from liability to asset: how to better secure enterprise mobile deployments
DESCRIPTION
Most organizations view mobile apps as a strategic asset — one that has rapidly become a core part of their enterprise IT application stack. But mobile apps also present risk. They exponentially increase the perimeter an enterprise must protect as their mobile workforce continues to expand. Join us for a practical webinar that shifts the security conversation from mobile devices to what matters most – the business data being consumed by your mobile apps.TRANSCRIPT
From Liability to Asset: How to Better Secure Enterprise Mobile Deployments
Jesus RodriguezCEO, KidoZen
From Liability to Asset: How to Better Secure Enterprise Mobile Deployments
Jesus RodriguezCEO, KidoZen
About Me
• Hackerpreneur• Co-Founder KidoZen• Advisor to software companies (Microsoft, Oracle….)• Board member• Investor• Speaker & author
• http://jrodthoughts.com• http://weblogs.asp.net/gsusx• https://twitter.com/jrdothoughts
About KidoZenCOMPANY
Enterprise Mobile App Platform (PaaS) Headquarters: Miami, FL Development Center: Buenos Aires, Argentina Privately Held Series A of $5 Million: November 2013, Third Point Ventures
WHAT WE PROVIDE
Enterprise Mobile Backend-as-a-Service API Mobile SDKs Mobile Enterprise Application Center HTML 5 Hosting Mobile Data Virtualization Mobile Data Management Mobile Analytics Mobile App Prototyper
CUSTOMERS
HIGHLIGHTS
• Large Number of Enterprise APIs• Public, Private, Hybrid Cloud &
On-Premise• Access and Manage Enterprise Data
Sources by Applying Security Policies at the Data Level for Mobility Management
• 100+ Global 1000 Customers• Pricing starts at $5k/10M API Calls/10K
Users/200GB Store per Month
25 partners in 50 countries
Canada
United States
AustraliaSouth Africa
TaiwanPhilippines
Argentina
EgyptKuwaitSaudi ArabiaUAE
MexicoIndia
MalaysiaSingaporeIndonesia
China
EuropeAustriaBelgiumCzech RepublicFranceGermanyHungaryIrelandItalyLuxembourgNetherlandsNorwayPortugalSlovakiaSpainSwedenSwitzerlandUnited Kingdom
Russia
Geographic Coverage
Today’s Agenda
• Security in the enterprise mobile world• Building blocks of an enterprise mobile security architecture• How KidoZen does it
Security remains one of the biggest challenges of enterprise
mobile solutions
What does security mean in the mobile context?
5 Building Blocks of Enterprise Mobile Security
1. User authentication2. User federation3. Mobile app protection4. API security5. Data security
User Authentication
Authenticate mobile app users against a corporate identity provider
The Challenge
Authentication Models
• Active authentication • WS-Trust
• Passive authentication• WS-Federation Passive Profile• SAML2• OAuth
• Integration with corporate identity providers
• Federation with corporate identity providers• Support for passive authentication protocols• Support for active authentication protocols• Support for various security token formats
How KidoZen Does it
Identity Federation
Enable single sign-on and federation between mobile apps and corporate
identity providers
The Challenge
Federation Models
• Implement federation protocols• WS-Federation• SAML2
• Implement token exchange and single sign-on models
How KidoZen Does it
• KidoZen Identity Federation Gateway• Support for various identity providers• Token exchange and mapping rules
Mobile API Protection
Securing mobile APIs based on corporate identity assets
The Challenge
Mobile API Security
• Enable access control rules at the API level• Enable access control policies based on user identity tokens
How KidoZen Does it
• API and Connectors security settings• Access control engine based on identity token claims
Mobile Data Protection
Protect and secure the business data assets used by mobile applications
The Challenge
Mobile Data Security
• Define the data used by a mobile application• Provide access control policies at the data level
How KidoZen Does it
• KidoZen mobile data virtualization offers a model to “virtualize” the data sources used by a mobile solution
• KidoZen mobile data management offers a way to secure “virtualized data sources” using access control policies
Mobile App Protection
Provide access control policies against the different mobile applications in an enterprise
The Challenge
Mobile App Management
• Enable a central app store• Integrate the app store with a corporate identity provider • Provide access control policies at the mobile app level
How KidoZen Does it
• KidoZen’s enterprise app center provides a central application store for enterprise mobile solutions
• The enterprise app center provides access control policies based on enterprise identity providers such as Microsoft Active Directory
Other Enterprise Mobile Security Capabilities
• Device protection• Malware detection• Usage audit
Summary
• Security is one of the most important elements of enterprise mobile architecture
• The are 5 fundamental building blocks to enterprise mobile security
• User authentication• Identity Federation• API protection• Data protection • App management
• KidoZen provides a complete mobile identity management suite as part of its enterprise mobile platform
ThanksJesus Rodriguez: [email protected]
http://twitter.com/#!/jrodthoughtshttp://jrodthoughts.com/
www.kidozen.com