Jan Peuker, Raoul Neu: Enterprise Android for the Win


Published on

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Jan Peuker, Raoul Neu: Enterprise Android for the Win

  1. 1. Droidcon 2012Enterprise Android –for the win?DroidCon 2012Jan Peuker, AccentureRaoul Neu, Elca Informatik
  2. 2. Droidcon 2012«The purpose of an organization isto enable ordinary humans beingsto do extraordinary things» Peter F. Drucker Large Organizations have to strictly follow rules and laws  Very risk averse, very security and privacy aware  Rigid development standards and quality assurance Large Organizations are internationally spread  IT as business enabler, not feature- but productivity-driven  IT usually outsourced – documentation and processes mandatory We look at corporate internal applications
  3. 3. Droidcon 2012What makes Android so interestingfor the enterprise?Captain Jean-Luc Picard: Theres an aura around him.Lieutenant Geordi La Forge: Well, of course, hes an android.
  4. 4. Droidcon 2012Standards = Cost efficency
  5. 5. Droidcon 2012ChallengersiOS Windows [mobile|embedded|CE|phone] Very strong C-Level visibility,  Windows CE is the standard favorite in BYOD schemes mobile productivity platform Very good enterprise  Broad range of rugged and features, particularly for hardware (SAM) secured devices update and hardware services  Very good enterprise features, Strong device and mail very strong Outlook integration encryption  WP 7 incompatible, Windows Development requires Embedded 8 could be game- separate infrastructure changerMost importantly, though, they care.
  6. 6. Droidcon 2012«I had a problem so I thought to use Java – now I have a ProblemFactory»
  7. 7. Droidcon 2012«We seek peaceful co-existence»Capt. Remmickor: Supporting multiple platforms The right choice: Native, Hybrid or Cross- Platform  No silver bullet. Analyze your requirements & constraints. MEAP: Advantages & Drawbacks  Pro’s in integration and governance. Con’s in usability and native features.
  8. 8. Droidcon 2012 Native Code Thick Cross- Client Code Generator Rich Client VM / Runtime How much users actually like it* Hybrid App How much it Web fits enterprise Starter standards Web Client Generic Code Generic UI Native UI*) the uncanny valley, see http://martinfowler.com/bliki/CrossPlatformMobile.html
  9. 9. «How can you be certain theyre Droidcon 2012receiving us?» Capt. Picardor: Supporting multiple devices Blacklists vs Whitelists  Trusted Certificates vary between device/api/provider API & Development Issues  HttpUrlConnection vs DefaultHttpClient  Different Bouncycastle algorithms and hardware security features  Missing XML validation Licensing 3rd party software.  Best technical solution  Business model
  10. 10. «Mr. Data, is that the trouble I Droidcon 2012believe it is?» Capt. Picardor: Supporting multiple apps Dealing with enterprise release and life cycles  Always be ready to release. Think of test environment and repositories Intergalactic Continuous Integration  Not out of the box: strong & exotic hardware requirements Missing Distribution Channels  Android stays behind its competitors
  11. 11. Droidcon 2012SVNbranch SVN trunk SSH
  12. 12. Droidcon 2012How do you manage the diversity ofrules and guidelines in an enterprise?
  13. 13. Droidcon 2012«The bureaucratic mentality is the only constant in the universe» Dr. McCoy Governance is key  Enterprises applications require transactions and accountability  Device state and user assignment must be maintainable  E-Mail, Clipboard, Intents and Caches often not properly secured Security is key  Device Encryption and Application Safety are mandatory  Trusted context either via virtualization (BizzTrust, VMware) or encryption e.g. with hardware modules (3LM, Certgate, Ageto)  Tradeoff: Most sophisticated protection is not integrated in standard Android. Requires rooting, which itself is a security risk.
  14. 14. Droidcon 2012 «One of the advantages of being a Captain is being able to ask for advice without necessarily having to take it.» Cpt. Kirk  Bring your own device (BYOD)  Most employees do not want complex device passwords or full control over their device and route all internet traffic over VPN*  Currently no distinction between Corporate/Private data (except for dual-boot or application-level encryption)  Rooting and malicious software must be recognized  Connectivity  Connectivity should usually established over secure channels  Android does not support Proxy Authentication, Wi-Fi configuration  Tethering and Bluetooth cannot be controlled*) Which, luckily, is currently impossible anyways
  15. 15. Droidcon 2012Missing features:What will the future bring?
  16. 16. Droidcon 2012«Reports of my assimilation have beengreatly exaggerated» Cpt. Picard Missing ecosystem features  Enterprise Market with CA for trusted applications  OTA Update API without Google account  Clear Chrome (Jelly Bean), Motorola and Samsung strategy  Understanding of enterprise features with app makers Missing security features  MDM which supports user certificates, CA’s and network config  Wi-Fi Proxy Authentication, Full VPN routing, EAP-SIM  Real ASLR and storage encryption for corporate/private stores  E-Mail and Exchange features for S/MIME and two-factor auth  Robust Synchronization (SyncML), Robust Service and SSL API
  17. 17. Droidcon 2012Recap Align to enterprise policies, prepare for non-market distribution Embrace development standards, KPI’s and lifecycles Thoroughly manage traceability, accountability and privacy Prepare for integration using secure Webservices and XML Prepare for fragmented device base and users who need to be supported by – in the end – yourself (incomprehensible pain)
  18. 18. Droidcon 2012May the force be with you.jan.peuer@accenture.comraoul.neu@elca.ch