Your SlideShare is downloading. ×
Embracing secure, scalable BYOD with Sencha and Centrify
Upcoming SlideShare
Loading in...5

Thanks for flagging this SlideShare!

Oops! An error has occurred.

Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Embracing secure, scalable BYOD with Sencha and Centrify


Published on

Scalable enterprise mobility solutions: How to give your employees tools they need without sacrificing user experience and security. …

Scalable enterprise mobility solutions: How to give your employees tools they need without sacrificing user experience and security.

Consumerization of IT and BYOD are here – and it’s a GOOD thing. Today's dynamic workplaces and hyper-competitive markets drive demand for more mobile productivity solutions. Nearly 70% of enterprise employees report making better decisions, being more productive and happier if they are allowed to use mobile devices and cloud-based tools. Yet, IT organizations often resist these trends because of cost and risk associated with multi-platform, multi-device ecosystem having access to corporate data and resources.

In this webinar, product experts from Sencha and Centrify will help your organization embrace BYOD and SaaS in a cost-effective, scalable way. Sencha Space is an advanced platform for securely deploying mobile apps and delivering a consistent, elegant, mobile user experience to end-users. Users can launch any mobile web app, or HTML5 app in a secure, managed environment. Combining Space with secure, Active Directory- or Cloud-Based Identity and Access Management (IAM) from Centrify gives IT visibility and control over mobile platforms and SaaS / in-house apps while improving user experience and reducing security risk.

Published in: Technology

1 Like
  • Be the first to comment

No Downloads
Total Views
On Slideshare
From Embeds
Number of Embeds
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

No notes for slide


  • 1. Embracing secure, scalable BYOD with Sencha and Centrify Presented by:
  • 2. Contents - Technology Trends and Challenges - App Development and Data Security - Managing Identity Sprawl - Integration 2
  • 3. Technology Trends And Challenges 3
  • 4. Technology Trends Shaping the Evolution of Enterprise Mobility Consumerization of IT Rapid Adoption of Mobile Enterprise Cloud Goes Mainstream Accelerating workforce virtualization • Personal devices becoming pervasive in the enterprise • Organizations must address challenges around BYOD • Opportunity for productivity gains and cost savings • Mobile device sales surpass PC sales • Mobility comes with heightened security risks • Driving a shift to mobile-first development • Cloud services gain acceptance for use in production • Cloud providers adapt offerings for the enterprise • Cloud IT investment poised for explosive growth • Collaboration with non-employees is the new normal • Managing access and data security is a major challenge • Organizational boundaries increasingly dynamic 4
  • 5. Brave new world… but IT management is losing control and visibility with increased: • Reliance on user-managed passwords • Adoption of SaaS and mobile apps • Proliferation of remote and untrusted devices IT needs a new model … that secures all devices… …solves the password problem… … and regains access control and visibility Users have lots more choices and use many more apps Users, apps and devices are no longer “behind the firewall” Mobile is the new, preferred way to access apps • End-users have too many passwords • Passwords are inherently weak • Many SaaS apps have a rich mobile client • Users have increasing numbers of devices accessing those apps 5
  • 6. A few facts… • 75% of security breaches involve compromised credentials • 71% targeted user devices • 58% perpetrated by insiders (takes 32 months to detect) • 13% leveraged misuse of privilege • Average cost $188 per record CIO: Testifying Before the Senate 56.95 57.95 58.95 59.95 60.95 61.95 62.95 63.95 64.95 65.95 0 1 2 3 $pershare Months After Breach $5.37 Billion in shareholder value lost Breach disclosed in media 6
  • 7. What IT cares about 1. Enable employee productivity 2. Ensure compliance requirements are addressed 3. Efficient management 7 1. Optimize efficiency of their developer teams 2. Deliver apps that meet business and end-user requirements 3. Maximize the useful lifetime of the app What App Dev Managers care about Aligning Objectives
  • 8. App Development And Data Security 8
  • 9. The cost of mobility can erode its ROI Inefficient mobility and security wastes resources Write Code Test Publish to app market Deploy Update $ $ $ $ $ Each part of the app development process incurs expenses… Write Code Test Publish to AppStore Deploy Update $ $ $ $ $ Write Code Test Publish to app market Deploy Update $ $ $ $ $ …which multiply with each new supported mobile OS/device platform Management Security And these processes and apps need to be managed and secure to limit risk
  • 10. Challenges The security landscape has raised the stakes Security is increasingly challenging  Targeted attacks  Spear phishing and social engineering  Mobile malware  Advanced Persistent Threats  Rising cost of data breaches How do you manage the tradeoffs between  Operational flexibility  Security  Cost and complexity  End-user experience $
  • 11. End-to-End Data Security • Data security means protecting confidentiality and integrity of data • Management and enforcement across three modes of data use 1. At-rest – When data is stored on a device 2. In-motion – When data is traversing the network 3. In-use – When a user interacts with the data through an app on a device • Ensuring data security as data moves across the range of untrustworthy networks and devices is not trivial Overview
  • 12. Managing Identity Sprawl 12 12
  • 13. From: The Rise of Data-Driven Security, EMA Research Report, 2012 © 2012 Enterprise Management Associates, Inc. The Impact of Fragmented Identity • The ideal can be hard to achieve when identity is scattered among • Applications • Systems • Endpoints • Mobile devices • Third party apps • Networks • On premises • SaaS, Cloud • Etc. … Poor integration among security tools Too difficult to distinguish which security actions or policies are working and which are ineffective or unnecessary Most significant frustrations with IT security technologies? Top 2 responses: 13
  • 14. Multiple identities + Password Sprawl Create risk • Multiple logins for users • Multiple identity infrastructures for IT to manage In- house Apps and 100’s more….Laptops Smartphones and Tablets ID ID ID ID ID ID ID ID ID ID 14
  • 15. Federated Identity Where users have one login ID and password And IT has one Federated Identity Infrastructure to manage End Users Laptops Smartphones and Tablets ID 15
  • 16. Strengthen Security with Federated Identity • Federated Identity ensures that users only need to use their AD userid/password – Only one password to remember – Password is protected by the Enterprise in AD • AD-based federation provides several advantages for IT – Leverages existing account and password policies – simplifying management – Ensures that IT controls access eliminating risk of orphaned accounts Federation Trust Cloud Proxy Server IDP as a Service Firewall ID ID 16
  • 17. Integrated Solution Easily Manage Apps, Data, And Users 17
  • 18. Sencha Space Benefits  Streamline app development process –Eliminate PhoneGap/Cordova  Deliver HTML5 apps directly to end-users through a managed, secure runtime platform Easily mobilize existing web and HTML5 apps  Helps protect your apps and data by  Managing user access  Remotely wiping your data from devices as needed  Keeping your business data separate from other data on the device  Leverage developer APIs for a rich application experience
  • 19. Sencha Space • Management Overvie Management Console • Provides centralized management of the user, data, and application lifecycles • Allows administrators to enforce policy consistently • Set minimum PIN length • Specify group membership • Provision apps to groups • Configure advanced user authentication • Enable SSL VPN connectivity • Facilitates reporting and auditing with detailed usage analytics Space Management Centralized Admin Console Policy Engine Identity and Access App Delivery Data Security Network Security
  • 20. •Supports iOS and Android (Win Phone 8 and Blackberry in beta) •Segregates business and personal data •Secures business data with strong encryption and digital signatures •Enforces policies downloaded from the console •Facilitates secure, managed use of HTML5 apps •Provides developer API to OS/Device features for rich, modern, mobile user experience Mobile Client Application Sencha Space Client Overview
  • 21. Sencha Space Security •Data Encryption – All data is stored encrypted in Space to protect the confidentiality of sensitive, proprietary information •Network Security – All data transmitted between the Space client app and management server is SSL-encrypted •VPN Support – Integration with Cisco and Juniper clientless SSL VPN for secure connectivity between the Space client app and back-end data center assets •Authentication – Single sign-on support using widely accepted SAML open standard Security Key Benefits • Reduce the risk of data breach • Grant access to applications and data based only on business need • Deploy applications securely to anyone on any device
  • 22. Sencha Space Overview of Capabilities and Benefits Component Capabilities Benefits Security • Secure data in-motion and at-rest • Manage user access entitlements • Manage risk • Facilitate compliance Policy Engine • Set and enforce consistent usage and security policies • Deploy applications instantly • Block users/devices instantly • Improve operational efficiency • Manage mobility risk Analytics • Monitor activity at the user and device level • Track application activity • Facilitate audit and reporting • Enhance operational visibility Developer API • Provide consistent API access to native device/OS capabilities • Provide developer access to Space platform capabilities • Help reduce the cost of cross-platform development
  • 23. Centrify Cloud Services = Unified Identity Services + Centrify Cloud Services Centrify Software • Authentication / Single Sign-On (SSO) • Auditing and reporting • Self-service portal • Mobile application management • Encryption of data-in-motion • Policy Enforcement • Authorization and role-based access control • Mobile Zero Sign-on (ZSO) • Mobile device management • etc. 23
  • 24. Centrify Cloud Service Centrify for iOS Centrify for Android Centrify Cloud Proxy Server Centrify DirectManage Framework DirectManage ADUC Extension DirectManage Group Policy Extension Microsoft Certificate Authority Firewall Centrify for Mac Active Directory-based Security Infrastructure Centrify Cloud Manager Centrify for SaaS Centrify Cloud Services 24
  • 25. Centrify Cloud Proxy Server Centrify Cloud Service Centrify for SaaS Centrify Cloud Manager Firewall Centrify for SaaS • One click SaaS SSO leveraging Active Directory credentials • SSO Integration with SaaS via SAML, HTTP, proprietary API, OAuth, Open ID connect • User self-service for mobile devices (e.g. location, wipe, lock) • User self-service for AD account (e.g. edit attributes, reset password) • Common administration tools for mobile and SaaS applications SaaS Apps SaaS and Mobile App Catalog You Are Here ISV Onboard Centrify Cloud Services Microsoft Certificate Authority Active Directory-based Security Infrastructure 25
  • 26. Centrify Cloud Proxy Server Centrify Cloud Service Microsoft Certificate Authority Centrify Cloud Manager Firewall SaaS Apps Mobile App Centrify for iOS and Android Active Directory-based Security Infrastructure Centrify for Mobile Applications • Device is authenticated and joined to Active Directory • Enables silent authentication aka Zero Sign-On (ZSO) for mobile apps via simple integration with Centrify Mobile Authentication SDK • Mobile apps interacts with Centrify cloud services for authn and authz • Mobile app can also access information about user attributes in AD • App settings can be centrally managed based on AD Group Policy • Remote wipe of Mobile App & Data • Common administration tools for mobile and SaaS applications SaaS and Mobile App Catalog You Are Here ISV Onboard Centrify Cloud Services 26
  • 27. Centrify Simplifies SaaS/Mobile Federated Auth Integrate Mobile App Authentication provides true enterprise Zero Sign- On • Mobile app authenticates and registers AD as it’s identity provider • Mobile app can access information about user attributes in AD • Mobile app gains SSO to backend services Cloud Proxy Server IDP as a Service Firewall Mobile OS Mobile App Mobile Auth SDKMDM Step 2 One time user authentication & device registration Step 1 Web Application Registration Step 4 Token based Authentication Step 3 Token Generation Hosted Application ID 27
  • 28. Extend Identity Services to Mobile Platforms Mobilize app and service access – Enable mobile access to Enterprise services and applications – Design mobile interfaces to seamlessly integrate with the Enterprise services Containerization to separate work from personal – Protect work applications and data from data leakage – Provide the laptop experience on mobile, unlock and access all business apps Centralize mobile and application administration – Enabling IT to manage security policies for Mobile, Workstations and Servers – Unifying app management into one interface for Mobile, Web and SaaS Apps – Leveraging automated lifecycle management through AD 28
  • 29. Integrated Solution How Sencha And Centrify Technology Can Help 29
  • 30. Cloud Proxy Server Firewall Hosted Application aka Sencha Space Cloud Service Step 1 Web Application Registration Step 3 Token based Authentication Step 2 Token Generation ID Centrify IDP as a Service Centrify + Sencha for Cloud SaaS Apps Mobile OS Sencha Space App Auth Client 30
  • 31. Integrated Solution Demo Of SAAS Application 31
  • 32. Cloud Proxy Server Firewall Internal Application Step 3 Token based Authentication Step 2 Token Generation ID Centrify + Sencha for Internal SaaS Apps Step 1 Web Application Registration Mobile OS Sencha Space App Auth Client Centrify IDP as a Service 32
  • 33. Integrated Solution Demo Of Internal Application 33
  • 34. Resources Centrify • Centrify IDaaS, MDM and MAM: ud-service-registration.asp • Centrify Developers: • Questions: • Twitter: @centrify, @annamsr Sencha • Sencha Space • Get started with a free trial in less than 5 minutes! • Questions: • Twitter: @sencha, @nharlow 34