The new technologies offer better control over the real-time business data of the company.
SAP customers already run a broad range of cloud solutions that help them to sell better, control easier their stock and inventory, purchasing and production processes, etc. There are also analytical solutions from SAP that use this real-time business data to produce analysis and prediction reports. They help companies to make better planning decisions and to be more successful on the market.
All these services come with new modern and intuitive SAP user interfaces that make them available also on mobile devices. The flexibility of the mobile devices is highly appreciated by the business users. The managers also recognize it, because of the better user productivity, and try to “mobilize” more and more business roles.These are some of the reasons why companies already started replacing desktop computers with tablets for some user roles or simply give tablets and smartphones as a second device to managers.
However, there is a long way to go until the time when everybody in the company will be able to use a corporate mobile device. Now many shift workers and teams simply get shared mobile devices for their work.
The business applications that run on these shared mobile devices are protected with the respective level of security and proper authentication methods as usual. The problem is that the standard mobile SSO solutions, available for mobile devices of the individual users, do not work for shared devices. When using a shared mobile device users need to type every time their complicated User IDs and passwords in order to get into the applications and to do their job. This of course affects the usability and respectively the performance of the user.
With the SAP Single Sign-on 3.0 SAP offers a Mobile SSO solution also for shared mobile devices.
The solution is available via the SAP Authenticator for Android and is based on the NFC reader*, technology supported by most of the Android devices. When a user puts his NFC card close to the NFC reader of the mobile device, the SAP Authenticator is using the data from the card to authenticate the user. No more typing of complicated credentials is necessary. Users get simple and secure Mobile SSO solution to the applications also on shared mobile devices by simply using the same NFC card they use to access the office, the storage location or the production floor.
When better control over the NFC authentication is necessary, it is possible to use the risk-based authentication solution, available with the SAP Single Sign-On product. The Mobile SSO scenario could be extended, for example, with a policy that can retrieve data about the user from a shift management system of the company. Based on the policy, the user could be allowed to authenticate with his/her NFC card on the shared mobile device only when he/she is on shift. When the user is not on shift the access can be denied. The policy could be configured also to check the IP range and to allow authentication with NFC cards only from the intranet, when such security rule is necessary. All these additional policy conditions improve the overall security of the Mobile SSO solution and at the same time keep the simplicity and the usability for the end users.
>> News: This Mobile SSO solution is available also for Windows phones that support NFC readers via the SAP Authenticator for Windows phone, just release and available on the Microsoft Store: SAP Authenticator for Windows phone .
SSO solution for shared/kiosk PCs is available with the product since SAP Single Sign-On 2.0 SP04. For more details about this solution, see the blog: RFID-Based Identification of SAP Applications Using Employee Badges