Putting ERP Securely On Your Wrist
April 10, 2015
HP 3000 ERP solutions are hosted natively on servers, and some of them can be accessed and managed over Apple's mobile tablets. But the Apple Watch that's due in two weeks will bring a new and personal interface for enterprise servers. Indeed, a well-known alternative and migration target for MANMAN and other MPE apps is climbing aboard the Apple Watch bandwagon from the very first tick.
Salesforce has a Watch app coming out on launch day that ties into a business installation of the storied application. Incredible Insights Just At A Glance, the promo copy promises.
Access the most relevant, timely data in seconds. Swipe to see dashboards, explore with lenses or use Handoff to work seamlessly between Apple Watch and iPhone. And use Voice Search to surface a report, view a dashboard, or find other vital information in seconds.
As mobile computing takes a new step with the Watch -- a device that Apple's careful not to call a smartwatch, as it's more of an interface for a smartphone -- security remains a concern. Apple has been addressing it by recognizing the Four Pillars of Mobile Security. A little review can be helpful for any IT pro who's got mobile devices coming into their user base. That's the essence of BYOD: Bring Your Own Device.
- Data at rest — Securing data on a device
- Data in transit — Securing data as it moves over a network connection to the device
- Application security — Installing trustworthy software from a safe source
- Patching — Keeping software up to date to avoid vulnerabilities
To implement good security reliably throughout an organization, three additional capabilities are crucial:
- Device management — Deployment, application distribution, security policy enforcement
- Reporting — Inventory of all devices and their configuration
- Auditing & remediating — Audit for compliance to security standards and tools to remediate as needed
JAMF sells its Casper Suite as a tool to manage enterprise-grade Apple platform installations. There's bound to be something just as thorough for the Windows-based user community. It's one more thing to ensure is a part of a migration plan, as the 3000's ERP data moves into a fresh generation.
For reference, to help research the caliber of such a Windows-based strategy, here's the breakdown that JAMF provides in a white paper about securing mobile data as well as Apple does.
1. Data at rest — The iPhone and iPad features hardware-based encryption for data at rest that is enabled by default. For Mac, the FileVault whole disk encryption system (a native feature in OS X) protects data with virtually no impact to system performance or battery life.
2. Data in transit — Apple devices can connect via VPN (Virtual Private Network) to secure data in transit. No additional software is required to take advantage of this security feature, and once configured it is transparent to the user.
3. Application security — One of Apple’s best contributions to the IT security field is their App Store ecosystem. Apple reviews all software submitted to the App Store to weed out malware. Each software package is cryptographically signed to prevent any tampering with the files. OS X and iOS are configured to reject any software that lacks a signature. IT staff can sign their own software packages to take advantage of this application security layer.
4. Patching — Since the dawn of computing, all software includes some number of defects or bugs. Some of these defects can be used by malicious attackers to gain access or steal information. The best practice for IT security is to keep all software up to date to eliminate vulnerabilities as they’re discovered. Apple makes this easy with native software patching utilities built-in to the OS. IT staff can host an Apple Software Update Server on the corporate network to speed up patching.
There's a bit of "every problem seen as a nail" with Apple's tools acting as a hammer here. But closed ecosystems have been essential to 3000-grade reliability for decades. Apple controls every aspect of the ecosystem as much as HP did with the 3000, making hardware as well as operating systems. A turnkey solution usually saves time and resources.