables, Indexes, Triggers, and Views.  This is complimented by simplified, dynamic data types including INTEGER, NULL, REAL, TEXT, and BLOB.  Admittedly, this takes some getting used to by those of you who use database engines with static typing.  Here’s a quick explanation:

  • INTEGER: A signed integer that is flexibly stored in 1, 2, 3, 4, 6, or 8 bytes depending on the size of the value you INSERT.
  • NULL: Nothing to see here.
  • TEXT: A variable-sized text string stored using UTF-8, UTF-16BE or UTF-16LE encoding.
  • REAL: A floating point value stored as an 8-byte IEEE floating point number.
  • BLOB: Stores whatever you INSERT into it.

Lets cut to the chase so you can see how to create a new SQLite database:

private async void OpenCreateDatabase()
{
    var db = new SQLiteWinRT.Database(Windows.Storage.ApplicationData.Current.LocalFolder, "Contoso.db");
    try
    {
        await db.OpenAsync();
    }
    catch (System.Runtime.InteropServices.COMException ex)
    {
        var result = SQLiteWinRT.Database.GetSqliteErrorCode(ex.HResult);
        throw new Exception("Failed to create database " + result);
    }
}

Walking through the code above, you quickly notice that I created an async function.  This is because I use await when opening the database asynchronously on a worker thread to keep things fast and fluid.  The first line of code is flexible enough to either create new database called Contoso.db or use an existing one which make our lives easier.  You’ll also notice that I’m placing the database in the LocalFolder used for storage by my Windows or Windows Phone app.  SQLiteWinRTPhone is used for Windows Phone and SQLiteWinRT is used for Windows tablets, laptops, and desktops.  I’m wrapping the aforementioned code to open the database in a try/catch block specifically designed to deal with COM exceptions since our WinRT code is interoperating with native C++ code from SQLite.  You’ll use GetSqliteErrorCode in order to retrieve the HResult from SQLite and then throw the error up the stack using a standard Exception object.

With your database created, the next thing you’ll want to do is create one or more tables.  The structure for the CREATE TABLE statement can be found at http://www.sqlite.org/lang_createtable.html.  Below, I’ll show you the code to create a typical Parent/Child table relationship between a Product and ProductDetails table:

private async void CreateTables()
{
    var db = new SQLiteWinRT.Database(Windows.Storage.ApplicationData.Current.LocalFolder, "Contoso.db");
    try
    {
        await db.OpenAsync();
        string sql = @"CREATE TABLE IF NOT EXISTS Products
                       (ProductId INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL,
                       Name TEXT)";
        await db.ExecuteStatementAsync(sql);

        sql = @"CREATE TABLE IF NOT EXISTS ProductDetails
                (ProductDetailId INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL,
                Color TEXT,
                Quantity INTEGER,
                ProductId INTEGER,
                FOREIGN KEY(ProductId) REFERENCES Products(ProductId) ON DELETE CASCADE)";
        await db.ExecuteStatementAsync(sql);
    }
    catch (System.Runtime.InteropServices.COMException ex)
    {
        var result = SQLiteWinRT.Database.GetSqliteErrorCode(ex.HResult);
        throw new Exception("Failed to create tables " + result);
    }
}

In the code above, I use a sql string variable to create two different DDL statements. While they both start out with CREATE TABLE, we also have the luxury of using IF NOT EXISTS before the table name.  This means if the table already exists, this DDL statement is harmless and no operation will be performed.  The next part of the statement creates one or more columns and constraints.  In both tables I create an integer-based Id column that serves as the primary key which enforces uniqueness.  SQL Server DBAs and developers who like to use Identity columns will be happy to see the AUTOINCREMENT constraint that automatically increments the value of the integer each time a new row is inserted.  Other columns and their data types are separated by commas.  Last but not least, the ProductDetails Child table enforces a referential integrity constraint with the Products Parent table.  FOREIGN KEY points to the local ProductId column and REFERENCES the ProductId in the Products table.  ON DELETE CASCADE ensures that when a Product is deleted, associated ProductDetails are also deleted.

Once you’ve created tables, you’ll want to speed up your queries by creating indexes, prepackage SELECT statements into views, and trigger various actions whenever an INSERT, UPDATE, or DELETE occurs:

Sometimes you need to make changes to an existing table.  SQLite allows you rename tables and add columns via ALTER TABLE: http://sqlite.com/lang_altertable.html.  If you find you no longer need certain indexes, views, triggers, and tables, you can drop them:

No matter which DDL operation you need to perform, you’ll follow the same pattern I showed you in the CREATE TABLE code sample above.  You’ll piece together the appropriate statement in a string variable and then call the ExecuteStatementAsync() method.

Now that you know how to use SQLite WinRT to work with SQLite’s Data Definition Language, you can build any data structure that you mobile app needs.  In my next article I’ll show you how to work with SQLite’s Data Manipulation Language (DML) to bring you database and app to life.

– Rob

Sharing my knowledge and helping others never stops, so connect with me on my blog at http://robtiffany.com , follow me on Twitter at https://twitter.com/RobTiffany and on LinkedIn at https://www.linkedin.com/in/robtiffany

Sign Up for my Newsletter and get a FREE Chapter of “Mobile Strategies for Business!”

[mc4wp_form id=”5975″]