security in enterprise smartphone apps
Smartphone usage has exploded over the last couple of years. And its usage has been with a different architecture than the past fifteen years of information technology has used. Specifically smartphone app usage is dominated by NATIVE apps not web apps. This pushes computing back to the edge as opposed to centralized processing done by web apps. With this new paradigm there are a new set of security issues and best practices that are not simply a rehash of web app best practices.
Smartphone apps for the enterprise also require true synchronized data to get true usage in the enterprise. Synchronized data, while the only way to get true app usage, does introduce security issues that need to be handled. This document describe the five big areas of native smartphone app security issues: transmission security, storage security, app management, enterprise authentication and backend app authorization. Along the way we describe how Rhomobile products handle each of these issues. But these areas apply to any enterprise smartphone app. We hope you will benefit from the outline whether or not you use Rhodes or RhoSync.
Transmission Security
If you are sending sensitive information over the public Internet (generally the case with most smartphone apps) then you will need to secure it in some way. This should be with SSL, and sending over an https comnection.
With Rhodes, just as with an Objective C or Android Java app, you will transmit the data over SSL (https). Both Rhodes alone and Rhodes plus RhoSync support use of https as a transport. In fact it is easier with Rhodes than with Objective C. This is because with the Rhodes AsyncHttp.get call, you just list an https URL and Rhodes will connect to the backend appropriately. This is in contrast to underlying SDKs where significantly different code is written to connect to an https URL.
Storage Security
With native smartphone apps (unlike web apps or mobile web apps), generally you want to have data available on your device. And of course if you are using synchronized data that will always be the case. If you are concerned about the availability of data on your device in the clear then you can encrypt that data. As a best practice we recommend encrypting only the attributes that are truly sensitive information.
In Rhodes you can encrypt data with your Rhodes app using the Ruby crypt library calls. Block cyphers currently available include Blowfish, GOST, IDEA, and Rijndael (AES). Cypher Block Chaining (CBC) has been implemented. Twofish, Serpent, and CAST256 are planned for release soon.
You can also use SQLCipher for transparent encryption. Finally to ease some of the burden of integrating SQLCipher into your app we will be adding transparent encryption as a model option in Rhodes 2.3 (to ship by end of 2010).
App Management
Native smartphone apps presented new issues of managing access to apps and updates to those apps. We recommend that enterprises consider some product to manage their apps and the data for those apps. It is important that that software:
- update users with new apps that they should have
- provide updates to those apps
- remove apps that those users should no longer have and the associated data
- remove the app management portal when appropriate
Note that in these “Bring Your Own Device” days we do not recommend full mobile device management. MDM creates additional maintenance burden for IT administrators and is not likely to be accepted by users on their own devices.
Rhomobile’s solution for this problem is called RhoGallery. RhoGallery is the first hosted app management solution, providing ease of deployment and use not seen before. Whether or not you use RhoGallery we recommend choosing some mobile app management solution but steering clear of full device management due to the complexity, cost and conflict with the BYOD future.
Enterprise Authentication
There needs to be delegated authentication to some form of enterprise directory for optimal sync server security. Ideally this should be the company’s well-maintained LDAP directory. It is important that any sync solution support “delegated authentication” to tie into a company’s overall directory system for authentication.
RhoSync makes it very easy to perform delegated authentication by simply providing an “authenticate” method that can call to any directory authority. A typical authenticate method is less than five lines of code.
Backend App Authorization
All sync source adapter should always login with the appropriate userid to the backend. This insures that they are only getting the information that they have rights to. It is important not to use some form of global “app ID” to perform this data synchronization, otherwise overall information authorization schemes would be compromised.
There is also the issue of how does RhoSync authenticate with your backend app. This is done via the “login” method in each source adapter itself.
