Solution Extension Best Practices:

Protecting and Securing Your Mobile

Applications
Subject Matter Expert:
Scott Bonnell
Vice President,
Mocana
2014 SAP AG. All rights reserved. 2
SAP Mobile Secure
An integrated, cloud-based EMM solution
Operating System

Mobile Device Management
Network Connectivity

*Secure Mobile Gateway*
Network Access Control
Data & Applications

Mobile App Management
*Mobile App Security*
Mobile Content Management
Data Loss Prevention
Mobile App Reputation
SAP HANA Enterprise Cloud
with complete enterprise integration
2014 SAP AG. All rights reserved. 3
Leaders in mobile security

Focus on User
Experience

Transform the mobile user
experience considering all
aspects of the users interaction
with products, systems,
processes, and services.

Increase Mobile App
Usage

Drive mobile app usage and
employee productivity for the
success of large scale SAP
Business Suite investment.
App Level Security
within a Broad EMM
portfolio

Provide the foundation for
consuming future enterprise
data. Focus on management
of content, apps and devices.
Mocana and SAP: Vision to improve the user experience
2014 SAP AG. All rights reserved. 4
The Usage Gap for Enterprise Mobile Apps
Mobile App Usage in the enterprise is severely impacted due to lack of
beautiful user experience balanced with simple enterprise integration

Driving mobile app usage and employee productivity is critical for the success
of large scale mobile investment
26%*

Employees using
corporate apps report
loss of productivity

43%*

Employees abandon
corporate mobile
apps
2014 SAP AG. All rights reserved. 5
EULA, App
Expiration
Per-App VPN Jailbreak/
Rooting
Detection
Geo-fencing
Data At Rest
Encryption
Secure
Data Transfer
SAP Mobile App Protection
Secure the app, its data, and the connection to the enterprise
Disable app when the device is
compromised by jail breaking or rooting
Restrict app usage
to a geographic location
FIPS 140-2 certified encryption for all data
storage. Prevent malware and rogue apps
from accessing sensitive data
Restricts copy and paste to
unsecured area of device
Secure VPN tunnel to
enterprise network
prevents rogue apps and
malware from gaining
unwanted access
User
Authentication
Enterprise
App
Passcode policy
enforcement expiration,
lock-out and help-desk
assisted passcode reset
End user license agreement
enforcement, lock-out with app expiration
Federation of apps
Secure transfer among federated
wrapped apps on the device
Mocana Secure Enterprise Browser
Hybrid/Web Apps
3
rd
Party Apps
Custom B2E/B2B Apps
2014 SAP AG. All rights reserved. 6
SAP Mobile App Protection
Zero-to-secure in seconds
SAP Mobile App Protection
Web Console and Server
IT Admin/LoB
1. Upload Enterprise App 2. Point and Click Policies 3. Distribute Wrapped App
Mobile device mgmt
Mobile app mgmt
Enterprise app store
E-mail
Intranet
Passphrase
Secure copy-paste
Per-app VPN
SSL reverse proxy
DAR encryption
FIPS 140-2
Lockout recovery
Single sign-on
Managed or
Unmanaged User Devices
Data wipe
Jailbreak detection
Location masking
Geofencing
App expiration
User agreement
App federation

2014 SAP AG. All rights reserved. 7
Secure enterprise browser
Mobilize web apps instantly and securely
Extend access to existing SharePoint, corporate intranet sites, web apps, and portals
Provide seamless access to sensitive data across any mobile device
Apply security policies to customize and configure the Browser's security
Extend mobile web apps to unmanaged devices
2014 SAP AG. All rights reserved. 8
Pairing SAP Mobile App Protection with Mocana Atlas
Drive Mobile Usage in the Enterprise At Scale
SAP Mobile App Protection paired with Mocana Atlas
securely simplifies enterprise integration and connectivity.
One Time Simple
Access Setup
Tap and Go
Always ON
Always
Connected
Security Post-
Development
(FIPS 140-2, Dual
Authentication, SSO)
Scales Smoothly for
Large Enterprise
Deployments
End To End
Visibility
2014 SAP AG. All rights reserved. 9
Tap and Go
Tap
and
Go
Mobile Apps with SAP Mobile App
Protection paired with Atlas
Current App Login Experience
Cumbersome Login Experience
Many screens, Many seams
1 Tap To Connect
Strong Security, Transparent to User
2014 SAP AG. All rights reserved. 10
Customer case study: Consumer Packaged Goods
Customer Background
Multinational consumer packaged goods
company
Over 15,000 mobile users
Portfolio of over 50 mobile apps

Key Requirements and Use Cases
Mobilizing SAP Fiori and other custom
apps
User experience was top priority
Simplify pen testing process for dozens of
mobile apps
Solution to pair with MDM, but have
flexibility to use for extended enterprise in
future

Mocana 360 1
0
Why SAP + Mocana?
Ability to achieve a balance
between development, security,
and usability
Avoid cost and time of penetration
testing for mobile apps
User is authenticated once and
then gets a certificate to
authenticate to all backends
2014 SAP AG. All rights reserved. 11
Customer case study: Retail Industry
Customer Background
Retail vendor delivers services to
approximately 125 million customers
300,000 employees

Key Requirements and Use Cases
Protect apps on tablets at retail Point-of-
Sale locations
PCI & FIPS 140-2 compliance
Secure email / browsing
Multi-factor authentication
Deliver cohesive security for apps across
multiple MDMs and unmanaged devices
Mocana 360 1
1
Why SAP + Mocana?
Cross-platform support for iOS
and Android
Uniform app security regardless of
which (or whether) an MDM
solution was being used
Mobile analytics and visibility
Ability to support rapid
deployment of new apps and user
populations
Best-in-class security
2014 SAP AG. All rights reserved. 12
Customer case study: Insurance industry
Customer Background
Large European financial services firm
Over 10,000 mobile users

Key Requirements and Use Cases
Field worker app that allows taking
pictures and submitting claims real-
time while meeting with customers
Mobilizing SAP Fiori
Secure browser for Intranet access
Secure third-party email

Mocana 360 1
2
Why SAP + Mocana?
Seamless user experience
particularly easy enrollment of
new users and devices, and one-
tap access
Ability to deliver consistent user
experience and security policy
across multiple operating systems
Willingness to co-innovate on
business critical requirements
Lets Win Together!
Have a Great 2010!
THANK YOU!

QUESTIONS?
FOR FURTHER INFORMATION PLEASE CONTACT:
MILJA GILLESPIE
milja.gillespie@sap.com
2014 SAP AG. All rights reserved. 15
Mobile Application Protection Challenges
Facts needed why does this matter??




Things to consider 3-4
2014 SAP AG. All rights reserved. 16
SAP Mobile Secure
An integrated, cloud-based EMM solution
Operating System

Mobile Device Management
Network Connectivity

*Secure Mobile Gateway*
Network Access Control
Data & Applications

Mobile App Management
*Mobile App Security*
Mobile Content Management
Data Loss Prevention
Mobile App Reputation
SAP HANA Enterprise Cloud
with complete enterprise integration
2014 SAP AG. All rights reserved. 17
Leaders in mobile security

Invented App
Wrapping
Mocanas platform is
the most widely-
deployed embedded
security technology in
the world
Dozens of patents
granted and pending.
#1

Android Leader
Mocana technology
ships in 5 of the top 7
Android OEMs (over
70% of all Android
handsets).
Recognized By
Analysts

App enablement is a
growing market cutting
across key B2C, B2B and
B2E organizations. SAP's
end-to-end mobile
portfolio and Mocana's
app wrapping technology
are expected to help
enterprises accelerate the
deployment of game-
changing mobile
applications.
Why SAP partnered with Mocana?
2014 SAP AG. All rights reserved. 18
SAP Mobile App Protection
Overview
SAP Mobile App Protection by Mocana helps organizations accelerate mobile initiatives by
automating app security. App wrapping technology enables enterprises to quickly secure
existing corporate and third-party applications without having to write any code. *
Increase flexibility Meet strict regulations Speed mobile initiatives
Ensure security when
managing the device isnt
ideal (for example, BYOD)
and when building B2B
apps
Accelerate app adoption:
no coding or security
expertise required.
Eliminate security
bottlenecks for operational
app deployments at scale
Protect corporate data and
meet compliance and audit
requirements in highly
regulated industries with
additional encryption and
security requirements
* Available on-premise or in the cloud.
2014 SAP AG. All rights reserved. 19
EULA, App
Expiration
Per-App VPN Jailbreak/
Rooting
Detection
Geo-fencing
Data At Rest
Encryption
Secure
Data Transfer
SAP Mobile App Protection
Secure the app, its data, and the connection to the enterprise
Disable app when the device is
compromised by jail breaking or rooting
Restrict app usage
to a geographic location
FIPS 140-2 certified encryption for all data
storage. Prevent malware and rogue apps
from accessing sensitive data
Restricts copy and paste to
unsecured area of device
Secure VPN tunnel to
enterprise network
prevents rogue apps and
malware from gaining
unwanted access
User
Authentication
Enterprise
App
Passcode policy
enforcement expiration,
lock-out and help-desk
assisted passcode reset
End user license agreement
enforcement, lock-out with app expiration
Federation of apps
Secure transfer among federated
wrapped apps on the device
Mocana Secure Enterprise Browser
Hybrid/Web Apps
3
rd
Party Apps
Custom B2E/B2B Apps
2014 SAP AG. All rights reserved. 20
SAP Mobile App Protection
Zero-to-secure in seconds
SAP Mobile App Protection
Web Console and Server
IT Admin/LoB
1. Upload Enterprise App 2. Point and Click Policies 3. Distribute Wrapped App
Mobile device mgmt
Mobile app mgmt
Enterprise app store
E-mail
Intranet
Passphrase
Secure copy-paste
Per-app VPN
SSL reverse proxy
DAR encryption
FIPS 140-2
Lockout recovery
Single sign-on
Managed or
Unmanaged User Devices
Data wipe
Jailbreak detection
Location masking
Geofencing
App expiration
User agreement
App federation

2014 SAP AG. All rights reserved. 21
Best Practice Example: (customer name)
2014 SAP AG. All rights reserved. 22
Secure enterprise browser
Mobilize web apps instantly and securely
Extend access to existing SharePoint, corporate intranet sites, web apps, and portals
Provide seamless access to sensitive data across any mobile device
Apply security policies to customize and configure the Browser's security
Extend mobile web apps to unmanaged devices
2014 SAP AG. All rights reserved. 23
The Usage Gap for Enterprise Mobile Apps
Mobile App Usage in the enterprise is severely impacted due to lack of
beautiful user experience balanced with simple enterprise integration

Driving mobile app usage and employee productivity is critical for the success
of large scale mobile investment
26%*

Employees using
corporate apps report
loss of productivity

43%*

Employees abandon
corporate mobile
apps
2014 SAP AG. All rights reserved. 24
Pairing SAP Mobile App Protection with Mocana Atlas
Drive SAP Fiori Mobile Usage in the Enterprise At Scale
One Time Simple
Access Setup
Tap and Go
Always ON
Always
Connected
Security Post-
Development
(FIPS 140-2, Dual
Authentiation, SSO)
Scales Smoothly for
Large Enterprise
Deployments
End To End
Visibility
2014 SAP AG. All rights reserved. 25
Best Practice Example: (customer name)
2014 SAP AG. All rights reserved. 26
SAP Fiori,
SAP MoBI and
other mobile apps
SAP Mobile App Protection paired with
Atlas
Elegantly
Mobilized
Experience
One Time
Simple Access
Setup
Tap To Go

Always On
Always
Connected
Improving the user experience
2014 SAP AG. All rights reserved. 27
Tap and Go
Tap
to Go
Mobile Apps with SAP Mobile App
Protection paired with Atlas
Current App Login Experience
Cumbersome Login Experience
Many screens, Many seams
1 Tap To Connect
Strong Security, Transparent to User
Lets Win Together!
Have a Great 2010!
THANK YOU!

QUESTIONS?
FOR FURTHER INFORMATION PLEASE CONTACT:
MILJA GILLESPIE
milja.gillespie@sap.com