Reduce Business Risk by Using Employee Smartphones and Multi-factor Authentication to Secure Corporate Resources

Book Cover

The perception that employee #smartphones are a #security liability is misplaced. They’re a  #mobile, multi-factor authentication security asset.

It’s clear the things we’ve done in the past to stay secure are no longer sufficient. The pervasive use of usernames and passwords to authenticate with every kind of system on the planet is breaking down. Passwords aren’t strong enough and no one can remember them all. Some companies require something called two factor authentication in order to access their computer systems. This dramatically increases security because you’re required to have something like a smartcard and know something like a PIN in order to gain access. The downside is that everyone has to have a smartcard with cryptographic information on an embedded chip as well as a smartcard reader plugged into a PC to make this work. How likely is it that everyone on a global scale has this kind of gear? Not very.

It makes you wonder if there’s some kind of device carried by almost every human on the planet that could substitute for a smartcard? Seek out cloud and on-premises systems that work with devices to implement modern security features like multifactor authentication. Now when an employee enters their corporate credentials, the system will call their phone and require them to dial in an additional PIN to prove it’s actually them who’s trying to access corporate resources. A bad actor who may have stolen your credentials won’t have your phone to answer the call or know your PIN. It’s also unlikely they’ll have your face or fingerprint if you’ve enabled biometric security.

Reduce risk to your business by having employees use their smartphones to prove their identity when attempting access to corporate resources. What is your company doing to secure its business-critical resources?

Learn how to digitally transform your company in my newest book, “Mobile Strategies for Business: 50 Actionable Insights to Digitally Transform your Business.”

Book Cover

Click here to purchase a copy of my book today and start transforming your business!

Reduce Corporate Risk by Enforcing Security Policies on Mobile Apps with MAM

Book Cover

To enforce policies on individual #mobile apps, get an #EMM solution with #MAM capabilities to prevent #data leaking from corporate to personal.

Mobile App Management (MAM) allows IT departments to protect corporate data without having to manage the whole device like you would with MDM. Since apps are the delivery mechanism of business data to employees, the thinking is, if you can lock down the apps, you can lock down the data. You may not need MDM anymore.

The BYOD phenomenon has IT departments concerned about the co-mingling of personal and business apps and data. EMM and mobile operating system vendors have tackled this data loss prevention (DLP) problem with variety of approaches ranging from the use of a Chinese wall to proprietary versions of public apps. The MAM component of EMM delivers:

  • An enterprise app store where employees can select internally and externally developed apps and websites
  • Encrypted containers dividing a mobile device into business and personal workspaces where data cannot be shared
  • Ability to allow or block the opening of business documents and the copying & pasting of data between apps
  • Selective wipe of corporate email, apps, data, certs and management policies
  • Secure PIM
  • App wrapping with or without an SDK
  • Apps that prompt for a PIN for devices that aren’t configured to prompt for credentials

Reduce risk to your organization by securing your mobile apps and the data they deliver to your employees with a protective envelope. What is your organization doing to mobile apps and data safe?

Learn how to digitally transform your company in my newest book, “Mobile Strategies for Business: 50 Actionable Insights to Digitally Transform your Business.”

Book Cover

Click here to purchase a copy of my book today and start transforming your business!

//build/ : Wrap a Mobile API around your Enterprise and take Data Offline with NoSQL on Windows Phones and Tablets

BuildSession

For those of you who couldn’t make it to San Francisco, here’s my session on Wrapping a Mobile API around your Enterprise and taking Data Offline with NoSQL on Windows Phones and Tablets from //build/.

Enterprise mobility is a top priority for Chief Information Officers who must empower employees and reach customers by moving data from backend systems out to apps on mobile devices. This data must flow over inefficient wireless data networks, be consumable by any mobile device, and scale to support millions of users while delivering exceptional performance. Since wireless coverage is inconsistent, apps must store this data offline so users can be productive in the absence of connectivity.

In this video you’ll learn how to build fast and scalable REST + JSON APIs using the ASP.NET Web API while employing techniques such as data sharding and in-memory caching. On the device, you’ll learn how your apps can work with offline data via in-memory NoSQL tables that use LINQ to support the same CRUD operations as relational databases. You’ll walk away from this session with the ability to deliver flexible server solutions that work on-premise or in Azure and device solutions that work with Windows Phones and Tablets.

Download the two Visual Studio projects and associated source code from GitHub:
https://github.com/robtiffany/build-2014-mobile-api

Sharing my knowledge and helping others never stops, so connect with me on my blog at https://robtiffany.com , follow me on Twitter at https://twitter.com/RobTiffany and on LinkedIn at https://www.linkedin.com/in/robtiffany