Download pdf - 1500-1530 Mazen Arawi How to Secure Corporate Information on Mobile devices

28 May 2014 – DUBAI, UAE

How to Secure Corporate Information on

Mobile Devices Mazen Arawi

Senior Mobility & M2M Solutions Specialist – SAP MENA

May 28, 2014 Public

© 2014 SAP AG or an SAP affiliate company. All rights reserved. 3 Public

Agenda

SAP Mobile Device Management.

Securing Mobile Operating Systems by SAP Afaria

SAP Mobile Application Management

Securing Mobile Applications by SAP Mocana

SAP Mobile Content Management

Mobilizing Unstructured Content by SAP Mobile

Documents

Q&A

Overview


Mobility market trends Forecast Enterprise app explosion

$11.5 Billion

20% plan to introduce

20 or more

Mobile enterprise app market will reach $11.5B by 2014

of enterprise apps

are procured directly

from app ISVs

(independent software

vendors)

53% 67%

of businesses plan

to roll out five or more

mobile apps this year

Date: Information Week 2012 Mobile Application Development Survey of 350

business technology professionals, July 2012


Mobile app security New techniques gaining traction

Mobile Device Management

Device-level

Course-grain management, control,

and security policies

Typically requires device client

Ideal for corporate-managed devices

Difficult to separate corporate data

from personal data

Bottom line:

Focus is on the device

Mobile App Security

Application-level

Fine-grain management, control, and

security policies

No device client

Ideal for corporate-managed,

unmanaged, and BYOD devices

Completely separates corporate data

from personal data

Bottom line:

Focus is on the app and it’s data


Mobile Management & Security A strong foundation makes mobile successful

Enterprise Integration

Devices

SAP Afaria

Applications

SAP Mobile App Protection

by Mocana

Content

SAP Mobile

Documents

Enterprise Mobility Management System

SAP Mobile Secure

On-Premise Hybrid Cloud

Securing Mobile Operating Systems by SAP Afaria


SAP Afaria

SAP Afaria is the trusted solution to manage and secure deployments of mobile devices for

any size of company – in the cloud or on-premise

Use built-in robust analytics

for instant insight into

mobile device usage and

the ability to take

immediate action

Meet the requirements of

the world’s largest

enterprises. Remotely lock

and wipe managed

devices, control security

settings for bring-your-own-

device (BYOD) or

corporate-owned devices

Quickly self-enroll devices

for enterprise use; have

control needed by pre-

configuring settings and

enforcing security and

compliance policies

Robust analytics Mobile device management Highly secure and scalable


Managing the device lifecycle

Enrollment Portal (EUSSP)

Configure devices

Assign to groups

Deploy apps by role

Configure and Enroll in E-mail

Configure Wifi and VPN access

Remote lock

Remote wipe

Access violation lock

Disable device, network, application and e-mail access

Track assets

Maintain/modify configuration

Monitor hardware, software and packages

App notifications and updates

Telco expense management

Location tracking

Enforce security policies

Monitor/track security violations

Compliance activity logging

Access Control

Monitor hardware, software and packages

Manage roaming and carrier

Monitor compliance

Location tracking

Drill-down by data element


Fully deployed profile with enrollment policy

E-mail Contacts Calendar

Wi-Fi VPN Apps

Enterprise


Product Capabilities Key Benefits

New client UI for iOS and

Android device with focus

on featured categories and

apps

Application portal can now

display rich content

• Apply custom images to

categories

• Highlight featured apps

and categories

• Multiple categories per app

Define separate app display

name in the client UI

• Allow multiple app

polices to have the same

name

The enhanced application

portal simplifies the user

experience by providing a

familiar “store” type landscape.

Increased mobile worker

efficiency leveraging the ability

to guide and instruct users

how to leverage the most

beneficial mobile applications

that apply to their role.

Afaria App Portal


Product Capabilities Key Benefits

EUSSP user name can be used

as a variable in policies

Published APIs for self service

portal functions

EUSSP can connect to a

directory in a different domain

User Interface improvements

Simplification of the interface

used by mobile users to

onboard and manage their

devices.

Enable organizations to build

their own custom EUSSP

interface.

End User Self Service Portal (EUSSP)

Securing Mobile Applications by SAP Mocana


EULA, App

Expiration

Per-App VPN Jailbreak/

Rooting

Detection

Geo-fencing

Data At Rest

Encryption

Secure

Data Transfer

SAP Mobile App Protection Create a self-defending app

Disable app when the

device is compromised by

jail breaking or rooting

Restrict app usage

to a geographic location

FIPS 140-2 certified encryption for

all data storage. Prevent malware

and rogue apps from accessing

sensitive data

Restricts copy and paste to

unsecured area of device

Secure VPN tunnel to

enterprise network

prevents rogue apps and

malware from gaining

unwanted access

User

Authentication

Enterprise

App

Passcode policy

enforcement expiration,

lock-out and help-desk

assisted passcode reset

End user license agreement

enforcement, lock-out with app expiration

Federation of apps

Secure transfer among

federated wrapped apps

on the device


Mocana MAP

Web Console and Server

IT Admin/LoB

1. Upload Enterprise App 2. “Point and Click” Policies 3. Distribute Wrapped App

Mobile device mgmt

Mobile app mgmt

Enterprise app store

E-mail

Intranet

□ Passphrase

Secure copy-paste

Per-app VPN

□ SSL reverse proxy

DAR encryption

FIPS 140-2

□ Lockout recovery

Data wipe

□ Jailbreak detection

□ Location masking

□ Geofencing

□ App expiration

User agreement

Managed or

Unmanaged User Devices

SAP Mobile App Protection Zero-to-secure in seconds


SAP Mobile App Protection Key Benefits

Enterprise IT

Mobile App ISV

Lines of Business

1. Protects corporate data, meets compliance and audit

requirements

2. Accelerates app adoption: No coding or security expertise

required

3. Standardizes security: Single approach for iOS and Android

apps

1. Business enablement: Eliminates security bottlenecks for

operational app deployments at scale

2. Does not compromise the user experience

1. Enables focus on core business innovation, not security

2. Increases enterprise adoption: No need for security

customizations

Mobilizing Unstructured Content by SAP Mobile

Documents


SAP Mobile Documents

Share Perform Access


...therefore IT Departments Must React

IT Departments must provide a secure Mobile

Content Management Solution to their End-

Users!

Free Solutions pose a Risk! !


Broaden the Reach of Your Content Management Solution

File Publishing

Supported Content

Management Systems:

SAP NetWeaver Portal KM

Microsoft SharePoint

Alfresco

OpenText

IBM FileNet


Multi Client Support

Mobile Devices

Apple iPad and iPhone

Android Phone and Tablet

Desktop

Windows

Apple OSX

Any Device

Browser

Questions & Answers

© 2014 SAP AG or an SAP affiliate company. All rights reserved.

Thank you

Contact information:

Mazen Arawi

[email protected]

Mobile: +971566867446

mailto:[email protected]


© 2014 SAP AG or an SAP affiliate company.

All rights reserved.

No part of this publication may be reproduced or transmitted in any form or for any purpose without the express permission of SAP AG or an

SAP affiliate company.

SAP and other SAP products and services mentioned herein as well as their respective logos are trademarks or registered trademarks of SAP AG

(or an SAP affiliate company) in Germany and other countries. Please see http://global12.sap.com/corporate-en/legal/copyright/index.epx for additional

trademark information and notices.

Some software products marketed by SAP AG and its distributors contain proprietary software components of other software vendors.

National product specifications may vary.

These materials are provided by SAP AG or an SAP affiliate company for informational purposes only, without representation or warranty of any kind,

and SAP AG or its affiliated companies shall not be liable for errors or omissions with respect to the materials. The only warranties for SAP AG or

SAP affiliate company products and services are those that are set forth in the express warranty statements accompanying such products and

services, if any. Nothing herein should be construed as constituting an additional warranty.

In particular, SAP AG or its affiliated companies have no obligation to pursue any course of business outlined in this document or any related

presentation, or to develop or release any functionality mentioned therein. This document, or any related presentation, and SAP AG’s or its affiliated

companies’ strategy and possible future developments, products, and/or platform directions and functionality are all subject to change and may be

changed by SAP AG or its affiliated companies at any time for any reason without notice. The information in this document is not a commitment,

promise, or legal obligation to deliver any material, code, or functionality. All forward-looking statements are subject to various risks and uncertainties

that could cause actual results to differ materially from expectations. Readers are cautioned not to place undue reliance on these forward-looking

statements, which speak only as of their dates, and they should not be relied upon in making purchasing decisions.

http://global12.sap.com/corporate-en/legal/copyright/index.epx




© 2014 SAP AG oder ein SAP-Konzernunternehmen.

Alle Rechte vorbehalten.

Weitergabe und Vervielfältigung dieser Publikation oder von Teilen daraus sind, zu welchem Zweck und in welcher Form auch immer, ohne die

ausdrückliche schriftliche Genehmigung durch SAP AG oder ein SAP-Konzernunternehmen nicht gestattet.

SAP und andere in diesem Dokument erwähnte Produkte und Dienstleistungen von SAP sowie die dazugehörigen Logos sind Marken oder

eingetragene Marken der SAP AG (oder von einem SAP-Konzernunternehmen) in Deutschland und verschiedenen anderen Ländern weltweit.

Weitere Hinweise und Informationen zum Markenrecht finden Sie unter http://global.sap.com/corporate-de/legal/copyright/index.epx.

Die von SAP AG oder deren Vertriebsfirmen angebotenen Softwareprodukte können Softwarekomponenten auch anderer Softwarehersteller enthalten.

Produkte können länderspezifische Unterschiede aufweisen.

Die vorliegenden Unterlagen werden von der SAP AG oder einem SAP-Konzernunternehmen bereitgestellt und dienen ausschließlich zu Informations-

zwecken. Die SAP AG oder ihre Konzernunternehmen übernehmen keinerlei Haftung oder Gewährleistung für Fehler oder Unvollständigkeiten in

dieser Publikation. Die SAP AG oder ein SAP-Konzernunternehmen steht lediglich für Produkte und Dienstleistungen nach der Maßgabe ein, die in der

Vereinbarung über die jeweiligen Produkte und Dienstleistungen ausdrücklich geregelt ist. Keine der hierin enthaltenen Informationen ist als zusätzliche

Garantie zu interpretieren.

Insbesondere sind die SAP AG oder ihre Konzernunternehmen in keiner Weise verpflichtet, in dieser Publikation oder einer zugehörigen Präsentation

dargestellte Geschäftsabläufe zu verfolgen oder hierin wiedergegebene Funktionen zu entwickeln oder zu veröffentlichen. Diese Publikation oder

eine zugehörige Präsentation, die Strategie und etwaige künftige Entwicklungen, Produkte und/oder Plattformen der SAP AG oder ihrer Konzern-

unternehmen können von der SAP AG oder ihren Konzernunternehmen jederzeit und ohne Angabe von Gründen unangekündigt geändert werden.

Die in dieser Publikation enthaltenen Informationen stellen keine Zusage, kein Versprechen und keine rechtliche Verpflichtung zur Lieferung von

Material, Code oder Funktionen dar. Sämtliche vorausschauenden Aussagen unterliegen unterschiedlichen Risiken und Unsicherheiten, durch die

die tatsächlichen Ergebnisse von den Erwartungen abweichen können. Die vorausschauenden Aussagen geben die Sicht zu dem Zeitpunkt wieder,

zu dem sie getätigt wurden. Dem Leser wird empfohlen, diesen Aussagen kein übertriebenes Vertrauen zu schenken und sich bei Kaufentscheidungen

nicht auf sie zu stützen.

http://global.sap.com/corporate-de/legal/copyright/index.epx

