The ubiquity of smartphones and mobile devices in the workplace has presented enterprises with incredible opportunities for maximizing productivity. By creating mobile apps that allow access to backend systems, enterprises can empower their employees to leverage mission-critical application functionality and data anywhere, at any time, from any device.
With these opportunities come security risks, particularly in BYOD (“bring-your-own-device”) scenarios. Enterprises need to deploy identity and access management (IAM) systems able to ensure their apps are only being used by authorized personnel and that these individuals are receiving appropriate levels of access to sensitive on-premise resources.
There are many enterprise-level IAM technologies already on the market but few of them cater to the specific security requirements of mobile apps and BYOD. Enterprise mobile deployments have a number of unique risks associated with them that can only be addressed through a specifically mobile-centric approach to IAM:
These risks can be addressed by deploying an enterprise-grade solution for mobile Single Sign-On (SSO). The ideal solution for enterprise mobile SSO should simultaneously simplify and secure the process through which apps require users to sign in to the enterprise, by leveraging the strong authentication capabilities inherent to mobile operating systems.
Layer 7 offers a complete, standards-based and proven solution for simplifying enterprise-level mobile security through SSO. This mobile SSO solution uses OAuth 2.0, OpenID Connect and PKI standards to leverage existing enterprise IAM investments. Communication is secured through Layer 7’s Mobile Access Gateway, via client-side libraries.
The Mobile Access Gateway is lightweight, low-latency mobile middleware that solves critical, mobile-specific identity and security challenges. The Gateway now ships with a Mobile SDK, which makes it simple for enterprise app developers to implement mobile SSO for iOS and Android devices.
SSO is implemented via Layer 7’s Management API, which simplifies the development process by abstracting the complex OAuth/OpenID Connect protocol flow between mobile device and Gateway. For maximum security, communication is secured through the Gateway via mutual SSL configuration.
Validation of User, App & Device Identity
Lost Device Tracking & Blockage
Integration with Existing Backend Identity Management Systems
Best-of-Breed User Experience
Single Sign-On for Mobile
Mobile Access Gateway