MOTODEV For Enterprise

Neal Sample is the SVP of Technology at American Express and a guest blogger on MOTODEV. Neal and team are currently focused on Serve, American Express’ next generation digital payments platform.

The availability of powerful devices, rich applications, high-speed networks, and the need to enable a mobile workforce have created an incredible demand for sophisticated mobile enterprise applications.  The applications are deployed on devices capable of remotely accessing private customer information, sensitive email, and other protected corporate data.  Securely managing these mobile enterprise applications is a top concern of many IT managers.

Daniel Shein, aka Shein, is a guest blogger for MOTODEV.  He's been developing mobile applications since the days Symbian ruled the land and has been working on commercial and enterprise Android and iOS apps since they first appeared.  

So you’ve developed a great app for your enterprise phones and tablets. You’ve poured a lot of effort and resources to make your app effective, secure and a great user experience. But now you’ve got to deploy it to all of those devices without sacrificing security.  

In Roman times, ciphers were very easy to use, but also very easy to break. Today's ciphers are, for practical purposes, impossible to break, but not so easy to use.  Peter van der Linden explains the do's and don'ts in this interesting post.

Okay, you’ve told us. You’re interested in building apps for the mobile enterprise. Most of you are Android developers, but you also have a keen interest in HTML5 for cross-platform apps. 

Al Sutton is a guest blogger for MOTODEV and works for Funky Android Ltd. based in the UK. His company provides Android and security applications to companies of all sizes from large governement organisations down to small start-ups. In this article he takes developers through providing an encryption system aimed at minimizing the bandwidth requirements for data replication whilst ensuring that data is stored securely on a device.

In Harry Potter and The Deathly Hallows, the Deathly Hallows represent three items the characters think they can use to cheat death. However, as readers and the characters find out, there are unforeseen fatal weaknesses with each item. 

Bring on the three “deathly hallows” of device security: PIN lock, remote wipe and guest wireless. All three are widely-adopted in the world of device security. But, there’s more you need to know and more we can do within Information Technology (IT) to move these techniques to the next level.

In mobile security, the Principle of Least Privilege promotes minimal privileges based on what’s necessary.  Every component in the system must operate at the lowest permission level necessary with the least set of privileges.  By implementing this principle the “attack surface” is reduced because unnecessary privileges are eliminated.

The principle of least privilege is implemented at all layers of Android, starting with the Linux kernel and working it’s way up to the permission model used with applications.  From a developer’s perspective, the security risk of an app is determined, in part, by what permissions are requested. 

Mobile devices are everywhere, including the corporate workplace.  In order to protect company assets you must plan for it and take steps towards understanding the implications and risks.

Here at MOTODEV for Enterprise, we recently hosted a webinar on The Enterprise Dilemma: Native vs Web.  Your response was awesome. Most of you are currently developing in native Android, but all of your questions were about mobile web apps and cross-platform frameworks. The most important factor in your decision is user experience.