securing salesforce mobile sdk apps with good dynamics

20
Securing Salesforce Mobile SDK Apps with Good Dynamics Dimitri Volkmann, Good Technology, VP Product Strategy @dimiexter

Upload: herve-danzelaud

Post on 13-Nov-2014

1.749 views

Category:

Business


3 download

DESCRIPTION

Good Technology's session at Dreamforce 2012

TRANSCRIPT

Page 1: Securing Salesforce Mobile SDK Apps with Good Dynamics

Securing Salesforce Mobile SDK Apps with Good DynamicsSecuring Salesforce Mobile SDK Apps with Good Dynamics

Dimitri Volkmann, Good Technology, VP Product Strategy

@dimiexter

Page 2: Securing Salesforce Mobile SDK Apps with Good Dynamics

Safe harborSafe harbor statement under the Private Securities Litigation Reform Act of 1995: This presentation may contain forward-looking statements that involve risks, uncertainties, and assumptions. If any such uncertainties materialize or if any of the assumptions proves incorrect, the results of salesforce.com, inc. could differ materially from the results expressed or implied by the forward-looking statements we make. All statements other than statements of historical fact could be deemed forward-looking, including any projections of product or service availability, subscriber growth, earnings, revenues, or other financial items and any statements regarding strategies or plans of management for future operations, statements of belief, any statements concerning new, planned, or upgraded services or technology developments and customer contracts or use of our services. The risks and uncertainties referred to above include – but are not limited to – risks associated with developing and delivering new functionality for our service, new products and services, our new business model, our past operating losses, possible fluctuations in our operating results and rate of growth, interruptions or delays in our Web hosting, breach of our security measures, the outcome of intellectual property and other litigation, risks associated with possible mergers and acquisitions, the immature market in which we operate, our relatively limited operating history, our ability to expand, retain, and motivate our employees and manage our growth, new releases of our service and successful customer deployment, our limited history reselling non-salesforce.com products, and utilization and selling to larger enterprise customers. Further information on potential factors that could affect the financial results of salesforce.com, inc. is included in our annual report on Form 10-Q for the most recent fiscal quarter ended July 31, 2012. This documents and others containing important disclosures are available on the SEC Filings section of the Investor Information section of our Web site. Any unreleased services or features referenced in this or other presentations, press releases or public statements are not currently available and may not be delivered on time or at all. Customers who purchase our services should make the purchase decisions based upon features that are currently available. Salesforce.com, inc. assumes no obligation and does not intend to update these forward-looking statements.

Page 3: Securing Salesforce Mobile SDK Apps with Good Dynamics

Dimitri VolkmannDimitri Volkmann

VP, Product Strategy

Good Technology

[email protected]

VP, Product Strategy

Good Technology

[email protected]

Page 4: Securing Salesforce Mobile SDK Apps with Good Dynamics

©2012 Good Technology, Inc. All Rights Reserved. Company Confidential 4

Trends: Apps & BYO

150.8MCorporate-liable devices expected to

ship by 2015

182.4MEmployee-liable devices expected to

ship by 2015

550KApps in the Apple App store, 25B downloads as of March 5, 2012

400KApps in the Android marketplace,

11B downloads

Worldwide Business Use Smartphone 2011 – 2015 Forecast and Analysis, September 2011 (Stephen Drake, Stacy Crook, Ramon Llamas)BI Intelligence for tablets data, 2 http://148apps.biz/app-store-metrics/ (January 16, 2012) for apps data, 3 http://www.apple.com/pr/library/2011/12/12Apples-Mac-App-Store-Downloads-Top-100-Million.html for downloads data, 4

http://www.distimo.com/blog/2012_01_google-android-market-tops-400000-applications/ for apps data, 5http://www.zdnet.com/blog/hardware/android-markets-10-billion-downloads/17015?tag=content;siu-container

Page 5: Securing Salesforce Mobile SDK Apps with Good Dynamics

11Receive via native email

@

Encryption

Compliance & Policies

BYO and App Store

DLP (Data Loss Prevention)

Protecting Enterprise Data: Security and Compliance

Open and edit in3rd party editor

22Store unencrypted

locally or cloud

33

Page 6: Securing Salesforce Mobile SDK Apps with Good Dynamics

Solutions to protect data

Web Virtual Desktop

NoData!

MobileDevice

Management(MDM)

Controlthe

Device

Containers

Controlthe

App/Data

Page 7: Securing Salesforce Mobile SDK Apps with Good Dynamics

Pros & Cons

Web Virtual Desktop

MobileDevice

Management(MDM)

Containers

+ No data+ Leverage existing infrastructure

- Limited access to Device resources- Constrains User Experience- No offline scenario

+ Leverage existing practices

- Limited by Device OS, inconsistent- Constrains BYO use case

+ Leaves Device intact for BYO+ Separate clearly Personal/Enterprise+ Not Device dependent

- Requires new approach

Page 8: Securing Salesforce Mobile SDK Apps with Good Dynamics

Good Technology Product Portfolio Security Productivity BYOD Collaboration Management Innovation

Secure Container

Certified Security

NOC Secure Transport

Scalability

Enterprise Apps3rd Party Apps

Business Process Collaboration & ProductivityApplications

Foundational Development Platform

Secure, Trusted Mobile Infrastructure

Mutiplatform Support

Good Mobile Manager

CentralizedManagement

Set Policies

Provision Devices

Distribute Apps

AppKinetics

Good For Enterprise Collaboration

Page 9: Securing Salesforce Mobile SDK Apps with Good Dynamics

• Encryption (AES 256)

• Secure back-end connectivity

• Container level Policies & Compliance Restrict ‘open with’,

cut/copy/paste, and iCloud sync

Application level password

Remote wipe of the container

Detect jail-broken/rooted device

• Additional Application Services• Push, Inter-container interop, Collaboration

The Good Container Approach

Page 10: Securing Salesforce Mobile SDK Apps with Good Dynamics

A Container, not A Silo

Basic Containers

Non secure,OS-based,Data flow or Exchange

Good DynamicsAppKinetics TM

Good Mobile Messaging

Secure Docs

Page 11: Securing Salesforce Mobile SDK Apps with Good Dynamics

Good Dynamics Components

Client LibrariesSDK and APIs Security and Application Services

Good InfrastructureServers and NOC for Security and Management Services

Good ControlManagement: Policies, Compliance, Users access to Apps

Page 12: Securing Salesforce Mobile SDK Apps with Good Dynamics

Benefits

Compliance and Policies handled by the

framework

Secure Storage

Secure Enterprise back-end access

Interoperability between containers,

client side single sign on

Services

Mobile Application Development with Good Dynamics

No coding encryption and secure back-end access

Value added services fasten development

App level management, BYO friendly

Eco-system of ISVs and SIs

Page 13: Securing Salesforce Mobile SDK Apps with Good Dynamics
Page 14: Securing Salesforce Mobile SDK Apps with Good Dynamics
Page 15: Securing Salesforce Mobile SDK Apps with Good Dynamics

WebHybridNative

Mobile App Development for Salesforce

Good Dynamics Platform & SDK

Good Dynamics Platform &

PhoneGap plug-in

GFE Secure Browser container

Good Technology Solutions

Page 16: Securing Salesforce Mobile SDK Apps with Good Dynamics

HybridNative (iOS)

Sample #1: How to Secure Storage ?

iOS Native call: NSString* str = @"file contents";

NSData* contents = [str dataUsingEncoding:NSUTF8StringEncoding];

[contents writeToFile: @"sample.txt" atomically: NO];

GD call:NSString* str = @"file contents";

NSData* contents = [ dataUsingEncoding:NSUTF8StringEncoding];

[GDFileSystem writeToFile: contents name:@"sample.txt" error:&err];

Local File Usage: fileEntry.createWriter(success, fail);…writer.onwriteend = function(evt) {…};writer.write(“ file text contents ”);

No code changes required, the plug-in uses GD Libraries

Page 17: Securing Salesforce Mobile SDK Apps with Good Dynamics

Sample #2: Enforce Custom Policies

Policy enforcement to be implemented by the developer

GDApplication.getApplicationConfig(success, fail);…var config = JSON.parse(result);if(config[“copyPasteOn”] === “false”) {…}

GDiOS* library = [GDiOS sharedInstance];NSDictionary *policy = [library getApplicationPolicy];if ([[policy valueForKey:@"copyPasteOn"] isEqualToString:@"false"]) {…};

HybridNative (iOS)

Retrieve the policies (defined by admin in the GC)

Page 18: Securing Salesforce Mobile SDK Apps with Good Dynamics

Good Dynamics Network

https://begood.good.com/community/gdn-welcome!input.jspa

Developers: Next Steps

Web Apps – now with GFE Secure Browser

Native Apps – now with GD

Hybrid Apps – PhoneGap plug-in – in Good Roadmap

Page 19: Securing Salesforce Mobile SDK Apps with Good Dynamics
Page 20: Securing Salesforce Mobile SDK Apps with Good Dynamics