Discuss business intelligence, integration, compliance and a host of other SAP-related topics – implementation, best practices and resources to negotiate the world of SAP better!

« SAP Fiori - Setting a new Paradigm for SAP Customers | Main | Data Quality Cockpit using SAP Information Steward and Data Services - Part 1 »

Why is it so difficult to use your tablet for work?


Why corporations are cautious of Bring your own device (BYOD)?

 

Financial and tele-communications sector has moderate level of BYOD adoption.  Utilities, logistics and the sales teams for CPG are showing the strongest demand.  These are industries with field force people and mobility applications are widely leveraged for their day to day jobs. For other sectors the adoption is limited to active directory based E-mail, Contacts and Calendar Synchronization. Some of our customers are restricting the support to a specific job function, or a role (exs. Exempt full time employees, BYOD support beyond a certain level). Even on enterprise issued devices, use of VPN is mostly enforced when accessing internal systems and architectural reviews are strongly looking into security and vulnerabilities in app and data on device. So with personal devices, some of our clients are still leveraging virtual desktop to access enterprise apps.

 

Some of these customers are seeing a need to deploy more enterprise apps on personal devices but still the adoption is very low. This cannot be viewed as a conservative approach, considering the huge number of cyber-attacks and flaws in mobile platforms. We have already heard an epic flaw from Apple in Feb (1) , with two new security flaws reported in April (2) and May (3). Android is still viewed with suspicion, due to the open source nature that increases the attacks and malware on this platform. McAfee collected 2.47 million samples of new mobile malware last year with 744,000 being picked up in the fourth quarter alone. This is a 197 percent increase over 2012 (4).

 

How are our customers addressing the security concerns?

 

Some of our customers have been very successful in implementing mobility across the enterprise. Let us look some of the steps taken by these customers.


  • Address security during the application development lifecycle

Application code level security and security analysis are done at various stages of the software lifecycle.

Security aspects are validated on apps manually or using testing tools like AppScan.  Code audits are conducted to ensure that the specific compliance needs are addressed.

 

  • Distribution of Apps

Customers are using secure ways for app distribution and management. They are avoiding dependency on public app store and leveraging enterprise app stores.

 

  • Device management and policies

 Devices are password protected and managed by MDM. Secure device registration and management. Enterprises also control the distribution by forcing user to enroll their device. Policies are enforced to reset password periodically.

 

  • Data security

Some of the customers disable iCloud access, so that enterprise data is not synced with iCloud where enterprise has no control.  Most of our customers who have implemented BYOD have the ability to remotely wipe clean device and take appropriate action if device reported lost/stolen. Field force productivity applications are critically assessed for application level security generally like native encryption, on device and over the wire.

 

  • Adoption on Mobile device/App Management (MDM/MAM) products

 MDM / MAM is already a key focus area for enterprises.  SAP Afaria, MobileIron and AirWatch are some of the prominent tools used by our clients. We have worked with several of our customers to extend the security framework used in the organization in conjunction with the capabilities of the MDM platform there by managing different manifestations of mobile applications and devices.

 

Conclusion:

 Following a comprehensive mobile security strategy helps adoption of mobility across the enterprise. It is critical for the IT organizations to embark on this journey now so that they don't get left behind and become reactive to the demand and pressure from business. The role of an experienced IT partner becomes very critical to ensure a successful implementation of mobility and BYOD across the enterprise. 

(1) http://www.theverge.com/2014/2/24/5442576/inside-apples-epic-security-flaw

(2) http://bgr.com/2014/04/03/ios-7-security-flaw-find-my-iphone-disable-restore

(3) http://www.macrumors.com/2014/05/05/ios-7-email-attachment-encryption

(4) http://www.techtimes.com/articles/4255/20140310/cyber-attacks-hit-all-time-high-mobile-devices-major-target.htm

 

This blog is posted on behalf of N. Manoj, Senior Practice Engagement Manager, Mobility Unit, Infosys.

 

Comments

Great review of the BYOD issue and tips for how organizations can address the concern.

Thank you so much for the wonderful information .This is really important for me .I am searching this kind of information from a long time and finally got it.

Post a comment

(If you haven't left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won't appear on the entry. Thanks for waiting.)

Please key in the two words you see in the box to validate your identity as an authentic user and reduce spam.

Subscribe to this blog's feed

Follow us on

Blogger Profiles

Infosys on Twitter