From Liability to Asset: How to Better Secure Enterprise Mobile Deployments
-
Upload
kidozen -
Category
Technology
-
view
164 -
download
0
description
Transcript of From Liability to Asset: How to Better Secure Enterprise Mobile Deployments
![Page 1: From Liability to Asset: How to Better Secure Enterprise Mobile Deployments](https://reader033.fdocuments.us/reader033/viewer/2022051609/547dc7f1b379593f2b8b5368/html5/thumbnails/1.jpg)
From Liability to Asset: How to Better Secure Enterprise Mobile Deployments
Jesus RodriguezCEO, KidoZen
From Liability to Asset: How to Better Secure Enterprise Mobile Deployments
Jesus RodriguezCEO, KidoZen
![Page 2: From Liability to Asset: How to Better Secure Enterprise Mobile Deployments](https://reader033.fdocuments.us/reader033/viewer/2022051609/547dc7f1b379593f2b8b5368/html5/thumbnails/2.jpg)
About Me
• Hackerpreneur• Co-Founder KidoZen• Advisor to software companies (Microsoft, Oracle….)• Board member• Investor• Speaker & author
• http://jrodthoughts.com• http://weblogs.asp.net/gsusx• https://twitter.com/jrdothoughts
![Page 3: From Liability to Asset: How to Better Secure Enterprise Mobile Deployments](https://reader033.fdocuments.us/reader033/viewer/2022051609/547dc7f1b379593f2b8b5368/html5/thumbnails/3.jpg)
About KidoZenCOMPANY
Enterprise Mobile App Platform (PaaS) Headquarters: Miami, FL Development Center: Buenos Aires, Argentina Privately Held Series A of $5 Million: November 2013, Third Point Ventures
WHAT WE PROVIDE
Enterprise Mobile Backend-as-a-Service API Mobile SDKs Mobile Enterprise Application Center HTML 5 Hosting Mobile Data Virtualization Mobile Data Management Mobile Analytics Mobile App Prototyper
CUSTOMERS
HIGHLIGHTS
• Large Number of Enterprise APIs• Public, Private, Hybrid Cloud &
On-Premise• Access and Manage Enterprise Data
Sources by Applying Security Policies at the Data Level for Mobility Management
• 100+ Global 1000 Customers• Pricing starts at $5k/10M API Calls/10K
Users/200GB Store per Month
![Page 4: From Liability to Asset: How to Better Secure Enterprise Mobile Deployments](https://reader033.fdocuments.us/reader033/viewer/2022051609/547dc7f1b379593f2b8b5368/html5/thumbnails/4.jpg)
25 partners in 50 countries
Canada
United States
AustraliaSouth Africa
TaiwanPhilippines
Argentina
EgyptKuwaitSaudi ArabiaUAE
MexicoIndia
MalaysiaSingaporeIndonesia
China
EuropeAustriaBelgiumCzech RepublicFranceGermanyHungaryIrelandItalyLuxembourgNetherlandsNorwayPortugalSlovakiaSpainSwedenSwitzerlandUnited Kingdom
Russia
Geographic Coverage
![Page 5: From Liability to Asset: How to Better Secure Enterprise Mobile Deployments](https://reader033.fdocuments.us/reader033/viewer/2022051609/547dc7f1b379593f2b8b5368/html5/thumbnails/5.jpg)
Today’s Agenda
• Security in the enterprise mobile world• Building blocks of an enterprise mobile security architecture• How KidoZen does it
![Page 6: From Liability to Asset: How to Better Secure Enterprise Mobile Deployments](https://reader033.fdocuments.us/reader033/viewer/2022051609/547dc7f1b379593f2b8b5368/html5/thumbnails/6.jpg)
Security remains one of the biggest challenges of enterprise
mobile solutions
![Page 7: From Liability to Asset: How to Better Secure Enterprise Mobile Deployments](https://reader033.fdocuments.us/reader033/viewer/2022051609/547dc7f1b379593f2b8b5368/html5/thumbnails/7.jpg)
What does security mean in the mobile context?
![Page 8: From Liability to Asset: How to Better Secure Enterprise Mobile Deployments](https://reader033.fdocuments.us/reader033/viewer/2022051609/547dc7f1b379593f2b8b5368/html5/thumbnails/8.jpg)
5 Building Blocks of Enterprise Mobile Security
1. User authentication2. User federation3. Mobile app protection4. API security5. Data security
![Page 9: From Liability to Asset: How to Better Secure Enterprise Mobile Deployments](https://reader033.fdocuments.us/reader033/viewer/2022051609/547dc7f1b379593f2b8b5368/html5/thumbnails/9.jpg)
User Authentication
![Page 10: From Liability to Asset: How to Better Secure Enterprise Mobile Deployments](https://reader033.fdocuments.us/reader033/viewer/2022051609/547dc7f1b379593f2b8b5368/html5/thumbnails/10.jpg)
Authenticate mobile app users against a corporate identity provider
The Challenge
![Page 11: From Liability to Asset: How to Better Secure Enterprise Mobile Deployments](https://reader033.fdocuments.us/reader033/viewer/2022051609/547dc7f1b379593f2b8b5368/html5/thumbnails/11.jpg)
Authentication Models
• Active authentication • WS-Trust
• Passive authentication• WS-Federation Passive Profile• SAML2• OAuth
• Integration with corporate identity providers
![Page 12: From Liability to Asset: How to Better Secure Enterprise Mobile Deployments](https://reader033.fdocuments.us/reader033/viewer/2022051609/547dc7f1b379593f2b8b5368/html5/thumbnails/12.jpg)
• Federation with corporate identity providers• Support for passive authentication protocols• Support for active authentication protocols• Support for various security token formats
How KidoZen Does it
![Page 13: From Liability to Asset: How to Better Secure Enterprise Mobile Deployments](https://reader033.fdocuments.us/reader033/viewer/2022051609/547dc7f1b379593f2b8b5368/html5/thumbnails/13.jpg)
Identity Federation
![Page 14: From Liability to Asset: How to Better Secure Enterprise Mobile Deployments](https://reader033.fdocuments.us/reader033/viewer/2022051609/547dc7f1b379593f2b8b5368/html5/thumbnails/14.jpg)
Enable single sign-on and federation between mobile apps and corporate
identity providers
The Challenge
![Page 15: From Liability to Asset: How to Better Secure Enterprise Mobile Deployments](https://reader033.fdocuments.us/reader033/viewer/2022051609/547dc7f1b379593f2b8b5368/html5/thumbnails/15.jpg)
Federation Models
• Implement federation protocols• WS-Federation• SAML2
• Implement token exchange and single sign-on models
![Page 16: From Liability to Asset: How to Better Secure Enterprise Mobile Deployments](https://reader033.fdocuments.us/reader033/viewer/2022051609/547dc7f1b379593f2b8b5368/html5/thumbnails/16.jpg)
How KidoZen Does it
• KidoZen Identity Federation Gateway• Support for various identity providers• Token exchange and mapping rules
![Page 17: From Liability to Asset: How to Better Secure Enterprise Mobile Deployments](https://reader033.fdocuments.us/reader033/viewer/2022051609/547dc7f1b379593f2b8b5368/html5/thumbnails/17.jpg)
Mobile API Protection
![Page 18: From Liability to Asset: How to Better Secure Enterprise Mobile Deployments](https://reader033.fdocuments.us/reader033/viewer/2022051609/547dc7f1b379593f2b8b5368/html5/thumbnails/18.jpg)
Securing mobile APIs based on corporate identity assets
The Challenge
![Page 19: From Liability to Asset: How to Better Secure Enterprise Mobile Deployments](https://reader033.fdocuments.us/reader033/viewer/2022051609/547dc7f1b379593f2b8b5368/html5/thumbnails/19.jpg)
Mobile API Security
• Enable access control rules at the API level• Enable access control policies based on user identity tokens
![Page 20: From Liability to Asset: How to Better Secure Enterprise Mobile Deployments](https://reader033.fdocuments.us/reader033/viewer/2022051609/547dc7f1b379593f2b8b5368/html5/thumbnails/20.jpg)
How KidoZen Does it
• API and Connectors security settings• Access control engine based on identity token claims
![Page 21: From Liability to Asset: How to Better Secure Enterprise Mobile Deployments](https://reader033.fdocuments.us/reader033/viewer/2022051609/547dc7f1b379593f2b8b5368/html5/thumbnails/21.jpg)
Mobile Data Protection
![Page 22: From Liability to Asset: How to Better Secure Enterprise Mobile Deployments](https://reader033.fdocuments.us/reader033/viewer/2022051609/547dc7f1b379593f2b8b5368/html5/thumbnails/22.jpg)
Protect and secure the business data assets used by mobile applications
The Challenge
![Page 23: From Liability to Asset: How to Better Secure Enterprise Mobile Deployments](https://reader033.fdocuments.us/reader033/viewer/2022051609/547dc7f1b379593f2b8b5368/html5/thumbnails/23.jpg)
Mobile Data Security
• Define the data used by a mobile application• Provide access control policies at the data level
![Page 24: From Liability to Asset: How to Better Secure Enterprise Mobile Deployments](https://reader033.fdocuments.us/reader033/viewer/2022051609/547dc7f1b379593f2b8b5368/html5/thumbnails/24.jpg)
How KidoZen Does it
• KidoZen mobile data virtualization offers a model to “virtualize” the data sources used by a mobile solution
• KidoZen mobile data management offers a way to secure “virtualized data sources” using access control policies
![Page 25: From Liability to Asset: How to Better Secure Enterprise Mobile Deployments](https://reader033.fdocuments.us/reader033/viewer/2022051609/547dc7f1b379593f2b8b5368/html5/thumbnails/25.jpg)
Mobile App Protection
![Page 26: From Liability to Asset: How to Better Secure Enterprise Mobile Deployments](https://reader033.fdocuments.us/reader033/viewer/2022051609/547dc7f1b379593f2b8b5368/html5/thumbnails/26.jpg)
Provide access control policies against the different mobile applications in an enterprise
The Challenge
![Page 27: From Liability to Asset: How to Better Secure Enterprise Mobile Deployments](https://reader033.fdocuments.us/reader033/viewer/2022051609/547dc7f1b379593f2b8b5368/html5/thumbnails/27.jpg)
Mobile App Management
• Enable a central app store• Integrate the app store with a corporate identity provider • Provide access control policies at the mobile app level
![Page 28: From Liability to Asset: How to Better Secure Enterprise Mobile Deployments](https://reader033.fdocuments.us/reader033/viewer/2022051609/547dc7f1b379593f2b8b5368/html5/thumbnails/28.jpg)
How KidoZen Does it
• KidoZen’s enterprise app center provides a central application store for enterprise mobile solutions
• The enterprise app center provides access control policies based on enterprise identity providers such as Microsoft Active Directory
![Page 29: From Liability to Asset: How to Better Secure Enterprise Mobile Deployments](https://reader033.fdocuments.us/reader033/viewer/2022051609/547dc7f1b379593f2b8b5368/html5/thumbnails/29.jpg)
Other Enterprise Mobile Security Capabilities
• Device protection• Malware detection• Usage audit
![Page 30: From Liability to Asset: How to Better Secure Enterprise Mobile Deployments](https://reader033.fdocuments.us/reader033/viewer/2022051609/547dc7f1b379593f2b8b5368/html5/thumbnails/30.jpg)
Summary
• Security is one of the most important elements of enterprise mobile architecture
• The are 5 fundamental building blocks to enterprise mobile security
• User authentication• Identity Federation• API protection• Data protection • App management
• KidoZen provides a complete mobile identity management suite as part of its enterprise mobile platform
![Page 31: From Liability to Asset: How to Better Secure Enterprise Mobile Deployments](https://reader033.fdocuments.us/reader033/viewer/2022051609/547dc7f1b379593f2b8b5368/html5/thumbnails/31.jpg)
ThanksJesus Rodriguez: [email protected]
http://twitter.com/#!/jrodthoughtshttp://jrodthoughts.com/
www.kidozen.com