The Future of Mobile Application Security


Published on

The rapid adoption of mobile technology in recent years has created an opportunity for enterprises to increase the productivity and flexibility of their organizations. This demand for greater mobility has forced enterprises to deliver sensitive applications and data across a wide array of devices and networks.

SecureAuth and Sencha have created an integrated approach to application, data, and user mobility that elegantly addresses these challenges.

-Secure enterprise application deployment

-End-to-end data security with strong encryption

-Managed application container that works on any device

-Developer SDK for creating rich application user experiences

Published in: Technology
1 Like
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide
  • We see four key trends shaping the evolution of enterprise mobility:
    Consumerization of IT is the phenomenon, where consumers are bringing personal devices such as smart phones, tablets, and personal laptops into the corporate IT environment. This behavior gives rise to the Bring Your Own Device (BYOD) phenomenon, which can make IT security more complicated and risky. Nonetheless, recent surveys show that more organizations are preparing to support BYOD to some extent than not. This means that IT managers will need to address the new challenges and risks of BYOD.

    Sales of smart mobile devices have surpassed new PC sales. Because of the advanced capabilities of these devices, many end-users now rely on mobile devices at least to some extent to do their jobs. Without an official IT policy around mobility, users have used the most convenient tools, services, and mechanisms to move necessary data onto these devices, creating the risk of data loss as proprietary moves off of IT-secured and managed systems to unmanaged personal devices.

    The drive toward increased mobility has been further accelerated by the increasing acceptance of cloud-based services. Organizations have begun to adopt cloud services of all sorts for production use and mission-critical functions. In some instances, this results in proprietary data being stored and accessed in the cloud and via mobile devices. This has resulted in greater productivity and operational efficiency. However, it also creates another potential vector for data breach.

    Organizations are increasingly comprised of employees, consultants, and contractors collaborating remotely across geographies and over non-corporate networks. Managing and securing this collaboration is increasingly complex, especially for non-employee business associates, over whom IT cannot easily enforce specific mandates or policies.
  • These statistics may seem a little dry, so let’s take a recent real-world example. A large national discount retailer disclosed a massive data breach that involved large-scale theft of payment card data.

    1. This is that organization’s stock price
    Here’s where it was when the breach was disclosed
    Here’s their CIO testifying before the US Senate
    I didn’t hear what exactly he told them, but I’m sure he’s thinking about $5.37 billion in shareholder value destroyed when the stock price dropped
  • Although, providing mobile access to business applications and data can result in productivity improvements, mobile application development and delivery can quickly become excessively complex and expensive if not managed correctly. Both native and hybrid application development for example require packaging and testing applications across a myriad of mobile OS and device combinations. Delivering the applications to end-users can be an additional challenge, requiring either publication through mobile device application stores or deployment through an enterprise app store.

    For native applications, supporting more than one platform typically requires re-writing an application for each target OS. Each of these codebases must then be maintained over time. Managing the application lifecycle and securing the application data are additional challenges that organizations must face.

  • Sencha Space is designed to help organizations adjust to the rapidly evolving technology trends and corresponding challenges around enterprise mobility. It consists of a centralized management console and a mobile client application. The mobile client application is a native app that runs on the device and provides a consistent runtime platform, on which to run mobile web and HTML5 applications.
  • The management console provides centralized management of mobile application security, deployment, and access control policy. It allows administrators to easily manage and enforce security policy across devices, even for external collaborators, whose devices are not subject to existing MDM/MAM compliance policies.

  • The Space mobile client application provides a consistent, managed runtime environment for cross-platform mobile web and HTML5 applications. It provides strong, fine-grained encryption to protect the confidentiality of proprietary data. The Space client app enables end-users to have a superior, modern mobile user experience on any supported mobile OS platform. It allows for instantaneous deployment of applications, remote wiping of proprietary data on a per user or per device basis, and blocking users or specific devices as needed.

    Using Space can eliminate the need to wrap HTML5 apps with native packaging tools and distribute the resulting hybrid apps from the target platforms’ mobile application store. This can result in significant time and cost savings during the application development process.

    The Space client also provides a rich set of developer APIs that provide access to Space’s secure storage facilities, as well as mobile OS/device bindings.
  • Space focuses on protecting your proprietary data at-rest, in-motion, and in-action. For data at-rest, Space provides a secure storage mechanism that uses strong cryptography to protect the confidentiality and integrity of your data. For data in-motion, all network communication between Space and the administration console is encrypted via SSL; application communication within Space can be encrypted via integration with your existing SSL-VPN. Space facilitates secure ease-of-access for end-users by supporting widely deployed single sign-on protocols. This allows you to make it easy for your users to access required resources without sacrificing management of access entitlements.
  • The Future of Mobile Application Security

    1. 1. Copyright Sencha Inc. 2014 THE EXCITING FUTURE OF MOBILE APPLICATION SECURITY Presented by SecureAuth and Sencha June 12, 2014
    2. 2. PRESENTED BY SENCHA AND SECUREAUTH CORPORATION Nick Harlow, Sencha Director of Product Management – Sencha Space Chris Hayes, SecureAuth Corporation Chief Solutions Architect Garret Grajek, SecureAuth Corporation Co-founder and CTO / COO • All attendee audio lines are muted • Questions will be answered at the end of the session • Submit brief questions on the Q&A panel • Send longer questions or off-line topics via email to
    3. 3. AGENDA Technology Trends: Apps, Identities Challenges with App Development and Data Security Solving the App, Identity, and Security Problem: The Integrated Solution Demo Q & A
    5. 5. Consumerization of IT Rapid Adoption of Mobile Enterprise Cloud Goes Mainstream Accelerating Workforce Virtualization • Personal devices becoming pervasive in the enterprise • Organizations must address challenges around BYOD • Opportunity for productivity gains and cost savings • Mobile device sales surpass PC sales • Mobility comes with heightened security risks • Driving a shift to mobile-first development • Cloud services gain acceptance for use in production • Cloud providers adapt offerings for the enterprise • Cloud IT investment poised for explosive growth • Collaboration with non-employees is the new normal • Managing access and data security is a major challenge • Organizational boundaries increasingly dynamic TECHNOLOGY TRENDS SHAPING THE EVOLUTION OF ENTERPRISE MOBILITY
    6. 6. THE IDENTITY PROBLEM TODAY Enterprises have Roles / Policies On-premises Users Must Obtain Resources Outside of Enterprise Cloud Apps, Mobile Apps The Result has been Mass Distribution of Identities across the Internet
    7. 7. THE IDENTITY PROBLEM TODAY Resulting in No Enterprise Control Identities Logon Credentials Hacks on All Resources Cloud, Mobile, Network, etc.
    8. 8. A FEW FACTS 75% of Security Breaches Involve Compromised Credentials 71% Targeted User Devices 13% Leveraged Misuse of Privilege Average Cost: $188 per Record CIO: Testifying Before the Senate $5.37 Billion in shareholder value lost Breach disclosed in media
    10. 10. $ $ $ $ $ Management Security $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ And these processes and apps must be managed and secure to limit risk …which multiply with each new supported mobile OS/device platform. Each part of the app development process incurs expenses… INEFFICIENT MOBILITY AND SECURITY WASTES RESOURCES The cost of mobility can erode its ROI
    11. 11. END-TO-END DATA SECURITY Data security means protecting confidentiality and integrity of data Management and enforcement across three modes of data use At-rest – When data is stored on a device In-motion – When data is traversing the network In-use – When a user interacts with the data through an app on a device Ensuring data security as data moves across the range of untrustworthy networks and devices is not trivial Overview
    13. 13. THE PROBLEM IDENTITY SPRAWL CREATES Enterprises have Lost Control of the Identities: Where they are stored What authentication strength is required How the identity is asserted
    15. 15. THE PROBLEM IDENTITY SPRAWL CREATES • The hackers attack the weakest points • Credentials are at r isk when held outsi de the enterprise
    17. 17. Benefits  Streamline app development process – Eliminate PhoneGap/Cordova  Deliver HTML5 apps directly to end- users through a managed, secure runtime platform  Helps protect your apps and data by  Managing user access  Remotely wiping your data from devices as needed  Keeping your business data separate from other data on the device  Leverage developer APIs for a rich application experience SENCHA SPACE EASILY MOBILIZE EXISTING WEB AND HTML5 APPS
    18. 18. SENCHA SPACE MANAGEMENT CONSOLE OVERVIEW Management Console •Provides centralized management of the user, data, and application lifecycles •Improves efficiency of cross-platform application development, testing, maintenance and deployment •Allows administrators to enforce policy consistently •Captures user, device, and application analytics for additional revenue capture opportunities
    19. 19. •Facilitates managed use of HTML5 apps across multiple OS/device platforms •Supports iOS and Android (Win Phone 8 and Blackberry in beta) •Enforces policies from central management console •Secures and segregates application data for fine- grained management of data and risk •Provides developer API to OS/Device features for rich, modern, mobile user experience Mobile Client Application SENCHA SPACE MOBILE CLIENT APPLICATION
    20. 20. Data Encryption – All data is stored encrypted in Space to protect the confidentiality of sensitive, proprietary information Network Security – All data transmitted between the Space client app and management server is SSL- encrypted VPN Support – Integration with Cisco and Juniper clientless SSL VPN for secure connectivity between the Space client app and back-end data center assets Authentication – Federated authentication support using widely accepted SAML open standard Key Benefits SENCHA SPACE SECURITY  Reduce the risk of data breach  Grant access to applications and data based only on business need  Deploy applications securely to anyone on any device
    22. 22. SECUREAUTH PROVIDES SECURE ENTERPRISE DIRECTORY SSO Connects to Enterprise Directory Authenticates based on Existing IDs / Passwords No Directory Synchronization Required Connects to AD, LDAP, SQL, ODBC, REST
    23. 23. 20+ AUTHENTICATION MECHANISMS 1. SMS OTP 2. Telephony OTP 3. E-mail OTP 4. Static PIN 5. KBA / KBQ 6. Yubikey (USB) 18. Federated IDs 19. Help Desk 20. Password 21. Kerberos 22. Symantic VIP 7. X.509 Native 8. X.509 Java 9. NFC Prox Card 10. CAC / PIV Card 11. PUSH Notification 12. Mobile OATH Token 13. Browser OATH Token 14. Windows Desktop OATH Token 15. Third-party OATH Token 16. Device Fingerprinting 17. Social IDs YOUR COMPANY NAME Please choose the delivery method for your registration code. Voice E-mail SMS Submit
    24. 24. THEN SECUREAUTH PROVIDES SSO TO ALL RESOURCES Cloud Apps Google, Office 365, Salesforce, Box Concur, WebEx, ADP Mobile Apps Android, iOS, Windows Built-in SSO to Enterprise Web Apps SharePoint, WebSphere, ASP.NET Oracle, J2EE, PeopleSoft
    25. 25. SECUREAUTH PROVIDES 2-FACTOR AUTHENTICATION FOR SENCHA SPACE Enterprise Enforcement of 2-Factor Enrollment and Access of Sencha Space 20+ Authentication Mechanisms Pre-built Browser Forms Easy User Deployment
    26. 26. DEMOChris Hayes, SecureAuth Corporation
    27. 27. RESOURCES AND CONTACT INFO SecureAuth: Free Trial: Questions    Sencha Space: Free Trial: Twitter: @sencha, @nharlow Questions   Thank you!