• Like

Securing Your Mobile Backend featuring Forrester Research inc - Combine API Backend Security with MDM/MAM to Implement End-to-End Mobile Security

Uploaded on

Many organizations are embracing mobile device management (MDM) and mobile app management (MAM) solutions to secure enterprise data and apps on smartphones, tablets and other mobile devices. However, …

Many organizations are embracing mobile device management (MDM) and mobile app management (MAM) solutions to secure enterprise data and apps on smartphones, tablets and other mobile devices. However, these solutions are often not enough to provide the levels of secure and seamless access required for effective mobile workforce enablement.

This webinar, featuring Forrester MDM Analyst Christian Kane and Layer 7 Chief Strategy Officer Dimitri Sirota will examine how MDM/MAM solutions can be implemented in conjunction with Mobile Access and API Management technologies in order to deliver end-to-end data and app protection.

You Will Learn

How IT consumerization and BYOD are driving enterprise demand for MDM and MAM
The security scope and limitations of MDM/MAM solutions
The role of API Management products in securing the mobile backend
The benefits of end-to-end mobile security, from device to datacenter

More in: Technology , Business
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
No Downloads


Total Views
On Slideshare
From Embeds
Number of Embeds



Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

    No notes for slide


  • 1. Securing Your Mobile BackendDimitri SirotaCSO,Layer 7 TechnologiesChristian KaneEnterprise Mobility, Infrastructure & Operations Analyst,Forrester Research, Inc.June 20, 2013
  • 2. Layer 7 Confidential 2Layer 7 Confidential 2Questions-Chat any questions you have and we’ll answer them at theend of this webinarTwitter- Today’s event hashtag: #L7webinarFollow us on Twitter:@layer7@forresterLayer 7 ConfidentialWebinar Housekeeping
  • 3. Layer 7 Confidential 3Layer 7 Confidential 3© 2009 Forrester Research, Inc. Reproduction ProhibitedMobile Enablement:Evolve Your Strategy Beyond MDMChristian Kane, AnalystForrester ResearchJune 20, 2013
  • 4. Layer 7 Confidential 4Layer 7 Confidential 4© 2012 Forrester Research, Inc. Reproduction ProhibitedThe line between personal and work computing isbreaking down
  • 5. Layer 7 Confidential 5Layer 7 Confidential 5© 2012 Forrester Research, Inc. Reproduction ProhibitedIT is Consumerizing: We’re all highly influenced by thetechnology we use at homeBase: 3,258 North American and European technology end usersSource: Forrsights Workforce Employee Survey, Q4 20126%15%39%40%Older Boomers and Seniors (57+)Younger Boomers (47-56)Gen X (33-46)Gen Y (18-32)“Please indicate how much each statement describes your attitudes toward technology andyour lifestyle?”The technology I have at home is better than the technology I have at work
  • 6. Layer 7 Confidential 6Layer 7 Confidential 6Sample Size = 190 enterprise IT decision makers who are planning, piloting, or have implemented a BYOD program]Source: Forrsights Hardware Survey, Q3 2012Why does your firm support, or is your IT organization planning to support, bring-your-own deviceprogram?3%16%18%37%41%42%51%65%Other reasonHR believes it will help attract new hires to ourcompanyExecutive direction or requirementLower support costsImproved self-service for end usersIt will help us support a mobile workforceLower purchase costs for the companyEnd users prefer itThis is Driving Demand for mobile BYODprograms
  • 7. Layer 7 Confidential 7Layer 7 Confidential 7© 2012 Forrester Research, Inc. Reproduction ProhibitedIT faces conflicting mobility needs frombusiness decision-makers and employeesTask WorkersIT ExecutivesBusiness Decision Makers•Productive devices•Efficient employees•LOB applications•Cost effective solutions•Consistent usage•Standard, corporateapproved devices andapplications•Scalable solutions•Minimize costs• Ensure security•Multi-user•Designed for specifictask•Corporate owned•Advanced support
  • 8. Layer 7 Confidential 8Layer 7 Confidential 8Source: Forrester’s Forrsights networks and telecommunications survey, Q1 2012Base: 1,535 mobile technologies and services decision-makers at North American and European companies(multiple responses accepted)Security in BYOD is top mobile challenges
  • 9. Layer 7 Confidential 10Layer 7 Confidential 108%8%10%15%15%19%27%30%33%37%37%A self-service portal where employees can configure andmanage their devicesMobile service telecom expense softwareAccess to detailed reporting and usage analyticsDeploy and update custom-developed appsDeploy and manage third-party productivity apps that thecompany has vetted/bought for employeesProvision data access and apps based on employeerole/functionWe do not support any apps besides those that arealready on the phoneHelp desk support for mobile appsBreak/fix/replace hardware serviceManage security on the deviceDevice configuration managementToday, which of the following capabilities does your firm provide to supportsmartphones and tablets?Source: Forrester’s Forrsights networks and telecommunications survey, Q1 2012Base: 1,535 mobile technologies and services decision-makers at North American and European companies(multiple responses accepted)Most firms currently address security byimplementing basic mobile device andapplication management features
  • 10. Layer 7 Confidential 11Layer 7 Confidential 11Most firms start with MDM…January 2012 “Market Overview: On-Premise Mobile Device Management Solutions”
  • 11. Layer 7 Confidential 12Layer 7 Confidential 12…But realize they’re dealing with thisCloud Devices Apps
  • 12. Layer 7 Confidential 13Layer 7 Confidential 13What are your firms plans to adopt the following mobile technologies?17%22%28%23%53%35%33%18%Smartphones for employeesTablets for employeesMobile applicationsEnterprise app store solutions todeploy and manage smartphone andtablet applicationsPlanning to implementImplemented or expandingSource: Forrsights Budgets And Priorities Tracker Survey Q4 2012Base = 3,753 global IT executives and technology budget decision-makersMultiple devices means applications become much moreimportant
  • 13. Layer 7 Confidential 14Layer 7 Confidential 14MDM evolves with MAM, data management, security,and support options- Device support- Windows Mobile/CE- Windows / Mac- App support- Remote control- Dual persona- Expense management• Application management› Security› SDKs/Containers• Data containers• Secure file sync & shareManagement & Support Apps & Data
  • 14. Layer 7 Confidential 15Layer 7 Confidential 15Source: Forrsights Software Survey, Q4 2012As your firm considers its mobile strategy and investments, which departments orbusiness groups is it most focused on?2%5%8%9%12%18%19%20%34%34%42%48%Dont knowOtherManufacturing (e.g., production planning/execution)Procurement (e.g., sourcing, supplier selection)Order fulfillment (e.g., distribution, transportation)Office of the CEO and other executive managementCorporate services (e.g., finance, human resources)Research and development (e.g., product portfolio planning…Marketing (e.g., promotions, campaigns)Customer service (e.g., returns, complaint management)Field service (operations and maintenance)Sales (e.g., customer segmentation, order management)Base = 704 global software decision-makersInvesting in Customer facing apps that require backendaccess
  • 15. Layer 7 Confidential 16Layer 7 Confidential 16Base = 1,749 North American and European information workers who use a smartphone for workSource: Forrsights Workforce Employee Survey, Q2 2012“What smartphone/tablet applications do you currently use for work?"15%18%19%20%21%25%25%28%32%36%39%40%58%73%85%Wikis for internal information sharingMicroblogging (e.g. Twitter)Web meeting or webconferencingTeam document sharing sites (e.g., SharePoint)Data dashboard or business intelligence applicationExpense tracking and/or approvalTravel planning and statusEmployee intranet or company portalSpecific line of business applications (e.g. sales)Social networks (e.g. LinkedIn, Facebook)Note taking applicationInstant messaging/chat (not SMS/texting)SMS (texting)CalendarEmailInvesting in business and collaboration apps thatneed backend access
  • 16. Layer 7 Confidential 18Layer 7 Confidential 18Backend data and application access meansenterprises need a strategy beyond basic MDM /MAM support18• BYOD strategy• Mobile device and security managementoptions• File sync/share• Securing, provisioning, and managing mobileapps• Protecting data• Ensuring secure mobile applicationdevelopment
  • 17. Layer 7 Confidential 19Layer 7 Confidential 19The Path To Enablement Requires Backend Data &Application AccessMDM• Devices:Smartphones• Access: Email,contacts, calendarDeviceIndependence• Devices: Tablets• Access: Somebusiness apps,file sync & share,corporatesystems.Backend DataAccess• Devices: Mobile+ PC• Access: Anyapp, any data.
  • 18. Layer 7 Confidential 20Layer 7 Confidential 20© 2009 Forrester Research, Inc. Reproduction ProhibitedThank you!Christian Kane+1 617.613.6467ckane@forrester.com@ChristianKanewww.forrester.com
  • 19. Layer 7 Confidential 21Layer 7 Confidential 21Mobile Apps Need Enterprise Data
  • 20. Layer 7 Confidential 22Layer 7 Confidential 22Can Your Backend Applications Trust Your AppsDMZDATA
  • 21. Layer 7 Confidential 23Layer 7 Confidential 23MDM / MAM Protect the App But Who Protects Your Applications?DMZDATA
  • 22. Layer 7 Confidential 24Layer 7 Confidential 24Security Needs to Span Device to Datacenter
  • 23. Layer 7 Confidential 25Layer 7 Confidential 25Creates Need for Mobile Gatekeeper to Backend Data &Applications
  • 24. Layer 7 Confidential 26Layer 7 Confidential 26Mobile Access API Gateway Provides Apps Secure DataAccess & Bridge to Enterprise ServicesRender backend applications and data-sources (SQL) as RESTful APIs.Translate XML to JSON & SOAP to REST. Compose new API from multiplebackend services.API AdaptationProtect enterprise application and data against attack or misuse. SecureREST and SOAP APIs. Validate XML and JSON Data. Secure streamedSockets data.Mobile ApplicationFirewallingTranslate token types. Map SAML and Web SSO to OAuth. ImplementOpenID Connect. Broker SSO with Cloud Services. Integrate with outsideGeo-location Services for richer access policies. Enable X-device sessions.Identity Mapping & SSOImprove mobile performance through compression, integration with CDN,XML to JSON conversion, pre-fetch on hypermedia APIs, Backendresponse aggregation, caching on request and response.OptimizationBroker interactions with external SaaS providers like Salesforce. Mediatesocial interactions. Push notification services. Connectivity with carriernetwork APIs.Cloud Orchestration
  • 25. Layer 7 Confidential 27Layer 7 Confidential 27Layer 7 Mobile Access Gateway Addresses CriticalMobile Security, Management & Adaptation NeedsIdentitySecurityAdaptationOptimizationCloudOrchestration
  • 26. Layer 7 Confidential 28Layer 7 Confidential 28 Map Web SSO & SAML to mobile-friendly OAuth,OpenID Connect and JSON Web Tokens Create granular access policies at user, app anddevice levels Build composite access policies combininggeolocation, message content and other networkattributes Simplify PKI-based certificate delivery andprovisioningIdentity: Extending Enterprise Identity to Mobile+
  • 27. Layer 7 Confidential 29Layer 7 Confidential 29 Protect REST and SOAP APIs against DoS andAPI attacks Proxy API streaming protocols like HTML5Websocket and XMPP messaging Enforce FIPS 140-2 grade data privacy andintegrity Validate data exchanges, including all JSON,XML, header and parameter contentSecurity: Mobile Application Firewalling
  • 28. Layer 7 Confidential 30Layer 7 Confidential 30 Surface any legacy application or database asRESTful APIs Quickly map between data formats such asXML and JSON Recompose & virtualize APIs to specificmobile identities, apps and devices Orchestrate API mashups with configurableworkflowAdaptation: Translate & Orchestrate Data & APIs
  • 29. Layer 7 Confidential 31Layer 7 Confidential 31 Cache calls to backend applications Recompose small backend calls into efficientlyaggregated mobile requests Compress traffic to minimize bandwidth costs andimprove user experience Pre-fetch content for hypermedia-based API callsOptimization: Handle Scale
  • 30. Layer 7 Confidential 32Layer 7 Confidential 32 Proxy and manage app interactionswith social networks Broker call-outs to cloud serviceslike Salesforce.com Bridge connectivity to iPhone andAndroid notification services Integrate with legacy applicationsusing ESB capabilitiesIntegration: Centralize Cloud Connectivity
  • 31. Layer 7 Confidential 33Layer 7 Confidential 33Questions?Dimitri SirotaCSO,Layer 7 Technologiesdsirota@layer7.comChristian KaneEnterprise Mobility, Infrastructure & Operations Analyst,Forrester Research, Inc.ckane@forrester.com
  • 32. Layer 7 Confidential 34Layer 7 Confidential 34Upcoming EventsLayer 7 Tech TalkJune 26th – 9am PDTAPIs: Fueling Mobile, Social, IoT & Big Datahttp://layer7.com/live