Your enterprise, anytime, anywhere with Nakisa OrgHub for Mobile
Nakisa® OrgHub™ for Mobile - ROC Group · OrgChart runs as a Java application on SAP NetWeaver...
26
Visualize what matters most Technical Whitepaper Nakisa® OrgHub™ for Mobile Put a clear view of your organization in the hands of your employees Copyright © 2013 Nakisa Inc. All rights reserved. I November 2013 I V1 1 / 26
Transcript of Nakisa® OrgHub™ for Mobile - ROC Group · OrgChart runs as a Java application on SAP NetWeaver...
Visualize what matters most
Technical Whitepaper
Nakisa® OrgHub™ for MobilePut a clear view of your organization in the hands of your employees
Copyright © 2013 Nakisa Inc. All rights reserved. I November 2013 I V1 1 / 26
Copyright © 2013 Nakisa Inc. All rights reserved.2 / 26
Foreword 3
Introduction 5
OrgHub™ for Mobile overview 6
Application architecture 7
Deployment considerations 11
1. Mobile strategy 11
2. Installation 12
3. Security 14
1 Application security 15
2 Device 16
3 Traffic 17
4 Back-end system 18
5 Reactive security measures 19
Education 20
Licensing 20
Summary 21
Table of contents
Copyright © 2013 Nakisa Inc. All rights reserved.3 / 26
In 2010, more than half of senior executives agreed that their mobile device was their primary communications tool and 45% of senior executives said they believed a smartphone or tablet would be their primary device for business-related use within three years1 . That time is now.
The mobile future people once spoke of has arrived and the demand for anytime, anywhere network access is growing at lightning speed. Providing employees with access to key enterprise applications via a mobile device is now more important than ever before. As technology continues to evolve, a mobile strategy is indispensable; IT departments need to ensure they have the tools, solutions, security and resources ready to drive the implementation.
With the explosion of mobile, IT departments are facing the following challenges:
• A growing demand for quick access to information.
• A secure and efficient management of corporate networks.
• Numerous requests for “bring your own device” (BYOD) policies.
1 “The Untethered Executive: Business Information in the Age of Mobility.” Forbes Insight. October 2010. www.forbes.com/forbesinsights
The need for speed
Mobile devices help employees be more productive no matter where they are. They increase collaboration and the flow of information. To remain competitive, organizations need to be able to react more quickly to market conditions and customer needs. The use of mobile technologies makes that possible. While the use of mobile technologies is transforming business and making organizations more agile, it can also disrupt IT and put corporate networks at risk. IT departments can react quickly to this need by putting the right policies in place for their organization.
Corporate networks at risk
While mobile technologies are increasing employee productivity, they are also making corporate networks more difficult to manage. IT departments need to know what devices are trying to connect to their networks so they can provide convenient, secure access to those that are authorized. They must establish a standard for connected devices by making an initial inventory of all the devices on the network, categorize them and then set network access policies based on the risk profile of the device. New devices can then be automatically assigned to the established policy. This allows for a secure, convenient access for authorized devices, while providing appropriate limited access for unauthorized devices, notably personal devices employees bring to work.
ForewordThe mobile future is now
The demand for BYOD policies
It is said that IT groups typically underestimate by 50 percent the proportion of employees using their own devices for company business2. Businesses are counting on strategic IT departments to come up with robust, simple, scalable and secure BYOD strategies for their enterprise to allow users to access information from their personal devices. A BYOD policy needs to deliver the essentials for secure network access and take into consideration securing mobile devices, simplifying device and network management, and scalability.
The use of mobile devices is unlikely to decrease. IT departments that try to keep up by using traditional network access control methods risk putting their companies at a strategic disadvantage. By choosing the right technology to use on mobile devices for their organization, IT will improve network security and manageability, save IT time, increase employee productivity and gain strategic business advantage.
Visualize your enterprise, anytime, anywhere
Nakisa® OrgHub™ for Mobile provides Managers, HR & Executives with the ability to access accurate and up-to-date organizational information anytime, anywhere, enabling both IT and business to make better decisions and communicate more efficiently. With this fully integrated application, people can keep up with the daily pace of business by breaking down the barriers of traditional working and automatically mirroring the existing Nakisa® OrgChart™ application on a mobile device, creating a seamless user experience.
2 Source: IDC, 2011
Copyright © 2013 Nakisa Inc. All rights reserved.4 / 26
Who should read this whitepaper?
This technical whitepaper provides an overview of the requirements for deploying Nakisa® OrgHub™ for Mobile into an enterprise environment. It also reviews the considerations that should be taken into account to ensure organizations can achieve a smooth roll-out of the Nakisa OrgHub™ for Mobile application and how Nakisa is well-prepared to help IT departments mitigate risk and overcomechallenges. This paper will be of particular interest to IT Managers and Executives, Technical Consultants, SAP Basis Administrators, Mobile Device Specialists, Business Analysts and Technical Support Staff.
Copyright © 2013 Nakisa Inc. All rights reserved.5 / 26
On November 25, 2012, Nakisa released version 4.0 of its suite of organization and talent visualization applications. The suite comprises of two SAP® Solution Extensions, SAP® Organizational Visualization by Nakisa® (SOVN) and SAP® Talent Visualization by Nakisa® (STVN). The 4.0 suite includes a number of major feature developments and performance enhancements.
Following the release of 4.0, Nakisa announced (in January, 2013) the release3 of a new mobile application Nakisa® OrgHub™ for Mobile4. This new application brings the functionality of Nakisa® OrgChart™5 to your mobile workforce through an optimized and intuitive touch-based interface.
This paper provides an overview of the requirements and considerations that should be taken into account to ensure organizations can achieve a smooth roll-out of the OrgHub for Mobile application. This paper is baselined with the mid-2013 release of OrgHub for Mobile linked to OrgChart 4.0 SP1.
Prior to outlining the details of the architecture, we will begin by looking a little more closely at the features of the OrgHub for Mobile application (app), the types of users the app is designed for and the benefits of using the app.
3 http://www.nakisa.com/company/news-events/news/news-108.htm4 From here on in referred to as OrgHub for Mobile.5 From here on in referred to as OrgChart.
Introduction
Copyright © 2013 Nakisa Inc. All rights reserved.6 / 26
The first release of OrgHub for Mobile is designed for use on an Apple iPad (including the iPad-mini)6. It aims to deliver almost the entire functionality of the desktop browser application, OrgChart, to a touch enabled mobile device.
The application provides the ability to navigate the various hierarchies and offers the ability for users to drill down to get more information about organizational units, positions and employees including analytic and demographic based information. Access to the OrgChart Directory functionality is also built-in making it even easier to locate people and organizational units and the information held about them.
This application is designed to provide the flexibility required by workers in the modern working world. Whether employees are predominantly on the road or working remotely or if they are using mobile devices in the office environment, OrgHub for Mobile can really benefit anyone who needs to access HCM data and organizational relationships “on the go”.
A demo version of the OrgHub for Mobile app is freely available to download from the Apple App store and any user with a valid Apple ID can download and install it onto their device to trial the software. For more information on how to purchase licenses of OrgHub for Mobile, please refer to the licensing section of this whitepaper.
6 Future releases planned for other devices and to include additional functionality.
OrgHub™ for Mobile overview
Copyright © 2013 Nakisa Inc. All rights reserved.7 / 26
The OrgHub for Mobile application is currently available for any iPad running iOS5 or greater. As various deployment options are possible, you will need to consider the appropriate approach for your organization. These options will be discussed in a later section.
The application itself is built on HTML5, as well as running the application locally it utilizes the same OrgChart configuration from the SAP NetWeaver server hosting the application (fig 1). While the data that is visualized on the device is taken from the server, there is local caching of some of the data in order to maintain a high level of responsiveness in addition to storage of settings required to run the application (e.g. connection strings).
Please note that as of writing, the latest iOS version is 7.0. While OrgHub for Mobile does not require version iOS7, some version specific improvements will be covered below as they are particularly relevant for enterprise environments.
Application architecture
NakisaOrgChartSAP ECC
Local Storage
OrgHub for Mobile ApplicationData Data
Figure 1: Overview of application architecture
OrgChart runs as a Java application on SAP NetWeaver and can take one of three architectural configurations as follows:
Configuration Non-analytic data Analytic data
Live(fig. 2) Fetched on demand from an SAP ECC system Fetched on demand from an SAP ECC system
Staged(fig. 3)
Fetched from a database pre-populated with data from an SAP ECC system
Fetched from a database pre-populated with data from an SAP ECC system
Hybrid(fig. 4) Fetched on demand from an SAP ECC system Fetched from a database pre-populated with
data from an SAP ECC system
Copyright © 2013 Nakisa Inc. All rights reserved.8 / 26
Database
Nakisa OrgChart
SAP ECCSAP
NetWeaver Database
Periodic data extract
Analytic dataNon-analytic data
Figure 4: Hybrid configuration
Nakisa OrgChart
SAP ECCSAP
NetWeaver Database
All data
Periodic data extract
Figure 3: Staged configuration
Figure 2: Live configuration
SAP ECC
NakisaOrgChart
All data
SAP NetWeaver
Copyright © 2013 Nakisa Inc. All rights reserved.9 / 26
The OrgChart application therefore benefits from all the usual features you come to expect from NetWeaver hosted applications. Your SAP ECC system is the definitive source for the HCM data used by both OrgChart and OrgHub for Mobile.
The integration between OrgHub for Mobile and OrgChart is extensive, as the OrgHub for Mobile application uses the same configuration as OrgChart. This means that there are no additional development costs to duplicate the desktop configuration onto the mobile application since the same configuration is utilized by OrgHub for Mobile. This also holds true of all but the most complex of customizations clients might choose to implement.
Of course, to utilize the OrgHub for Mobile app a suitable connection must be established between the mobile device and the NetWeaver server. There are no special networking requirements to achieve this beyond those that you might expect for connecting a mobile device to your internal network. In fact, most organizations that already have mobile devices in use for accessing internal systems will find that their existing network architecture supports the implementation of OrgHub for Mobile with little or no extra configuration.
VPN
OrgHub for Mobile Application
Internet Network
Internal security measures
Firewall
External Wi-Fi/cellular data access point
Internal Wi-Fi access point
SAP NetWeaver
NakisaOrgChart
SAP ECC
Figure 5: Connectivity overview for OrgHub for Mobile
Copyright © 2013 Nakisa Inc. All rights reserved.
If the mobile device is being used in an external environment then it would be connected either via a Wi-Fi access point or over a cellular data connection (3G/4G/LTE) to the Internet (fig. 5). From there a secured connection through the corporate firewall via a virtual private network (VPN) can allow the mobile device to connect to the available network resources such as the NetWeaver server hosting the OrgChart implementation.
Most organizations offer Wi-Fi access in at least some areas. If this is simply a direct connection to the Internet (e.g. for guests), then it would in effect be the same approach as external access. Some organizations however provide secured internal Wi-Fi networks. Once connected and authenticated to such an internal access point, the iPad would once again be able to access the network resources.
In both examples there may be some routine additional configuration work for network security administrators to open up ports and set-up routing for use with internal security systems/firewalls/VPNs/etc.
Notably, there has been no mention here of SAP NetWeaver Gateway. OrgHub for Mobile has been developed to be independent of this platform and therefore has none of the costs (e.g. licensing) associated with deploying Gateway applications. As long as you can make a secure connection through to your NetWeaver server, then you will be able to run OrgHub for Mobile.
A new feature of the iPad operating system is the ability to configure and deploy a per-application VPN configuration. While not specifically required for OrgHub this is certainly something that can be beneficial to an organization. Using a per-app VPN the OrgHub for Mobile application will automatically trigger a required VPN connection, removing the user’s requirement to manually connect the VPN first.
10 / 26
Copyright © 2013 Nakisa Inc. All rights reserved.11 / 26
The technical requirements are a key consideration when preparing for the deployment of OrgHub™ for Mobile , but they are not the only consideration. Going mobile in the enterprise brings with it a number of other challenges that should be carefully considered to ensure that the approach and solutions you choose are the right ones for your organization.
1 Mobile strategy
The best starting point is your organization’s mobile device strategy and any related policies. These documents give a strategic view of how mobile technology is to be used within an organization and the guidelines under which mobile devices may be used.
Your mobile strategy can initially help you to define who might be well positioned to use or at least pilot the use of OrgHub for Mobile. It can give you details about directions for the growth of mobile device use in your organization and potentially provide information about which devices are currently used by employees, which employees are using them and even how. As a minimum you should be validating the platforms for any applications you deploy (e.g. an iPad for OrgHub for Mobile) against the strategy and policies to ensure the devices are appropriate to be deployed at your organization i.e. that the skills and tools to effectively manage and maintain the devices and applications are in place.
As mentioned earlier in the paper, a key area to understand within the scope of the strategy is BYOD or “bring your own device”. The rapid pace of IT consumerization has resulted in increased pressure for employees to be able to use their own devices to access enterprise resources and applications and this has been a huge area of contention in many IT departments. Fortunately while there can be security risks involved in BYOD, well structured, clear policies and the right tools can go a long way towards mitigating any associated risks. Even if BYOD is not currently permitted in your organization, it is worth reviewing the strategy carefully to see if it is likely to appear on the organization’s technology roadmap in the future.
With regards to OrgHub for Mobile, the issues around BYOD in terms of adequately securing the HCM data are absolutely paramount and the topic of security measures will be covered in more detail later in this paper.
Deployment considerations
2 Installation
The implementation of OrgHub for Mobile in effect comes in three parts:
1. Implementing OrgChart 4.0 SP1 or later.2. Configuring remote access for OrgHub for
Mobile.3. Installing and configuring OrgHub for Mobile
onto mobile devices.
Many organizations select an expert implementation partner such as ROC or Nakisa Consulting to carry out much of the configuration around implementing OrgChart. Such implementation partners can draw upon their experience in not only configuring and testing the system, but also in helping organizations to tailor the system to their own requirements in order to get the best possible value from it. This is the bulk of the configuration required in the majority of cases.
If the system is hosted on-premise, server and BASIS resources will also be required. The alternative would be to adopt the use of Nakisa’s private cloud service.
The configuration required to enable OrgHub for Mobile alongside OrgChart is simply a case of ticking a box. Some specific configurations are possible for OrgHub for Mobile, enabling organizations to configure things such as additional icon entries for the help panel or to change the default support message. An implementation partner can help with such configurations which require minimal work.
The configuration of remote access consists of changes to firewalls, VPNs and other access control systems to ensure that the traffic can be correctly routed between OrgChart and the OrgHub for Mobile app. This requires a detailed level of knowledge about the organization’s network architecture and security measures and should be carried out by a network security administrator.
There are two factors that tend to determine the approach to installation. The first is the scale. How many mobile devices is the application going to be installed onto? If it is a relatively small number this may be something that an IT support area (mobiles, BASIS, etc.) can manage. If it is larger than this, either additional IT resources or an alternate approach would be required.
The second factor is that the OrgHub for Mobile application is available from the Apple App Store. While it is a free application OrgHub for Mobile requires users to login with their Apple account credentials in order to download and install it. This information would typically not be available to IT staff and so some level of user interaction would be required.
In addition to this there are, of course, practical elements to consider in the approach. When can we update each device? Is it a corporate owned device or BYOD? Is there enough space on the device to install the application? Etc.
Mobile Device Management (MDM) software can certainly help bridge the gap to an extent. Many systems allow push notifications and/or device profiles to be sent to a user (via a push server) which can prompt them to install an application from the app store (fig. 6). The recommended method however is to download a copy of the application installation file (IPA) from the Nakisa Marketplace7. Most Apple compatible MDM software will allow you to automatically push out and install the OrgHub for Mobile application.
For any application (IPA) updates, please refer to the Nakisa Marketplace8 where version updates will be available.
7 https://marketplace.nakisa.com/login.html8 This is the marketplace for Nakisa applications not available on SAP Service Marketplace (SMP).
Copyright © 2013 Nakisa Inc. All rights reserved.12 / 26
Copyright © 2013 Nakisa Inc. All rights reserved.13 / 26
Apple push notification service
Firewall Third party MDM server
Apple iPad
Figure 6: Using MDM software to install Nakisa OrgHub for Mobile
One complexity that MDM software will not be able to manage is the entering of the connection details to connect OrgHub for Mobile to Nakisa OrgChart. This is currently a manual configuration task that must be carried out on each device. If MDM software is not available, then IT staff can still maintain some level of control in a structured manner by using Apple’s Configurator Utility and device profiles.
The process flow below (fig. 7) can help you identify the best way to approach the implementation.
IT staff install application with user assistance
Start
Too many devices for IT
staff to manage manually?
Bring in more IT resources
IT staff configure
application
MDM software available?
YesNo
Implementation Successful
No
Push application install available?
Yes
Yes
Automatic remote
installation of application
E-mail user instructions on
how to configure application
Push App Store application link
to device
NoUser manually
installs application from
app store
User able to configure
application?
End user configures application
Yes
NoEnd user configures application with IT staff
assistance
Figure 7: Implementation process flow
Copyright © 2013 Nakisa Inc. All rights reserved.14 / 26
3 Security
HCM data is by definition personal and access to personal data must be controlled. For instance, people’s home addresses, salary details and date of birth are good examples of why HCM data should be secured. However, it doesn’t stop there.
Internal organization structures and unit names might give competitors an insight into your upcoming products or focus areas. Therefore, security measures are absolutely critical when rolling out an application such as OrgHub for Mobile.
There are four layers across which the HCM data is stored and/or transferred (fig. 8).
The application layer is the OrgHub for Mobile application installed on the mobile device. The device layer itself is the hardware and operating system on which the OrgHub for Mobile application runs. The traffic layer is the conduit through which the OrgHub for Mobile application connects to the OrgChart. The final layer comprises the backend components of the system with which the OrgHub for Mobile app communicates. A fifth layer could also be included for the SAP ECC system from which OrgChart pulls the HCM data, the security around SAP ECC is outside the scope of this paper.
Figure 8: HCM data flow
Roles
Application Device Traffic
Passcode
Device encryption
Data encryption
Access filters
Authentication
Data encryption
Server
Authentication
Application server Database server
OrgChart DatabaseNetWeaver OS
Identity
Encryption
Filters
Data Flow
Copyright © 2013 Nakisa Inc. All rights reserved.15 / 26
Authentication
As part of the built in application security, authentication credentials must be passed through to the OrgChart by OrgHub for Mobile. The application supports OrgChart configurations that use logon screen or portal single-sign-on authentication methods. Please note, at the time of writing, OrgHub for Mobile does not support the iOS7 Enterprise Single Sign On feature.
The login details can be entered into the application each time the connection to the system is re-established. Alternately it can be entered once and stored on the device. It is important to note that there is no option available to enable or disable this password storage feature. It is most likely that users will choose to make use of this feature and store their credentials. Guidance on this should be included in your education policy for BYOD. This will be covered in a later section.
Data encryption
The application does not store any data on the mobile device other than images and icons used by the application. The connection details (which include the user ID and password) are also stored on the device but are encrypted with Apple KeyChain encryption.
Roles
The OrgHub for Mobile application uses the same role based configuration as OrgChart. This means that SAP roles are mapped to Nakisa roles which in turn controls the sets of data and functionality that the user has access to (e.g. extended employee information is secured by default). The information displayed to the user in OrgHub for Mobile is directly related to the information a user can access in SAP.
With the release of Service Pack 1 (SP1) for OrgChart 4.0, Nakisa has reintroduced the use of structural authorizations for data retrieved directly (“live”) from SAP. This means that further restrictions (set within SAP using structural driven access to data items) can be applied to further control access to restricted data.
1 Application security
Figure 9: Nakisa OrgHub for Mobile login information
Copyright © 2013 Nakisa Inc. All rights reserved.16 / 26
Passcode
All iOS devices offer a passcode option. This can be set to a simple four digit PIN (simple passcode option) or to a more secure code allowing many more characters that can be a combination of alphabetic, symbolic and numeric.
The recommendation for enterprise use is that all iOS devices should be set to have passcodes and that users should not be permitted to choose simple passcodes. This is a staple option in Apple compatible MDM software and it is an important frontline safeguard against anyone who may come into possession of the device.
Encryption
Whilst applications can enforce data encryption, iOS does include built in encryption via a feature called “data protection” (fig. 10). This feature is automatically enabled in iOS5 (minimum version for OrgHub for Mobile) onwards when the passcode feature is enabled. You can confirm it is enabled by checking at the bottom of the screen [Settings > General > Passcode Lock].
OrgHub for Mobile makes use of the Apple Data Protection API, therefore any cached application data is automatically encrypted by iOS when the device locks. When the passcode is correctly entered iOS will then decrypt the data.
2 Device
Figure 10: iOS for Mobile passcode lock
Copyright © 2013 Nakisa Inc. All rights reserved.17 / 26
Data encryption
The data obviously has to be received by the device before the OrgHub for Mobile application can process it. This potentially means transferring it across the largest public network on the planet, the Internet. Obviously this can be problematic in terms of data security. This is typically addressed by using a VPN solution.
iOS natively supports the three common VPN protocols of L2TP, PPTP and IPSEC, which allow access to a wide range of VPN systems. Should your existing VPN solution not support one of these protocols then you may find that the vendor offers an iOS compatible client application or software update that will allow you to use OrgHub for Mobile with your VPN.
By using a VPN, the packets of data are encrypted and then sent across the Internet, typically using a tunnelling model.
SSL encryption can also be a viable option in some scenarios. Whilst it is built into some VPN tunnelling solutions, it is definitely worth considering when working internally. Many clients already choose to deploy OrgChart using HTTPS rather than HTTP to ensure that all traffic to and from the system is encrypted. This takes on a greater importance when using a Wi-Fi access point as these are generally more accessible and vulnerable to attack than wired connections. Forcing access to OrgChart to use HTTPS will not only encrypt your traffic for hand-held mobile devices, but also for PCs connecting wirelessly and across wired connections.
The wireless transmission of data should also be considered; be this to a Wi-Fi access point or a data transmitter/receiver on a cell tower. More than ever, users should ensure that they are connecting to properly secured Wi-Fi networks. Beware of networks using particularly weak security protocols or the Wi-Fi born virus pushed out from hot spots called “Free Public Wi-Fi”). Cellular data is by nature encrypted and the user should not experience any issues with allowing their device to handle the details of any such data connection.
Access filters
As well as encrypting traffic, organizations should take precautions around filtering traffic that will need to be accounted for when deploying OrgHub for Mobile. Primarily this will mean configuring any hardware and/or software based firewalls to allow web traffic from internal Wi-Fi or an external internet gateway to reach the NetWeaver server running OrgChart. The traffic will be HTTP or HTTPS, but the ports may vary depending upon the organization’s network standards. Consideration may also need to be given to ensure that the traffic is routed correctly – sometimes VPNs and security devices can require additional name resolution measures to be put in place in order to ensure the traffic flows correctly between network boundaries.
3 Traffic
Copyright © 2013 Nakisa Inc. All rights reserved.18 / 26
4 Back-end system
Authentication
The final layer is based around the OrgChart system. This can consist of several components in its own right (servers, operating systems, NetWeaver, database, the OrgChart application), but each has a common security aspect. To access any of these components (including Nakisa’s OrgChart AdminConsole™), you must provide one or more logon credentials (in effect, a user ID and password).
Some organizations may include further safe-guards to these components such as further encryption and physical access restrictions, but as a minimum all of the components require at least authentication for access.
Copyright © 2013 Nakisa Inc. All rights reserved.19 / 26
Of course, even with all of these security measures in place there is always a weak link. In the case of mobile devices it is often related to the nature of the device. Should a device be lost or stolen, there are clear actions that can be taken to minimize the risk of “data leakage”.
5 Reactive security measures
1. Change the user’s SAP password
As already mentioned, most users will probably opt to store their logon credentials for OrgHub for Mobile. Therefore if an individual is able to get past the enforced passcode lock, they would then be able to log in directly to view the organization information with the device owner’s permissions. By simply changing the device owner’s password, the individual with the device is effectively locked out.
2. Locate the Device
Apple devices have an iCloud driven feature often referred to as “find my …”. This feature is enabled on an iPad under Settings > General > iCloud > Find My iPad. If you have access to MDM software this should be used to force this feature on, otherwise every device owner should enable it themselves. By logging into iCloud or using the MDM software you can locate the device assuming an internet connection is available.
3. Remote wipe the device
If the device cannot be located, a remote wipe should be issued (from the MDM or iCloud). If the device is connected to the Internet, the wipe will initiate almost immediately. If it is not, the next time the device connects to the internet it will receive the wipe instruction.
Rather than dealing with the resulting issue of a lost device, it is better to educate device owners on how to look after their device so that they reduce the chances of it becoming lost or stolen. In fact, educating the end-user should be high on your considerations for deploying OrgHub for Mobile.
Educating end-users (and support staff) on the use of OrgHub for Mobile should go hand in hand with its deployment. While online help is available and the general interface is intuitive, there is a lot of functionality within the application. Hands-on demonstrations are certainly a fantastic introduction; though organizations should also consider creating a guide for how to carry out common tasks or possibly a video of key features which users can come back to when they need a refresher.
Good habits for security, extending battery life and connecting to data networks are good starting points. But consideration should also be given to helping the user to get more from their device with other applications and functions. Expanding the scope in this way can help the users get more value from their device (including the use of OrgHub for Mobile) which can give a much greater return on investment in the long run.
Education
Copyright © 2013 Nakisa Inc. All rights reserved.20 / 26
Nakisa offers various licensing options for OrgHub for Mobile, from per user to a global enterprise license. Please contact your Nakisa or Nakisa Partner sales representative for licensing details.
The use of the iOS7 “Volume Purchase Programme (VPP) for application deployment” feature is currently being reviewed by Nakisa for future releases of OrgHub for Mobile.
Licensing
Copyright © 2013 Nakisa Inc. All rights reserved.21 / 26
OrgHub for Mobile is an elegant and cost-effective way of empowering key employees by delivering up to date organizational information to their mobile device. It allows them to make the right decisions based on the right data and keep the organization on the right track. Although implementation can be as simple as installing a free application, purchasing some licences and flicking a switch, hopefully this paper has given a deeper understanding of how to deploy in a way that fits with the organization’s mobile strategy to yield a quick and safe deployment.
Follow these five action points for an efficient and successful OrgHub for Mobile implementation.
Summary
1 Align your OrgHub for Mobile implementation to the mobile strategy and policies of your organization.
2 Identify which members of your organization would benefit most from easy access to the HCM data surfaced by OrgHub for Mobile and purchase the required licensing.
3You may require new skills to manage mobile devices.
Engaging with Nakisa or one of its partners can give you access to additional advice on
deploying the application and even additional customization.
Provision suitable resources and tools for IT staff in rolling out and supporting OrgHub for Mobile.
5 Roll out the OrgHub for Mobile application, adhering to good practice in terms of security, keeping your HCM data safe no matter where it is held.
4 Train your end-users on how to use OrgHub for Mobile and their mobile device in general.
Enable access to your Nakisa OrgChart system for access by OrgHub for Mobile.
Enable your network access to provide secure routing of OrgHub for Mobile data.
Secure any devices running OrgHub for Mobile.
AB
ABC
Copyright © 2013 Nakisa Inc. All rights reserved.22 / 26
Learn more
For an overview of the application and some further discussion of the security considerations you may also refer to the following SAP Community Network (SCN) posts:
Hands on with Nakisa OrgHub™ for Mobile – Part 1, ROC.
Hands on with Nakisa OrgHub™ for Mobile – Part 2, ROC.
The following links may be useful in educating your users in how to use OrgHub for Mobile and their iPad:
OrgHub for Mobile Overview Video, Nakisa.
Screencasts Online Video Tutor iPad Application, Don McAllister.
For more detail on how OrgHub for Mobile and NAKISA OrgChart fit into the Nakisa suite of applications please refer to the following:
Mobile Organizational Management, Nakisa
Apple App Store – OrgHub for Mobile, Nakisa.
Mobile Device Management in iOS, Apple.
iPad Security, Apple.
iPad Enterprise Deployment Support, Apple.
For more information on security and device configuration the following resources may help:
Mobile Device Management, Wikipedia.
How to Choose a Mobile Device Management Solution, David Akka.
10 Mobile Device Management Suites You Need to Know, Ken Hess.
iPad in Business – Security, Apple.
iOS Security (October 2012), Apple.
Apple Push Notification Services Tutorial, Matthijs Hollemans.
Apple Configurator Utility, Apple.
iOS Encryption and Data Protection, Jesse Hollington.
Download the Nakisa® OrgHub™ for Mobile module overview:http://www.nakisa.com/resources/brochures.htm
Watch the Nakisa® OrgHub™ for Mobiledemo videohttp://vimeo.com/49334485
Visit the Nakisa website:http://www.nakisa.com/solutions/solutions-overviews/orghub-mobile.htm
Book a demo of Nakisa’s Org Management solutionsEmail [email protected]
Copyright © 2013 Nakisa Inc. All rights reserved.23 / 26
Resources
Authors
Stephen Millard is a Consultant at ROC where his focus is in implementing SAP Org Visualization by Nakisa (SOVN) and SAP Talent Visualization by Nakisa (STVN). He has worked with clients across a wide range of industries and sectors to help them realize the true benefits of using Nakisa solutions.
Prior to joining ROC, Stephen worked in a wide variety of IT roles in the Higher Education and Finance sectors. This has included everything from systems design and development through to running ICT support services for a progressively mobile workforce.
Amit Agarwal is a Senior Product and Integration Manager at Nakisa who leads the OrgAudit product strategy team, and oversees the overall integration strategy of all Nakisa products with the SAP Platform.
With over 7 years experience in SAP HCM, and as a certified SAP HCM Solution Consultant, Amit brings deep functional and technical knowledge in both SAP and HCM, and has worked with some of the world’s largest organizations in a wide variety of industries. Amit is also a Certified Information Systems Auditor and holds a Master’s degree in Business Administration from The Richard Ivey School of Business.
Amit Agarwal, Nakisa Stephen Millard, ROC
Copyright © 2013 Nakisa Inc. All rights reserved.24 / 26
[email protected] [email protected]
Nakisa® Inc., a leader in SAP Org & Talent Management Solutions and ROC have been serving clients together since 2006. Our partnership combines best-of-breed end-to-end HR solutions with the highest quality expertise. Together, we help clients to address their business needs and identify the right solutions to help them strengthen their HCM strategy and meet their business objectives. To learn more visit http://www.nakisa.com/partners/partner-listing.htm.
Our partnership
Copyright © 2013 Nakisa Inc. All rights reserved.25 / 26
www.nakisa.comCopyright © 2013 Nakisa Inc. All rights reserved.
Contact us
Please visit www.nakisa.com for more information or email [email protected] to arrange an assessment of your organizational visualization capabilities, discuss your BYOD policy or to book a live demonstration of the Org and Talent Management solutions by Nakisa.
Nakisa Inc. is a leading Org and Talent Management software company, providing the world’s largest organizations with the
ability to visualize and maintain accurate HCM data, confidently execute organization design, devise harmonized succession
and career plans, and engage a highly productive workforce. In collaboration with a global network of partners, Nakisa serves a wide range of customers across all sectors and regions. Nakisa’s
expanding client base includes 500+ enterprise customers, with more than 3.4 million subscribers from 24 industries, in
125 countries, speaking 25 languages. Nakisa has been a Tier 1 partner of SAP® since 2007. SAP® Organizational Visualization by Nakisa® (SOVN) and SAP® Talent Visualization by Nakisa® (STVN)
are co-developed, supported and sold by SAP. These official solution extensions form a key part of the SAP product and
enhancement roadmap, ensuring customers fully benefit from the latest SAP HCM technology innovations.
ROC is a leading global HCM specialist, delivering HCM business and technology solutions across the employee lifecycle, from
process design through implementation and application support. ROC also provides a full range of consultancy services – training and change management – to support HCM technology
implementations. ROC is an accredited SAP HCM Services Partner and has achieved Special Expertise Partner status in the field of
SAP HCM. ROC is a Global Services Partner for Nakisa with Nakisa Certified Consultants (4.0).
Contact us
For more information contact [email protected] or call +1.514.228.2000
26 / 26
Contact us
For more information contact:E-mail: [email protected].: +44 (0) 1932 213 250Fax: +44 (0) 1932 213 251Web: www.roc-group.com/vsn
