Here comes BYOD, Bring Your Own Device.
A lot of the traffic, internal corporate and with customers and market, will be outside firewalls to mobile devices owned by the employees, on public networks. A lot of sensitive corporate data must be stored locally in the device to ensure that for instance sales people has updated and correct CRM data when visiting customers.
Employees will communicate internally on consumer tools like WhatsApp. This is not the safest environment, rather more or less a ticking bomb. Gartner expects that by 2017, “40% of enterprise contact information will have leaked on to Facebook via employees’ increased use of mobile device collaboration applications.”
To unlock the full potential of enterprise mobility, IT needs to allow people the freedom to seamlessly access all their apps and data from any device, company owned or private.
It is now time to recover lost grounds and include secure mobility in your IT strategy.
2. pingpal.io
Are you ready for BYOD?
Here comes BYOD, Bring Your Own Device.
A lot of the traffic, internal corporate and with customers and market,
will be outside firewalls to mobile devices owned by the employees,
on public networks. A lot of sensitive corporate data must be stored locally
in the device to ensure that for instance sales people has updated and correct CRM data when visiting customers.
Employees will communicate internally on consumer tools like WhatsApp. This is not the safest environment,
rather more or less a ticking bomb. Gartner expects that by 2017, “40% of enterprise contact information will have
leaked on to Facebook via employees’ increased use of mobile device collaboration applications.”
To unlock the full potential of enterprise mobility, IT needs to allow people the freedom to seamlessly access all
their apps and data from any device, company owned or private.
It is now time to recover lost grounds and include secure mobility in your IT strategy.
3. pingpal.io
Being mobile means that you need to communicate.
The users discuss and share restricted corporate data on
their BYO devices, on open public networks.
When using “traditional” telecoms like voice call or SMS, your
security is in the hands of the operators.
When using Gmail, we know that Google scans all user mails for keywords for their business purposes.
When using Instant Messaging your users will use the same tools as they do privately, for instance
WhatsApp, now owned by Facebook.
And mobile devices are more easily lost or stolen with all that restricted data still in the device.
Being mobile means communication
5. pingpal.io
You need a well-defined mobile strategy for your enterprise, no matter what size you are. This is the
necessary foundation for your important decisions on various mobile frameworks, development tools to
use, devices to support and mobile development providers.
Listen to the app agencies promoting their favorite tools, but decide on what’s best for you long term, not
the cheapest offer today.
9 Important aspects to
consider
7. pingpal.io
Have a common framework for authentication and
authorization of your mobile apps as they are more
vulnerable than desktop or web based applications protected
by the company firewall. Consider the whole transport
mechanism for all your applications, internal messaging, etc.
You need a secure “pipe” for everything.
The most common solutions for this are VPN’s and Mobile
VPN’s. A VPN provides an encrypted tunnel through the
Internet between your device and a VPN server. This is
called a tunnel, because unlike other encrypted traffic, like
https, it hides all services, protocols, and contents.
Depending on the actual network state (coverage, signal
strength, etc), there might be problems since the mobile
networks response time can be high and VPN connections
are very sensitive regarding response time. This is due to
security concerns but it means that a slow response might
interrupt a VPN connection, making it very difficult to work on
the corporate network from a mobile device.
A VPN connection is set up once, and only terminates when
you decide, but the tunnel is disconnected if the client loses
network connectivity or due to inactivity. This makes it a good
solution for a more permanent or continuous connection to
the corporate network, as long as you have a good enough
Internet connection. But it is highly impractical for e.g.
messaging that is more sporadic in its nature.
When using VPN from a mobile device all Internet traffic,
disregarding if it is corporate or private, will have to pass
through the company firewall.
You will also have to take into account management of
temporary (e.g. consultants) users, letting people participate
in secure discussions without connecting them to restricted
services inside the firewall.
1. Security and Privacy Outside
the Firewall
9. pingpal.io
Mobile devices are used anywhere, often over untrusted
networks, with a significant potential for loss or theft You
must be able to remotely lock a lost device and wipe off
selected corporate data as well as emails, chat
conversations, etc.
The same goes for employees leaving the company and
consultants/sub-contractors that bring their own devices.
The solution must reduce the risk of leaking data by mistake
or by theft and it is here that the auto-deleting, or ephemeral,
mechanisms come in. Snapchat has popularized the auto-
deleting images for casual communication. The same kind of
mechanism can be used for any type of messaging or
corporate data when it is controlled by a specific app.
Possible ephemeral triggers are, for instance, deleting after a
set number of views, or at a set time, or by using a geofence;
“this information must not leave this building”.
You should also be able to push newer apps or versions of
apps to every employee so that everyone runs the same
version, as you have the app store update mechanisms for
commercial apps.
2. Device and local data Management
and Monitoring
10. pingpal.io
Your IT infrastructure must be built with device independence
in mind. You have to protect sensitive information wherever
and however it’s used and stored—even when business and
personal apps live side-by-side on the same device.
Support for various current and future mobile platforms and
form factors should not pose too big a challenge and a
fortune to implement and support.
Do not try to throw in every feature of an existing web app or
desktop app into your mobile app. This will only increase
bulkiness and development and maintenance cost. Build
smaller apps that only take care of a handful of features, that
are easy to replace when your organization or IT
implementation changes.
Provide a suite of such apps and let customers, partners and
employees pick and choose what may be the best fit for
them. Remember the high interoperability and ease with
which mobile apps can kick off another mobile app based on
user’s inputs and preferences.
Also keep in mind, the integration possibilities with
independent productivity apps like Evernote, Email clients,
Document and Image editing and management tools.
3. Device Independence
11. pingpal.io
A mobile application isn’t the same as a desktop application,
and while the difference starts in the device, it’s the server
side of the mobile equation that will make the difference
between productivity gains and losses.
If you do not already have an enterprise bus infrastructure in
place or your current infrastructure is too old to handle mobile
requirements, consider revisiting the brokering and routing
requirements.
An optimum server-side mobility solution will consider state
control in transactions, presentation of information and
management of mobile data flows.
You also need to analyze and minimize data volumes. Mobile
applications rely on a relatively low-speed link to the devices,
and available mobile bandwidth may vary considerably,
depending on the user’s location and the local cellular traffic
load. In many cases there may be usage charges applied,
which could make mobile applications expensive to run if
data volumes are high.
4. Server side implementation
12. pingpal.io
Database synchronization presents one of the toughest
hurdles in deploying distributed mobile solutions. You need to
set up advanced synchronization and filtering between each
mobile device and the central system, deciding what data
they share, and the manipulation rules. The complexity grows
exponentially with the amount of shared data so it is
necessary to select good tools to manage this.
The data in the app should be stored in a secure local
database in the device with strong encryption. There should
also be an automatic self-delete (ephemeral) mechanism
implemented in the app to automatically remove data in
accordance with the internal business processes, as well as
a complete wipe through a remote command.
The synchronization mechanism should also take into
account the mobile network characteristics of everything from
high to low speed data connections, dropped connections in
the middle of processing and even complete off-line
situations.
The data synchronization should be done partially on
connection losses, giving clients the opportunity to continue
synchronization where it was when the connection got lost. It
should also handle multi-user conflicts, primary-key changes
and other problems usually associated with database
synchronization.
5. Data synchronization
13. pingpal.io
Employees must be able to download corporate data in their
device. It could be as simple as Excel and PowerPoint files,
but also for instance all CRM, customer support, order
delivery, etc data related to a specific customer for a meeting.
People need access to important and sensitive data to
perform their job even when traveling on an airplane or
visiting a remote site with poor data network coverage.
Partners and associates might also need to download offline
data, like actionable items, messages and reports. For your
customers you might want to offer the ability to download
receipts, order status, and special offers even when they are
off the network.
The highly sensitive nature of this data makes it critical to
develop security mechanisms, like database encryption and
the ability to remotely wipe everything from lost or stolen
devices.
There might also be privacy or other regulatory compliances
needed to investigate.
6. Offline behavior of app
14. pingpal.io
Mobile customers’ attention span is shorter than that of
desktop and webapps. Customers use devices everywhere
and at any time of day. Mobile app infrastructure has to be
scalable as once an app becomes a big hit, it becomes
extremely important to scale up the back end within hours or
days. Otherwise you will end up having a short-lived success
and by the time you scale up the customers will be all gone.
The simple way is to apply vertical scaling by adding more
resources to your server. This might be OK for a small niche
app but will not be sufficient for massive scaling. Design your
app and backend solution for horizontal scaling where you
distribute data and route messages over several servers.
This is especially important if your app is customer facing.
7. Scalability
15. pingpal.io
Mobile apps are setting the stage for what users expect from
their working environment. People expect the same look,
feel and power from your internal apps as they expect from
commercial apps. This has raised the stakes for IT.
As you work to deliver a superior user experience, look for
ways to give people more than they expect and provide
useful capabilities they might not have thought of yet.
For example:
• Think mobile first!
• The design and layout of the app is at least as
important as the functional task it is intended for.
• Compare your intended app with similar commercial
consumer apps. Is your app looking as good or better?
It should, if you want your users to love the app.
• Allow people to access their apps and data on any
device they use, complete with their personalized
settings, so they can get to work right away.
• Automate controls on data sharing and management,
such as the ability to copy data between applications,
so people don’t have to remember specific policies.
• Define allowed device functionality on an app-by-app
basis, so people can still use functions such as printing,
camera and local data storage on some of their apps
even if IT needs to turn them off for other apps.
• Make it simple for people to share data with colleagues
by for instance sending a link.
• You should measure and analyze usage of various
features to decide future development of the app.
8. Prioritize user experience
16. pingpal.io
The app will reflect on your brand and you as a supplier and
it’s important that the app feels and behaves as good, or
better, than a commercial app.
Social networking is increasingly becoming an important
aspect of mobile app development. It could mean as simple
as enabling app authorization using customers social IDs, for
instance signing on with the users Facebook ID. If
implemented correctly it will also offer insights into
demographics of customers as well as help manage your
company’s online reputation and address customer concerns
before it is too late, all important aspects for developing your
products, offering and brand.
The app has to be appealing and will need regular facelifts to
keep competition at bay unlike the previous generation
webapps wherein functionality alone was enough to keep
customers engaged.
9. Customer facing apps
18. Anonymized
We only know your users by an anonymized ID,
organized in anonymous groups. You maintain all your
user data in your own environment.
No data Stored
We send messages point-to-point with nothing stored on our
system. It’s your data, we don’t want it. You decide what should
be recorded and stored in the app, and you store it on your
servers, not in our system. The best way to protect your
information is that we don’t have any information to protect.
Messaging withself-Destruct
PingPal is designed for the ephemeral messaging
paradigm. We transport any data between anonymized
users without storing on our servers. Add self-destruct
mechanism like “show once”, “delete at 5pm” or “this
message should not leave this house” (GeoFence
delete).
Positioning withself-Destruct
The most sensitive private data is the location of individuals, like
children, family members or VIP’s. PingPal provide secure
positioning dialogs for full protection. Use it for solving logistics,
people management or add geographic position to your security
tools.
pingpal.io
secure point-to-point Communication
PingPal is a platform for military grade encrypted privacy protected self-destructing (“ephemeral”) communication and
positioning. Like Snapchat or WhatsApp on steroids for ANY app developer or organization. Simple implementation
and low cost traffic subscriptions means great ROI.
And more
19. And more
Military grade encryption
During the message transport, or if the receiver is offline,
the message is temporarily managed by PingPal queues.
To prevent any possible intrusion or leaking we add a
point-to-point encryption layer. The keys are stored in the
sender and receiver devices. Not even we at PingPal can
read your messages, even if we where required to.
Security& Safety in the field
Implement a simple alarm button to push the user position to
friends or security personnel. Start a position tracker if
needed. Or set off an alarm if the user enters wrong area or
deviates from planned route. Include automatic data delete.
The possibilities to enhanced safety in the field are limitless.
Instant
PingPal messaging is extremely fast, as close to instant
as it is possible on mobile networks. PingPal messaging
is perfect for urgent or quick questions, group messages,
alert-style announcements, user-to-user messaging, etc.
With all those abilities including positioning.
Notifications
PingPal pushes messages immediately to the receiver. If he
or she happens to be off-line we fallback to iOS and Android
push message. Use this mechanism to push messages to
single users, groups or all users.
Internet of things
The PingPal communication interface can be
implemented on any Internet connected product. A few
pages of pseudo-code translated into the language your
device understands, like C or C++, and the device
becomes a user like any other user available to your app.
Traffic Subscriptions
PingPal is a mobile backend service or ”App Carrier”. App
developers buy privacy protected traffic from us, in monthly
subscriptions just like a monthly phone bill. We also provide
business and enterprise accounts with SLA´s and support
contracts.
pingpal.io