Afaria in the Cloud & Mocana

I was fortunate enough to be invited to participate in the Bloggers Program at SAPPHIRENOW in Orlando last week.

For me, the main announcements on Day 1 were at the “Mobile Press Conference” that was held in the afternoon. As far as I recall none of this news was mentioned at any of the keynote presentations – which seems a bit odd. Also there seems to have been little coverage anywhere else either.

The press conference was led by Sanjay Poonen who is now focussed on the mobile space in his role as Head of Mobile Division at SAP.

Sanjay explained how SAP “see the world of mobile device management is becoming one of mobile security“. In response they have created a new umbrella brand for their offerings in this area and named it SAP Mobile Secure. There were several aspects to the SAP Mobile Secure portfolio but I must admit I didn’t really grasp what they all were and given the first question from the audience asked for clarification I suspect others were a bit mystified as well.

Here is the overview slide.

Following the positioning of SAP Mobile Secure the first announcement was that SAP are providing Afaria in the Cloud as a SaaS offering.

This is something many people have been advocating for some time. It always seemed to me that Afaria was a natural fit for a SaaS offering. To be able to subscribe to it and manage your mobile devices immediately rather than have to put in your own infrastructure and connectivity solutions for highly mobile devices always seemed to me an obvious thing to do. I was pleasantly surprised that SAP chose to run this service themselves, on Amazon AWS infrastructure, rather than partner with telecommunications companies. Lock in to regional telecommunications providers is just a bad idea for a global solution so well done all around for avoiding this pitfall.

And the real kicker – Afaria in the Cloud is available immediately for 1 Euro per device per month. You can signup for a free 30 day trial at http://sapafaria.com/ and give it a go. SAP claim that the price point is significantly lower than competing offerings and when I checked with some of the mobile peeps who are closer to this market than I am this seemed to be validated.

For me the pricing was the big news. Not so much for the specifics of this offering but because it demonstrates SAP’s willingness to look at innovative and appropriate pricing models that address the needs of their customers.

For 1 Euro per month you can envisage parents using the service to manage their children’s smartphones – but more realistically it makes Afaria immediately available for all IT shops seeking to manage the mobile device challenge no matter what their size or budget. This opens up a huge market that SAP has struggled to get into. Sanjay showed a slide predicting 50 billion “things” connected to the internet by 2020. If just a smidgin of these devices sign-up for Afaria in the Cloud it will be a significant revenue stream. And of course once they are signed up then SAP is perfectly positioned to offer additional services, applications, etc.

The second announcement was a partnership with Mocana to resell the Mocana Mobile App Protection product. I must admit I had never heard of Mocana before a SAP Mentor meeting with Sanjay that was held the day before the announcement. I did a quick bit of research and was immediately taken with the concept of app-wrapping which was new to me – but pretty obvious once I grasped it. I also managed to spend a few minutes with Adrian Turner the CEO of Mocana to learn more about MAP. Adrian is also an Aussie but don’t hold that against him.

During the press conference Sanjay explained how SAP’s attention had been drawn to Mocana as a potential partner in at least some part by SAP’s own customers. Mocana has a track record securing things like data acquisition sensors, control systems, SCADA solutions, smart meters, etc. Adrian mentioned they support over 2450 combinations of operating systems and CPUs.

The Mocana Mobile App Protection (MAP) product encloses the mobile app and can therefore enforce security policies on a per app basis. It works by taking the binary executable file and wrapping the MAP component around it – similar to the way PhoneGap projects are built. During this process security policies can be set that are baked into the MAP wrapper. These policies can include per-application VPN with encryption so that the connection to the backend is locked down and secure. On-device data (data at rest) can also be encrypted, copy and paste can be disabled, etc. There are 15 different policies available now with more coming.

It seems to me to be an elegant solution to a difficult problem. Mention was made of a large bank that wanted to roll out 65 mobile applications in a single year. They only managed to get one of those apps going because they couldn’t get IT to sign-off on the others. In part this was because the developers needed to code the corporate security policies into each and every app. The Mocana story is that security policies can be handled by the MAP wrapper which allows the app developer to better meet IT requirements and therefore IT to better meet the needs of the business.

The other sweet spot for this solution has to be in the bring-your-own-device (BYOD) space. Reality is that the IT department does not own the BYOD devices and so any attempt to overtly control them will be resisted by the device owners. The Mocana MAP solution allows IT to control just the individual apps they wish to deploy.

I have no first-hand experience with Mocana products so I would appreciate any feedback anyone can provide.

For more on Afaria in the Cloud go to http://sapafaria.com/

The Mocana web site is at https://mocana.com/

A replay of the SAP Mobile Secure press conference can be found at http://www.news-sap.com/watch-live-sap-mobile-security-press-conference-with-sanjay-poonen/