Week 6 is over. It was a rather short week, only 5 lectures, with the last one being an outlook. The topic was security, and SAP used it show off what SMP 3 is going to offer to ensure a high level of secure mobile apps.
To overcome the main mobile security concerns, of course Afaria was shown and demonstrated. From the end-user perspective, it is a register, download, install process, from the administrator view it means to configure a security profile. One that can offer a huge set of options. That the level of MDM Afaria offers differs for each platform and – in the case of Android – depends on which version you are running wasn’t a topic. Short: just buy and start using Afaria. That’s OK, you should have a MDM solution, and as SUP/SMP integrates with Afaria it makes total sense to also use Afaria as your MDM solution.
To help developers reach a specific level of security, SAP is going to offer helper tools / libraries. These will add a common set of security features like encryption, logon and a common set of UI widets (calendar, etc). The vantage is clear: you can use libraries from SAP instead of solving a common problem again and again. On the platforms where MAF is available (sorry, only iOS and Android, I hope WP8 is joining the club too) your native applications will act the same way. AFAIU Kapsel will bring some of these features to hybrid apps too.
That this level of security comes with a price wasn’t mentioned. You’ll have to pay money for Afaria + SMP, including a vendor lock-in. SMP may offer a REST API and therefore can be used by any app (or even normal web page), when you start using the components offered by MAF your app is dependent on them. If you later want to move an app to another platform for whatever reason, you’ll have some problems. At least for Cordova I hope SAP will make them available as official Cordova plugins with a user friendly license. This way Cordova apps can benefit from SMP without being a SMP app and a later migration of these apps to SMP should be easy to achieve. For instance, the logon component: a Cordova plugin that allows for local authentication and passphrase when the app is brought back to foreground, and with SMP it can use the SMP logon policies (or Afaria).
The security week deserves more time, I’d like to see that this topic is extended or better integrated into the other weeks.
The only thing missing now is the final exam.
Other blogs in this series from me about the open SAP course: Introduction to Mobile Solution Development
- Survived week 1: Introduction to Mobile Solution Development
- Still alive after week 2: Enterprise Mobility Enablement Services
- Any given Tuesday – week 3: Introduction to Mobile Solution Development
- Do apps dream of electric sheep? Week 4
- Remember, all I’m offering is the truth – nothing more – week 5