Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Embracing secure, scalable BYOD with Sencha and Centrify


Published on

Scalable enterprise mobility solutions: How to give your employees tools they need without sacrificing user experience and security.

Consumerization of IT and BYOD are here – and it’s a GOOD thing. Today's dynamic workplaces and hyper-competitive markets drive demand for more mobile productivity solutions. Nearly 70% of enterprise employees report making better decisions, being more productive and happier if they are allowed to use mobile devices and cloud-based tools. Yet, IT organizations often resist these trends because of cost and risk associated with multi-platform, multi-device ecosystem having access to corporate data and resources.

In this webinar, product experts from Sencha and Centrify will help your organization embrace BYOD and SaaS in a cost-effective, scalable way. Sencha Space is an advanced platform for securely deploying mobile apps and delivering a consistent, elegant, mobile user experience to end-users. Users can launch any mobile web app, or HTML5 app in a secure, managed environment. Combining Space with secure, Active Directory- or Cloud-Based Identity and Access Management (IAM) from Centrify gives IT visibility and control over mobile platforms and SaaS / in-house apps while improving user experience and reducing security risk.

Published in: Technology
  • Be the first to comment

Embracing secure, scalable BYOD with Sencha and Centrify

  1. 1. Embracing secure, scalable BYOD with Sencha and Centrify Presented by:
  2. 2. Contents - Technology Trends and Challenges - App Development and Data Security - Managing Identity Sprawl - Integration 2
  3. 3. Technology Trends And Challenges 3
  4. 4. Technology Trends Shaping the Evolution of Enterprise Mobility Consumerization of IT Rapid Adoption of Mobile Enterprise Cloud Goes Mainstream Accelerating workforce virtualization • Personal devices becoming pervasive in the enterprise • Organizations must address challenges around BYOD • Opportunity for productivity gains and cost savings • Mobile device sales surpass PC sales • Mobility comes with heightened security risks • Driving a shift to mobile-first development • Cloud services gain acceptance for use in production • Cloud providers adapt offerings for the enterprise • Cloud IT investment poised for explosive growth • Collaboration with non-employees is the new normal • Managing access and data security is a major challenge • Organizational boundaries increasingly dynamic 4
  5. 5. Brave new world… but IT management is losing control and visibility with increased: • Reliance on user-managed passwords • Adoption of SaaS and mobile apps • Proliferation of remote and untrusted devices IT needs a new model … that secures all devices… …solves the password problem… … and regains access control and visibility Users have lots more choices and use many more apps Users, apps and devices are no longer “behind the firewall” Mobile is the new, preferred way to access apps • End-users have too many passwords • Passwords are inherently weak • Many SaaS apps have a rich mobile client • Users have increasing numbers of devices accessing those apps 5
  6. 6. A few facts… • 75% of security breaches involve compromised credentials • 71% targeted user devices • 58% perpetrated by insiders (takes 32 months to detect) • 13% leveraged misuse of privilege • Average cost $188 per record CIO: Testifying Before the Senate 56.95 57.95 58.95 59.95 60.95 61.95 62.95 63.95 64.95 65.95 0 1 2 3 $pershare Months After Breach $5.37 Billion in shareholder value lost Breach disclosed in media 6
  7. 7. What IT cares about 1. Enable employee productivity 2. Ensure compliance requirements are addressed 3. Efficient management 7 1. Optimize efficiency of their developer teams 2. Deliver apps that meet business and end-user requirements 3. Maximize the useful lifetime of the app What App Dev Managers care about Aligning Objectives
  8. 8. App Development And Data Security 8
  9. 9. The cost of mobility can erode its ROI Inefficient mobility and security wastes resources Write Code Test Publish to app market Deploy Update $ $ $ $ $ Each part of the app development process incurs expenses… Write Code Test Publish to AppStore Deploy Update $ $ $ $ $ Write Code Test Publish to app market Deploy Update $ $ $ $ $ …which multiply with each new supported mobile OS/device platform Management Security And these processes and apps need to be managed and secure to limit risk
  10. 10. Challenges The security landscape has raised the stakes Security is increasingly challenging  Targeted attacks  Spear phishing and social engineering  Mobile malware  Advanced Persistent Threats  Rising cost of data breaches How do you manage the tradeoffs between  Operational flexibility  Security  Cost and complexity  End-user experience $
  11. 11. End-to-End Data Security • Data security means protecting confidentiality and integrity of data • Management and enforcement across three modes of data use 1. At-rest – When data is stored on a device 2. In-motion – When data is traversing the network 3. In-use – When a user interacts with the data through an app on a device • Ensuring data security as data moves across the range of untrustworthy networks and devices is not trivial Overview
  12. 12. Managing Identity Sprawl 12 12
  13. 13. From: The Rise of Data-Driven Security, EMA Research Report, 2012 © 2012 Enterprise Management Associates, Inc. The Impact of Fragmented Identity • The ideal can be hard to achieve when identity is scattered among • Applications • Systems • Endpoints • Mobile devices • Third party apps • Networks • On premises • SaaS, Cloud • Etc. … Poor integration among security tools Too difficult to distinguish which security actions or policies are working and which are ineffective or unnecessary Most significant frustrations with IT security technologies? Top 2 responses: 13
  14. 14. Multiple identities + Password Sprawl Create risk • Multiple logins for users • Multiple identity infrastructures for IT to manage In- house Apps and 100’s more….Laptops Smartphones and Tablets ID ID ID ID ID ID ID ID ID ID 14
  15. 15. Federated Identity Where users have one login ID and password And IT has one Federated Identity Infrastructure to manage End Users Laptops Smartphones and Tablets ID 15
  16. 16. Strengthen Security with Federated Identity • Federated Identity ensures that users only need to use their AD userid/password – Only one password to remember – Password is protected by the Enterprise in AD • AD-based federation provides several advantages for IT – Leverages existing account and password policies – simplifying management – Ensures that IT controls access eliminating risk of orphaned accounts Federation Trust Cloud Proxy Server IDP as a Service Firewall ID ID 16
  17. 17. Integrated Solution Easily Manage Apps, Data, And Users 17
  18. 18. Sencha Space Benefits  Streamline app development process –Eliminate PhoneGap/Cordova  Deliver HTML5 apps directly to end-users through a managed, secure runtime platform Easily mobilize existing web and HTML5 apps  Helps protect your apps and data by  Managing user access  Remotely wiping your data from devices as needed  Keeping your business data separate from other data on the device  Leverage developer APIs for a rich application experience
  19. 19. Sencha Space • Management Overvie Management Console • Provides centralized management of the user, data, and application lifecycles • Allows administrators to enforce policy consistently • Set minimum PIN length • Specify group membership • Provision apps to groups • Configure advanced user authentication • Enable SSL VPN connectivity • Facilitates reporting and auditing with detailed usage analytics Space Management Centralized Admin Console Policy Engine Identity and Access App Delivery Data Security Network Security
  20. 20. •Supports iOS and Android (Win Phone 8 and Blackberry in beta) •Segregates business and personal data •Secures business data with strong encryption and digital signatures •Enforces policies downloaded from the console •Facilitates secure, managed use of HTML5 apps •Provides developer API to OS/Device features for rich, modern, mobile user experience Mobile Client Application Sencha Space Client Overview
  21. 21. Sencha Space Security •Data Encryption – All data is stored encrypted in Space to protect the confidentiality of sensitive, proprietary information •Network Security – All data transmitted between the Space client app and management server is SSL-encrypted •VPN Support – Integration with Cisco and Juniper clientless SSL VPN for secure connectivity between the Space client app and back-end data center assets •Authentication – Single sign-on support using widely accepted SAML open standard Security Key Benefits • Reduce the risk of data breach • Grant access to applications and data based only on business need • Deploy applications securely to anyone on any device
  22. 22. Sencha Space Overview of Capabilities and Benefits Component Capabilities Benefits Security • Secure data in-motion and at-rest • Manage user access entitlements • Manage risk • Facilitate compliance Policy Engine • Set and enforce consistent usage and security policies • Deploy applications instantly • Block users/devices instantly • Improve operational efficiency • Manage mobility risk Analytics • Monitor activity at the user and device level • Track application activity • Facilitate audit and reporting • Enhance operational visibility Developer API • Provide consistent API access to native device/OS capabilities • Provide developer access to Space platform capabilities • Help reduce the cost of cross-platform development
  23. 23. Centrify Cloud Services = Unified Identity Services + Centrify Cloud Services Centrify Software • Authentication / Single Sign-On (SSO) • Auditing and reporting • Self-service portal • Mobile application management • Encryption of data-in-motion • Policy Enforcement • Authorization and role-based access control • Mobile Zero Sign-on (ZSO) • Mobile device management • etc. 23
  24. 24. Centrify Cloud Service Centrify for iOS Centrify for Android Centrify Cloud Proxy Server Centrify DirectManage Framework DirectManage ADUC Extension DirectManage Group Policy Extension Microsoft Certificate Authority Firewall Centrify for Mac Active Directory-based Security Infrastructure Centrify Cloud Manager Centrify for SaaS Centrify Cloud Services 24
  25. 25. Centrify Cloud Proxy Server Centrify Cloud Service Centrify for SaaS Centrify Cloud Manager Firewall Centrify for SaaS • One click SaaS SSO leveraging Active Directory credentials • SSO Integration with SaaS via SAML, HTTP, proprietary API, OAuth, Open ID connect • User self-service for mobile devices (e.g. location, wipe, lock) • User self-service for AD account (e.g. edit attributes, reset password) • Common administration tools for mobile and SaaS applications SaaS Apps SaaS and Mobile App Catalog You Are Here ISV Onboard Centrify Cloud Services Microsoft Certificate Authority Active Directory-based Security Infrastructure 25
  26. 26. Centrify Cloud Proxy Server Centrify Cloud Service Microsoft Certificate Authority Centrify Cloud Manager Firewall SaaS Apps Mobile App Centrify for iOS and Android Active Directory-based Security Infrastructure Centrify for Mobile Applications • Device is authenticated and joined to Active Directory • Enables silent authentication aka Zero Sign-On (ZSO) for mobile apps via simple integration with Centrify Mobile Authentication SDK • Mobile apps interacts with Centrify cloud services for authn and authz • Mobile app can also access information about user attributes in AD • App settings can be centrally managed based on AD Group Policy • Remote wipe of Mobile App & Data • Common administration tools for mobile and SaaS applications SaaS and Mobile App Catalog You Are Here ISV Onboard Centrify Cloud Services 26
  27. 27. Centrify Simplifies SaaS/Mobile Federated Auth Integrate Mobile App Authentication provides true enterprise Zero Sign- On • Mobile app authenticates and registers AD as it’s identity provider • Mobile app can access information about user attributes in AD • Mobile app gains SSO to backend services Cloud Proxy Server IDP as a Service Firewall Mobile OS Mobile App Mobile Auth SDKMDM Step 2 One time user authentication & device registration Step 1 Web Application Registration Step 4 Token based Authentication Step 3 Token Generation Hosted Application ID 27
  28. 28. Extend Identity Services to Mobile Platforms Mobilize app and service access – Enable mobile access to Enterprise services and applications – Design mobile interfaces to seamlessly integrate with the Enterprise services Containerization to separate work from personal – Protect work applications and data from data leakage – Provide the laptop experience on mobile, unlock and access all business apps Centralize mobile and application administration – Enabling IT to manage security policies for Mobile, Workstations and Servers – Unifying app management into one interface for Mobile, Web and SaaS Apps – Leveraging automated lifecycle management through AD 28
  29. 29. Integrated Solution How Sencha And Centrify Technology Can Help 29
  30. 30. Cloud Proxy Server Firewall Hosted Application aka Sencha Space Cloud Service Step 1 Web Application Registration Step 3 Token based Authentication Step 2 Token Generation ID Centrify IDP as a Service Centrify + Sencha for Cloud SaaS Apps Mobile OS Sencha Space App Auth Client 30
  31. 31. Integrated Solution Demo Of SAAS Application 31
  32. 32. Cloud Proxy Server Firewall Internal Application Step 3 Token based Authentication Step 2 Token Generation ID Centrify + Sencha for Internal SaaS Apps Step 1 Web Application Registration Mobile OS Sencha Space App Auth Client Centrify IDP as a Service 32
  33. 33. Integrated Solution Demo Of Internal Application 33
  34. 34. Resources Centrify • Centrify IDaaS, MDM and MAM: ud-service-registration.asp • Centrify Developers: • Questions: • Twitter: @centrify, @annamsr Sencha • Sencha Space • Get started with a free trial in less than 5 minutes! • Questions: • Twitter: @sencha, @nharlow 34