1.

Dont Let Transitioning To BYOD Disrupt IT And Threaten Security

As we covered in the first installment of our BYOD blog posts, there is a growing
movement among enterprises to embrace BYOD policies on behalf of their employees. There are a number of factors contributing to this shift, including employee personal preference, increased productivity due to OS comfort, the ever tethered nature of your relationship to your phone, and lower hardware price points vs. computers. !n part !! of this blog mini series, we covered why BYOD can be good for your business as well as your employees" your staff is more efficient and happier, and it can improve your bottom line. On the other hand, it#s difficult for !T departments to$ implement cross platform solutions, handle the increased number of variables posed by the numerous hardware systems, and most importantly, contend with security issues. This leaves us to answer the %uestion, how do you contend with the security threats and general drawbac&s inherent with BYOD policies' What should concern you? You want your employees to be efficient and optimi(ed when they#re out of the office ) this is part of the promise of smartphones and tablets. That being said, what happens if they lose one of their devices' Or if they#re carrying sensitive data and use it within third party apps that aren#t secure' *ith the new Apple AirDrop feature on iOS, how do you monitor where people are sending files when they don#t travel through your enterprise email server +e.g. ,-change.' /ow do you ensure that employees with lower clearance levels can#t access more sensitive files on their tablets as opposed to their computer' *hat if a colleague AirDrops it to them not &nowing they#re not supposed to have access to it' /ow do you trac& who has what data in your wor&force in general'

0The problem, in simple terms, is that BYOD policies leave !T departments in a gray area ) the phone is owned by someone else, but you want to protect your data on it,1 concludes 2eter *eiss, 3,O of 4u!T 3onsulting and BYOD e-pert. 03ompanies will simply say, 5oh, let them use their email on it, no big deal,# but there are so many other concerns you have to contend with as an !T department.

What you need to e thin!ing a out"

0The only way to implement a coherent, secure BYOD policy re%uires one thing above all others ) planning,1 continued *eiss. 0You have to as& yourself so many %uestions$ how many employees are you responsible for' how many total devices' only phones or tablets, too' how much access or security does each device re%uire' how much can each device access' what do you do if someone#s hardware goes down' ,ven if you#re subsidi(ing the plans or the devices, if the hardware dies, who is responsible for buying the new one' You want your employees to be reachable at all times, but they don#t want to spend the money for a new smart phone ) what do you do in that situation' 0The bottom line is that there is no 5one si(e fits all# approach to BYOD" you have to consider too many variables, meaning the planning stage is 6ust as important as the implementation stage. You need to define security profile groups" you should put into place a BYOD terms 7 conditions plus provide and re%uire training for every employee detailing how they can and can#t use your data" and, you need to have a defined device replacement policy. These are the types of things you need to thin& through and be prepared for when you#re loo&ing to implement BYOD.1

#eed a little help?

The good news is that there are firms that build and support comprehensive platforms to handle all BYOD enterprise obstacles +usually called 8D8 or ,88 providers.. There are consulting groups li&e 4u!T that can help you traverse these waters and choose the correct solution provider+s. for you. 9urthermore, talented app developers can build custom tools for your organi(ation to achieve the same goal with greater customi(ation. You#re not alone with your %uestions and concerns, and there are able solutions providers willing to wor& with you to overcome them.

$. Spotlight On %o ile Strategies

8obile wor& has become common, and companies need long term mobile strategies. Senior !T e-ecutives met at the SA2 3!O Summit in 9ran&furt to discuss the way forward. The wor&ing environment is becoming increasingly fle-ible" smartphones and tablets have long since become an established part of our daily wor&ing lives. According to a study by the high tech association B!T:O8, one third of employees +;< percent. access their employers# !T systems when they#re on the move. And one in three companies recogni(es that action is needed to establish an integrated platform for managing mobile devices, applications, and content.

This ma&es it all the more surprising that in a survey conducted by the consulting firm 2A3, some => percent of ,uropean companies stated that they do not yet have a long term mobile strategy ? and only @A percent confirmed that they had addressed the issue of securing mobile applications and data. &IOs as inno'ation dri'ers At the SA2 3!O Summit in Dreieich, near 9ran&furt, !T e-ecutives from big name companies met with e-perts from the industry to discuss the potential of mobile strategies and ways in which they can be implemented. A flash poll conducted at the start of the event revealed that, at the companies represented, it is usually the !T departments that push mobile strategies forward and that 3!Os are the innovation drivers. SA2#s interim 3!O, A-el BBlow, e-plained the role of an end to end mobile strategy and associated security concept$ 0As an !T manager, !#m also an SA2 customer, because !#m a pilot user right from the start. *e build prototypes, and if they#re successful, we include them in our portfolio.1 Some companies, li&e SA2 are building apps that allow documents to be e-changed securely. Internal apps oost e(ployee uy)in A ma6or advantage of offering apps internally, said BBlow, is that you garner better employee buy in for e-isting solutions. 8obile applications, he e-plained, force developers to pay close attention to usability right from the start, which means that the resulting applications are more intuitive and easier to use.

9or the customers who presented their concepts to delegates at the summit, a mobile strategy is all about serving employee needs and customer wishes. !T architect CDrg 9rye from E! Solution, the !T division of Bay*a, an agricultural, energy, and building material retailer and wholesaler, spo&e about the offline enabled sales app that his company introduced in its agricultural business segment in <>@<. Some ;>> sales personnel currently use the app to call up and save information about products and customers on their mobile devices. They can create documents such as contracts and orders at the customer site and, once they have been approved, send them to the system. Sales apps li&e this have completely replaced the previous paper based process, freeing up valuable time that sales personnel can now devote to tal&ing to their customers. &reating a (o ile strategy *hen it came to the topic of 0Bring Your Own Device1 +BYOD. ? in which employees use their private mobile devices for business purposes ? opinions at the summit were divided. Bay*a has e-cluded this option because of concerns about security. 0The wor&place of the future is mobile, because the bottom line is that our employees are more productive if they can be online anywhere and at any time,1 said BBlow. 0*e#re already managing a total of F>,>>> mobile devices from all the main manufacturers on the SA2 8obile 2latform, and *indows G devices will increase that tally soon,1 he added. Bringing *aug(ented reality+ to the ,or!place To limit the variety of devices in use in the future, SA2 was, he said, also focusing on tabletHlaptop hybrids$ 0*e want to shape the mobile wor&place of the future.1 !n this

conte-t, SA2 is also investigating deployment scenarios for 0augmented reality1 applications. 9or e-ample, warehouse wor&ers could soon be using Ioogle Ilass smart glasses to access information about the items on their pic& lists from a connected smartphone and view it 0hands free1 on a screen right in front of their eyes

-. BYOD. The /ood0 The Bad0 And So %uch %ore

*hen it comes to the ne-t wave of Jnified 3ommunication platforms, to bring, or not to bringKthat has become the %uestion. To bring what you as&' To bring your own device, that is. Businesses and technology buyers everywhere are as&ing themselves this right now. *ith pressure mounting as 3,Os and front line sales ali&e are loo&ing to use their favorite tech toys at wor&, !T leaders are being forced to as& themselves another %uestion. Should we or should we not allow our employees to bring and utili(e their personal devices for business purposes' Jndoubtedly we have all grown increasingly connected at the hip +pun intended. to our favorite iDevice or Droid product. *ith this we have also grown increasingly demanding about having the opportunity to utili(e these tools for wor&. But 6ust because we want to doesn#t mean that we should. This is e-actly why we have 3!Os and !T leadership in our organi(ations. !f you are responsible for ma&ing the decision for whether or not to allow your J3 solutions to be run on independently owned devices, here are some things to consider.

BYOD. The good

Integration. 8ost of the devices are running on the same handful of operating systems, most commonly Apple#s iOS and Ioogle#s Android. 9or the most part, BYOD integrationwith J3 platforms is built on an application via iTunes or the Ioogle 2lay store. This means setting up the device to wor& is usually a few simple settings, including pointing the device at the right server and then inputting user credentials. The e-perience on the individual device will be completely ubi%uitous with the e-perience on a company issued device. !f the employee should no longer have access, the app running on the device can be made useless by simply changing credentials. &ost. Ienerally with bring your own device, a company is able to put more of the cost re%uirements on the wor&er. This also alleviates some of the headaches related to preparing hardware for every new employee or chasing down hardware whenever an employee leaves. +4ote$ A lot of companies doing BYOD today still have company issued hardware.. 1(ployee satis2action. ,mployees are generally appreciative of the opportunity to use their preferred devices, which is good for morale. As a side effect of this, the employees are often going to have the newest tools which would be very hard for a company to &eep up with. *e have all seen the life cycle of new products become so short that even when you issue your employees the newest thing they almost immediately become replaced by what is ne-t. This way the integration with your J3 platform isn#t as much device specific as it is operating system specific, so the company can provide some guidelines to employees interested in utili(ing their own device and then let the employee ta&e it from there.

BYOD. The ad

Security. As ! mentioned above, security for BYOD and J3 isn#t necessarily all bad. The real challenge is chances are that BYOD won#t be 0only1 used for J3. And if that is indeed the case, it is more difficult for a company to manage security when they allow personal devices to be used for wor&. Ienerally the company has to set acceptable use policy that lives on top of the personal device, but it is hard to mandate certain things. Ta&e for instance social media use. Your company may not want wor&ers on 9aceboo& during the wor&day, but what about an employee chec&ing in from their personal +BYOD. at lunch' 3reates a real grey area. The other consideration may be re%uiring use of certain security tools such as anti virus or loc&ing their devices at all times. These can be part of the use policy and part of the e-pectations set for companies allowing BYOD. &o(pliance. !f your company is governed by any sort of compliance laws, for instance /!2AA, then you have to ma&e sure those rules are followed regardless of who owns the device being used. !f contact information or J3 integration with 3E8 or other systems that contain sensitive data, then the systems must be in place to ma&e sure that the data is safe and secure. Data retrie'al. This goes along with security, but if an employee leaves or is let go the data that resides on the personal device will need to be retrieved. This e-pectation has to be set and agreed upon prior to BYOD deployment. 8ost J3 applications are closely tied to customer records, contact information, sales and financial data and more. The good news for !T departments is this isn#t really a new challenge. !n many organi(ations that have webmail interfaces, people have been 0popping1 email to separate accounts where they can access them from a personal

device. *hat does need to happen is this needs to continue to be better managed to ma&e sure important and sensitive documents aren#t left out there after the person has parted ways from the organi(ation. *ith widely available applications for J3 on your own device, BYOD continues to gain momentum. 3ould a BYOD friendly J3 deployment have a place in your organi(ation' !t 6ust may, so long as you plan correctly and set the right e-pectations with your users up front.

3. Apples 4ingerprint Scanner &an Do %ore Than 5nloc! Your i6hone

The i2hone As was announced to great fanfare earlier this month, and while many reacted to the device by saying it is simply an incremental release, it has the potential to change the way we interact with mobile devices and ob6ects in the real world than&s to one special feature ) Touch !D. A long rumored i2hone addition, Touch !D allows you to unloc& the i2hone As as well as ma&e purchases in iTunes using a fingerprint scanner built into the home button. !t might seem li&e a simple idea on the surface, but the possibilities for innovation don#t stop at unloc&ing your phone. The only problem is Apple#s unwillingness to give developers access to the technology at the moment. De'elopers loo! 2or,ard to laying their hands on Touch ID !t#s hoped that eventually Apple will allow A2! access to the new sensor so developers can use Touch !D in their applications. That would open the door to a plethora of new

possibilities. The most li&ely scenario for developers, according to 3onsulting iOS Architect 3onrad Stoll, is that Touch !D will be used as a 0to&en based authentication provider.1 This method would allow the i2hone to function in a similar fashion to an OAuth server. 0*hen you want the user to confirm their identity to Lthe appM in order to ma&e a transaction, you could as& their phone to verify that to&en,1 Stoll e-plains. 0Then the user could press to validate their fingerprint with Touch !D and, if that is successful, the phone could then tell that app that, yes, this is the correct user, and they have authenticated and you can now trust that it is them performing some action.1 One piece o2 the pu77le Apple has a number of new technologies that, when pieced together, reveal a broader picture that will allow this strategy to wor&. The first of these components are devices called iBeacons. The company hasn#t tal&ed in detail about their intentions for them, but we &now plenty about what the devices do. iBeacons are tiny radios that you can put almost anywhere so that when an i2hone comes into range it detects the device and can estimate how far away they are from one another. The second piece of the pu((le is AirDrop, which was announced as part of iOS F. !t allows the user to %uic&ly receive files, pictures and other information from nearby devices. !f you combine AirDrop and iBeacons, things start getting interesting. Eetailers could use a combination of the technologies to drop a coupon in your 2assboo& when you come within a few feet of their store +which, of course, they would detect using an iBeacon. or they could wa&e up your phone and offer you a deal on the loc& screen, much li&e this proof of concept.

The retail details By combining iBeacon, AirDrop and Touch !D, there are more comple- opportunities for both retailers and consumers. 9or cashiers, collecting customer email addresses has never been easier. Eather than hounding patrons at the register, retailers can prompt them to sign up for their e newsletter with a free coupon through AirDrop, allowing them to opt in by using their fingerprint to ship off their associated email address. This could be ta&en a step further to mobile payments when iBeacons are able to detect more precise distances. ,ventually, a small shop might be able to put an iBeacon underneath their cash register and detect when a customer is within one to two yards to allow for payment of goods. Eather than rubbing their device on the terminal and then using a 2!4 for large purchases, which 493 re%uires, customers could receive an AirDrop re%uest for payment, present their fingerprint and be on their way. ,stimote, a company building iBeacons, is already wor&ing on a similar payment solution. Why unloc!ing your phone is 8ust the eginning Noc&itron, fresh off a successful :ic&starter campaign, allows i2hone owners to unloc& the door to their house simply by wal&ing up to it with their i2hone in their poc&et. A new generation version of the device could, in theory, add support for fingerprint authentication to unloc& the door and allow you to register your family#s fingerprints as well.

This could be ta&en further if we imagine the future smarthouse. Once inside the home, your lights and thermostat could change to suit whoever unloc&ed the door as well as playing some of their favorite music over the spea&ers. One could also imagine Touch !D being built into automobiles. *ith Apple#s recent foray into iOS compatible cars, the company could ta&e that integration to the ne-t level by enabling fingerprint scanners to not only start the car, but personali(e the e-perience based on the driver. A high end car manufacturer li&e Audi could use simple fingerprint unloc& to start the car, begin your favorite playlist and change the seat height automatically, ma&ing for a frictionless driving e-perience. !n the event that Apple builds Touch !D support into more devices, li&e i2ads and 8acBoo&s)or an A2! that allows them to re%uest your finger via the i2hone)it could create a ubi%uitous payment and identity platform for the !nternet and the real world. *ebsites li&e Ama(on and eBay could use the fingerprint scanner to authenticate the purchaser#s information. Additionally, Stoll believes that 0personali(ation is something we eventually do need for iOS.1 Through Touch !D, Apple could allow multiple user accounts, much li&e Android devices. /e points out that 0there simply isn#t enough storage to ma&e that happen right now,1 as you would need to have multiple sets of applications on the device rather than 06ust switching out system settings.1 Touch ID is uilt 2or the 2uture 8any media organi(ations have described the i2hone As as uninteresting, but they are failing to see the possibilities of the new Apple technologies wor&ing together. !f

anything, the i2hone As offers one of the largest opportunities for application and hardware developers since the App Store opened. Although a couple of hac&ing groups have already gotten around the fingerprint protection, Stoll isn#t worried about it. /e points out that hac&ing the system 0is e-tremely difficult, and re%uires advanced s&ills and training. LOfM the trade offs between protection and convenience, users have always pic&ed convenience.1 !t#s time for mar&eters, hardware manufacturers and developers to start imagining the possibilities that this technology can bring. ,ven if Apple hasn#t opened Touch !D to the world of third party applications right now, it#s hoped that they will at some point. Those who are ready to build apps and tech that utili(e the fingerprint scanner will have the opportunity to change the way the world interacts.

Strategic %o ility &onsulting

Getting to your best mobile strategy
The mobility solution implementation re%uires the organi(ations to not only build the capabilities and stategy to synthesi(e many different components including devices, networ&s, applications but also the mobile middleware interface for these components. The mobile technology landscape is changing rapidly and this momentum has made it important for the senior management to ma&e informed decisions with regards to the enterprise mobility strategy and roadmap for their organi(ations. The right mobility strategy for your organi(ation will lead to strategic advantages, optimi(ation of total cost of ownership +T3O. based on the mobility roadmap.

Mobile Opportunity Assessment (MOA)

,ndeavour ? The 8obility 3ompany has helped several fortune A>> companies as well as billion dollar brands as strategic mobility advisors in building their enterprise mobility strategy and implementation roadmaps. This is done through our three step speciali(ed assessment process called 8obile Opportunity Assessment +8OA..

%OA helps organi7ations identi2ying opportunities ,here 'alue o2 %o ility can e unleashed and uilding a (o ility 'ision and a road(ap ased on their organi7ational goals. "The most important thing that we have learned and what we hope to communicate in this roadmap, is that mobility is a powerful business paradigmbut only by addressing people, processes, and technology in a balanced way can we leverage its significant business benefits." %o ile Application De'elop(ent
Mobility is a journey, not destination

,ndeavour helps organi(ations in articulating a uni%ue value proposition for their mobile applications by providing Strategic %o ility &onsulting and %o ile So2t,are De'elop(ent services, thereby addressing some of their &ey challenges such as$

The mobility mar&et is e-panding rapidly, so how do you ensure your mobile solution is competitive'

*ho can help you in translating the theoretical specifications and building a scalable mobile solution' *hether you are a Startup or a Billion O brand, if you are loo&ing to leverage 8obility, ,ndeavour The 8obility 3ompany is the right partner for you. ,ndeavour provides mobile application services across &ey mobile platforms which includes iOS, Android, Blac!Berry, Windo,s and %o ile We . ,ndeavour offers technology solutions geared towards building ,nterprise and 3onsumer 8obility Solutions through the right blend of consulting, design, software development, testing and deployment. Our Approach ,ndeavourPs technology e-perts speciali(e in building uni%ue value proposition in the (o ile application de'elop(ent by ta&ing into consideration various aspects such as intuitive Jser ,-perience, tool based testing approach, scalable architecture for the mobile solution, and plethora os devices, OSes being launched in the mar&et everyday.Some of the specific mobility s&ills that ,ndeavour has e-pertise implementing in several large enterprises such as :imberly 3lar&, Dell, /ewlett 2ac&ard, SAS !nstitute, Boston Scientific 3orporation and others, include$

!HT and 8obile Security, ,ncryption and Authentication implementation ,nterprise !ntegration using 8,A2 platforms ,nterprise bac&end connectivity to ,E2 systems 2ro6ect Iovernance standards as followed by various organi(ations Eich Jser e-perience on tablet and smartphone applications for the enterprise

Mobility for Enterprises ,-pansion of mobility industry has been powered by the enterprises 7 consumers wherein the demand of different users has led to plethora of options for Oses, Devices, and Eesolutions in the mobile mar&et.%o ile Application De'elop(ent for the enterprises is completely different from a mobile solution for consumer mar&et. Our mobility e-pert team brings into consideration the aspects of enterprise data security, legacy bac& end integrations, mobile device management, middleware integrations, and also the latest concept of BYOD.

Creating Thought eadership *e have some of the best technologists and mobility analysts who are thought leaders in the 8obility space and contribute regularly to the enterprise mobility vertical through$

Technical *ebinars Blogs H 2erspectives ,-pert Spea& *hitepapers 4ewsletters

%o ile Application Testing

The flawless usability of an app is a result of testing the app multiple times to purge the defects. Development and Testing are two sides of a coin and an app is deemed mar&et worthy only after it successfully clears all the rigorous tests. *e,at ,ndeavour completely understand this need and we have a dedicated testing lab, ,QuaN +,ndeavour Quality Nab., established for this sole reason to ensure a dedicated team to perform (o ile application testing and thereby deliver a bug free mobile solution. ,QuaN has proved its e-pertise time and again in mobile application testing on various mobile devices as well as across multiple platforms. The result is that our mobile apps completely satisfy the set business ob6ectives and perform flawlessly across different devices and networ&s. *ith a repository of over ;>> mobile devices and access to latest automated testing tools, ,QuaN ensures that applications are put to e-haustive testing before they are launched in the mar&et. About ,ndeavour Quality Nab +,QuaN. .

Where 9uality (eets 6er2ection:

,QuaN e-pertise is geared towards providing our customers the following assurances, which are also its goals$

,liminate defects by performing rigorous (o ile application testing !mprove application %uality process continuously 2resent customers with the highest %uality products and services fulfilling their business ob6ectives

,QuaN is a ma6or differentiator factor when it comes to successful pro6ect completion. And the reason why we do better than others is because we adhere to the following What we do 7 How we domethodologies.

What ,e do 2roviding test services for mobile applications and strategies for clients operating in the business or personal mobility platforms forms the cru- of ,QuaN#s wor&. Our wor& spans performing (o ile application testing across diverse platforms li&e Android, *indows, i2hone, Blac&berry, Symbian, BE,*, 2alm 2re, C<8, and non mobility applications.

;o, ,e do *e accomplish our tas&s by leveraging following test methodologies +2lease note this is a representative list and is not an e-haustive list to showcase our testing

methodologies..$ 2lan and Strategi(e tests$ Our customers# business needs forms the basis of our strategy for devising an effective mobile testing framewor&. !n other words, our test strategies are customer centric and we arrive at the best plausible framewor& li&e data driven, A3t2;, &eyword driven, test script, test library architecture, modularity, hybrid test automation and so on. Ee%uirement 3ompatibility Analysis +E3A.$ is an important component of our testing process because it provides the media content types, supported file si(es and networ&s, access to device file structure, application memory limit in devices and so on. :nowledge Based Testing +:BT.$ we have pooled our vast e-perience of mobile app testing into building a huge repository of Testing techni%ues, standards and methods. Our &nowledge base helps us perform e-cellent testing procedures and strategies across various mobility platforms and technologies. %o ile Application 6orting

"Adapting a mobile application, built for one mobile platform, into another is called Mobile Application Porting."

3ustomers# ever increasing demands for features, stability and compatibility has forced vendors of mobile app platforms to step up innovation resulting in a state of flu-. !n such a scenario, porting of applications must ta&e into account the dependencies on user interface and device apart from the main issue of platform compatibility. At ,ndeavour, our approach to mobile app development involves great emphasis on standardi(ing and reusing code elements. This ensures the porting of source platform apps to target platforms %uic&ly and efficiently. Our 2orting Strategy encompasses the following milestones$ 6orting Analysis and Design. *e use a reference port to conduct a detailed analysis. 2ost analysis, we construct a design blueprint that identifies and designs the reusable elements in the program code. This greatly reduces the turnaround time in the ne-t phase i.e. porting development. 6orting De'elop(ent. *e diligently follow the design blueprint formulated in the previous phase to set up a coding framewor&. Once the coding framewor& is signed off, development &ic&s in and is implemented strictly as per the design and coding framewor&. 6ost Test and <eri2ication. Our e-pert testing setup the ,QuaN Nab uses approved test cases to rigorously test each app build on its intended target device.

I(portance o2 %o ile 6orting strategy

!n today#s mobility world, there are multiple options available for the consumer in terms of mobile devices, and resolutions. The leading OS players are launching new and updated OS versions within a fre%uency of = months to @ year, which is though providing multiple options to the users but is creating havoc for the mobile application developers. They need to ensure their mobile applications are scalable for the future releases. This includes scalability of the solution not 6ust on one platform but on multiple platforms. The mobile application has to be developed to support multiple platforms available in the mar&et to ensure deeper reach in the mar&et. 1ndea'ours %o ile Application 6orting O22ering

:eeping in mind the variety of platforms, devices, and OSes available in the mar&et, ,ndeavour structured the (o ile application porting offering which allows our customers to leverage our mobile app development e-pertise across platforms. *henever a new pro6ect comes, out mobility e-perts ensure the feasibility of the solution is evaluated across platforms and recommendations are provided to the client to include porting of the mobile solution to multiple platforms. %o ile Application 6orting is need of the hour as the variety of platforms and their OSes is e-panding phenomenally thereby providing multiple options for the users to

choose from and hence if a mobile application has to become popular in the mar&et, it has to be present across different platform application stores.