March 22nd, 2013

Enterprise Mobility & BYOD – Live Interactive Q&A

BYOD Tech TalkCalling all Enterprise Architects, Application Architects and Senior Developers! For our next API Tech Talk, we’ll be discussing Enterprise Mobility & BYOD live on March 26 at 9am PST. My special guests will be Layer 7 VP of Client Services Matt McLarty and Product Manager for Mobile Leif Bildoy.

The BYOD movement seems to be changing the hardware landscape permanently and it’s showing no signs of slowing down. Naturally, this presents both opportunities and challenges. Security managers within the enterprise have less control then ever. “Anywhere access” has blurred the lines of what used to be called the corporate network perimeter.

So what are CIOs and CTOs specifically worried about with BYOD? Well for one, mobile devices can easily go missing while containing sensitive data and employers often cannot even assess the impact of data security breaches from compromised devices. But locking down employees’ personal devices is generally not an option.

So how can enterprises re-assert control over their data assets while still allowing employees to use their own smartphones as they choose? We’ll be discussing this and other questions during out live, interactive Q&A. So, be sure to clear your calendar and join in the discussion on March 26 at 9am PST.

Here’s How to Join the Discussion
Make sure you click Add to Calendar to get the event details and a reminder in your calendar. Then, on the day of the event, click here to join:

To ask questions, you can:

December 18th, 2012

New Mobile eBooks

Layer 7 eBooksAs a Partner Architect at Layer 7, I’m lucky enough to get to interact with some of the best and brightest in the industry. These include software vendors, systems integrators, analysts and thought leaders. When you add in our own experts, we have access to a veritable “who’s who” of the API world.

Recently, we began a series of free eBooks that will distill our communal knowledge into specific, targeted recommendations for dealing with a variety of challenges around APIs – from interface design, to security, to developer engagement. Today, I’m pleased to announce the first two of these, which deal with API exposure for internal mobility projects and for externally-facing open APIs.

First, we have Enterprise on the Go: 5 Essentials for BYOD & Mobile Enablement. This eBook focuses on the challenge of securely exposing internal applications and information assets to mobile employees, either on their own devices (BYOD) or as part of a larger mobility initiative. These five key points for a successful deployment are presented in an easy-to-consume synopsis and then backed up by white papers, webinars and customer case studies. Of particular interest to our enterprise customers are the sections on repurposing existing services and using middleware to optimize for mobile use cases.

Next, we have 5 Ways to Get Top Mobile App Developer Talent for your Open APIs. While not all enterprises have chosen to expose their APIs externally, those that have are faced with the challenge of acquiring a talented community of developers that will build useful mobile apps for the consumer marketplace. However, enterprises can’t simply assume “build it and they will come.” Getting devs onboard requires investment in documentation, branding and community development. This eBook discusses some of the best methods for onboarding and rewarding those developers who provide the most value.

Whether focused on internal or external developers, these eBooks are valuable resources for anyone looking to expose APIs for mobile access to enterprise assets. We welcome your feedback on this format and look forward to continuing the series.

August 22nd, 2012

From the Vault: Understanding Mobile IAM with Forrester Research

Forrester WebinarsIn the new hybrid enterprise, organizations need to manage business functions that flow across their domain boundaries in all directions. Increasingly, this means using APIs as conduits for opening up information to services running in the cloud and apps running on mobile devices like the iPad. For enterprises, securing and governing these APIs is not straightforward.

Meanwhile, BYOD is making Mobile Access an urgent issue for enterprises; forcing them to make application functionality available to app developers in a consistent, easily-consumable, mobile-optimized manner, via APIs. Therefore, enterprise technologies are evolving to support API-based mobile interactions.

Identity and access management (IAM) represents a key concern for enterprise IT and it is particularly crucial in BYOD/enterprise mobile scenarios. Mobile IAM requires fundamentally new approaches and the adoption of new standards such as OAuth.

These are some of the most critical issues facing IT departments today but the associated techniques and technologies are not necessarily that well understood in the enterprise world. Therefore, I’d like to take this opportunity to  flag up some relevant webinars from the Layer 7 archive, all of which feature Forrester Research.

If you’re facing the challenge of ensuring secure access in an enterprise mobile scenario, these resources should help you make sense of the issues:

  • How to Make Your Enterprise Applications Mobile Ready, Fast
    Leverage backend mobile middleware to deliver mobile ready enterprise APIs
    Find out more >>
  • Identity, Access & Privacy in the New Hybrid Enterprise
    Make sense of OAuth, OpenID Connect and UMA
    Find out more >>
  • A Practical Guide to API Security & OAuth for the Enterprise
    Implement OAuth as part of an enterprise-level API security solution
    Find out more >>
June 26th, 2012

QCon New York 2012

QCon BannerLast week, Layer 7 was a sponsor at QCon New York, an exciting conference held in Brooklyn. This event dealt with the latest software development trends in several categories including mobile, cloud, big data, architecture and security. As noted in this article from the show, there was quite a bit of focus on the seismic shift in development from server-heavy applications to more agile development using client-focused technologies like HTML5 and JavaScript. These are better suited for mobile and Web use cases, allowing client-side manipulation of data.

However, these technologies are only half the story. The other half is the API that provides a method of interaction with the server. To provide a rich, functional interface, this API must be user-friendly for people and machines. It should be easy to develop against, with or without extensive documentation. And it should be able to represent both the current application state and the operations available to the client. These API design principles were discussed by Layer 7’s Principal API Architect, Mike Amundsen, in his fascinating talk on Wednesday.

QCon was yet another in a long line of analyst, enterprise and developer conferences to draw the same conclusions about the future of enterprise IT. It’s time to look at software development in a new way – and Layer 7 is helping enterprises get on board with these new technologies. Our recently-announced SecureSpan Mobile Access Gateway provides the middleware necessary to adapt internal information assets into secure, optimized APIs consumable by mobile devices for enterprise mobile enablement or BYOD.

June 14th, 2012

Geofencing & Mobile Access Gateways

Written by
Category API, BYOD, Mobile Access
 

GeofencingOne of the cooler features offered by Siri on the iPhone is its integration with the internal GPS for geofencing. For instance, you can tell her (yes, I just anthropomorphized a disembodied mobile phone app) to “remind me to pick up some milk when I leave the house”. While this geofencing application is very consumer-centric and a nice-to-have, geolocation (and geofencing) is often a must-have for enterprise mobile apps.

At Layer 7, our enterprise customers are sometimes constrained by industry regulations regarding data privacy. These restrictions, especially in the healthcare and financial services industries, often prohibit medical or financial data from traveling across international (or even state) borders, to ensure compliance with local regulations. Some may require additional forms of authentication when connecting from a new physical location.

Many enterprises are also rolling out BYOD initiatives based on the employee’s proximity to company offices – they can use their own phones to access company data while in the office but that access is restricted when they head for home. More complex GIS integration is sometimes necessary for mobile employees and field technicians.

Building strict geolocation rules into every mobile application is possible but time-consuming to develop and difficult to maintain. Managing these policies in a centralized Mobile Access Gateway allows flexibility of design and easy updates. Compliance auditing is simplified and policies are reusable and configuration-driven. If you want to tighten distance restrictions or change GIS providers, you only have to make the change once.

Layer 7′s SecureSpan Mobile Access Gateway is far more than just a simple API proxy. It provides mobile-specific features around identity, security, adaptation, optimization and integration. It is these integration features that allow powerful orchestration of third-party APIs (including geolocation), legacy applications and mobile notification services for a truly comprehensive Mobile Access solution.