• Save
Peuker, Neu: Enterprise Android for the Win
Upcoming SlideShare
Loading in...5

Peuker, Neu: Enterprise Android for the Win






Total Views
Views on SlideShare
Embed Views



1 Embed 109

http://de.droidcon.com 109



Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
Post Comment
Edit your comment
  • Scenario: Native Apps for different Platforms3 Developers2 different HardwaresMISSING DISTRIBUTION CHANELSBETA TestingAndroidstraightforward BUT: reducesecurity + missingdistributioncontroliOSentreprise -> no securityloss, (ordeviceidcontrol)WP7 -> via marketplace

Peuker, Neu: Enterprise Android for the Win Peuker, Neu: Enterprise Android for the Win Presentation Transcript

  • Droidcon 2012Enterprise Android –for the win?DroidCon 2012Jan Peuker, AccentureRaoul Neu, Elca Informatik
  • Droidcon 2012«The purpose of an organization isto enable ordinary humans beingsto do extraordinary things» Peter F. Drucker Large Organizations have to strictly follow rules and laws  Very risk averse, very security and privacy aware  Rigid development standards and quality assurance Large Organizations are internationally spread  IT as business enabler, not feature- but productivity-driven  IT usually outsourced – documentation and processes mandatory We look at corporate internal applications
  • Droidcon 2012What makes Android so interestingfor the enterprise?Captain Jean-Luc Picard: Theres an aura around him.Lieutenant Geordi La Forge: Well, of course, hes an android.
  • Droidcon 2012Standards = Cost efficency
  • Droidcon 2012ChallengersiOS Windows [mobile|embedded|CE|phone] Very strong C-Level visibility,  Windows CE is the standard favorite in BYOD schemes mobile productivity platform Very good enterprise  Broad range of rugged and features, particularly for hardware (SAM) secured devices update and hardware services  Very good enterprise features, Strong device and mail encryption very strong Outlook integration Development requires  WP 7 incompatible, Windows separate infrastructure Embedded 8 could be game-changerMost importantly, though, they care.
  • Droidcon 2012«I had a problem so I thought to use Java – now I have a ProblemFactory»
  • Droidcon 2012«We seek peaceful co-existence»Capt. Remmickor: Supporting multiple platforms The right choice: Native, Hybrid or Cross-Platform  No silver bullet. Analyze your requirements & constraints. MEAP: Advantages & Drawbacks  Pro’s in integration and governance. Con’s in usability and native features.
  • Droidcon 2012 Native Code Thick Cross- Client Code Generator Rich Client VM / Runtime How much users actually like it* Hybrid App How much it Web fits enterprise Starter standards Web Client Generic Code Generic UI Native UI*) the uncanny valley, see http://martinfowler.com/bliki/CrossPlatformMobile.html
  • «How can you be certain theyre Droidcon 2012receiving us?» Capt. Picardor: Supporting multiple devices Blacklists vs Whitelists  Trusted Certificates vary between device/api/provider API & Development Issues  HttpUrlConnection vs DefaultHttpClient  Different Bouncycastle algorithms and hardware security features  Missing XML validation Licensing 3rd party software.  Best technical solution  Business model
  • «Mr. Data, is that the trouble I Droidcon 2012believe it is?» Capt. Picardor: Supporting multiple apps Dealing with enterprise release and life cycles  Always be ready to release. Think of test environment and repositories Intergalactic Continuous Integration  Not out of the box: strong & exotic hardware requirements Missing Distribution Channels  Android stays behind its competitors
  • Droidcon 2012SVNbranch SVN trunk SSH
  • Droidcon 2012How do you manage the diversity ofrules and guidelines in an enterprise?
  • Droidcon 2012«The bureaucratic mentality is the only constant in the universe» Dr. McCoy Governance is key  Enterprises applications require transactions and accountability  Device state and user assignment must be maintainable  E-Mail, Clipboard, Intents and Caches often not properly secured Security is key  Device Encryption and Application Safety are mandatory  Trusted context either via virtualization (BizzTrust, VMware) or encryption e.g. with hardware modules (3LM, Certgate, Ageto)  Tradeoff: Most sophisticated protection is not integrated in standard Android. Requires rooting, which itself is a security risk.
  • Droidcon 2012 «One of the advantages of being a Captain is being able to ask for advice without necessarily having to take it.» Cpt. Kirk  Bring your own device (BYOD)  Most employees do not want complex device passwords or full control over their device and route all internet traffic over VPN*  Currently no distinction between Corporate/Private data (except for dual-boot or application-level encryption)  Rooting and malicious software must be recognized  Connectivity  Connectivity should usually established over secure channels  Android does not support Proxy Authentication, Wi-Fi configuration  Tethering and Bluetooth cannot be controlled*) Which, luckily, is currently impossible anyways
  • Droidcon 2012Missing features:What will the future bring?
  • Droidcon 2012«Reports of my assimilation have beengreatly exaggerated» Cpt. Picard Missing ecosystem features  Enterprise Market with CA for trusted applications  OTA Update API without Google account  Clear Chrome (Jelly Bean), Motorola and Samsung strategy  Understanding of enterprise features with app makers Missing security features  MDM which supports user certificates, CA’s and network config  Wi-Fi Proxy Authentication, Full VPN routing, EAP-SIM  Real ASLR and storage encryption for corporate/private stores  E-Mail and Exchange features for S/MIME and two-factor auth  Robust Synchronization (SyncML), Robust Service and SSL API
  • Droidcon 2012Recap Align to enterprise policies, prepare for non-market distribution Embrace development standards, KPI’s and lifecycles Thoroughly manage traceability, accountability and privacy Prepare for integration using secure Webservices and XML Prepare for fragmented device base and users who need to be supported by – in the end – yourself (incomprehensible pain)
  • Droidcon 2012May the force be with you.jan.peuker@accenture.comraoul.neu@elca.ch