10 Mobile BI Strategy Questions: Security

Mobile BI Strategy Security by Kaan TurnaliDo you have all three layers of mobile BI security covered: device, app, and data? All of the convenience and benefits of mobile devices provide a particular security risk, complicating matters for the technology managers.

When we think about the three layers of security in mobile BI, each layer plays an equally important role. Moreover, each layer represents a specific component of a user’s access profile. Therefore, it’s vital not only to understand how each layer completes the security picture, but also to make sure they work in tandem.

1.  Mobile device security

This outer layer deals with protecting the mobile device, whether it’s issued by the business or allowed under a bring-your-own-device (BYOD) arrangement. The security objective is to secure corporate data assets with a comprehensive enterprise mobility solution. Such a solution would enable IT departments to have anytime/anywhere control over all of the deployed devices as well as their applications. For example, administrative options would include the ability to remotely lock and wipe devices when an employee reports a lost business phone or tablet. This approach to mobile device security can’t exist separately from, or independent of, the organization’s enterprise mobility strategy, especially for compliance reasons.

2.  Mobile BI app security

The middle layer includes the mobile BI app. The security at this layer can be linked to device security (for example: the employee profile may dictate the availability of a particular app). However, the app security can also be established in addition to and/or independent of the device security. For example, we may need to unlock the tablet first, and then unlock the mobile BI app with a password before anything else can be done. If the mobile BI software is purchased, this functionality will be dictated by the vendor. Mobile BI solutions built in-house will have a greater degree of flexibility to customize this option.

Mobile BI app security plays a critical role because it provides a secondary layer, similar to a pin on calling cards or remote access devices. If the mobile device is lost or stolen, it helps protect the downloaded information on the app. This becomes especially critical if the mobile BI app has an offline functionality, which allows full access to downloaded data without any Wi-Fi connectivity, including during use in airplane mode. As a result, this app layer security provides safeguarding of not only data in mobile BI reports but also connection profiles such as server names, etc.

3.  Report and data security

This third and final layer usually inherits its rules from the underlying BI platform. Generally, two components make up this layer: mobile BI asset (report) vs. data content displayed on the report. The mobile BI asset component determines which specific reports or dashboards a user is allowed to see. For example, this could help to separate forecast dashboards for sales from P&L reports for finance.

On the other hand, the data content component dictates what a user will see when they access the report. For example, a sales manager who’s responsible for the U.S. operation might see only the U.S. data, whereas a manager from Europe might see only European data. The combination of asset and data security allows for the management of different mobile BI assets, and helps to serve different user groups with different needs for access and security.

Bottom line: Security is critical

Enterprise data requires the same degree of protection as other corporate assets. Mobile BI is no different. When we’re developing a mobile BI strategy, we need to consider all of the three layers of security. But we also must take into account the challenges we may face due to lack of standards and the integration of these layers at the enterprise level.

Security is critical for mobile BI because mobility offers an unmatched convenience that comes at a risk. We can’t afford to jeopardize one of our most strategic assets— enterprise data— as business transactions become ever more digital and connected. Instead, we want to use mobile BI to drive growth and profitability.

Which of the three layers of security in mobile BI do you find most challenging to manage?

[hr]

This story also appeared on the SAP Analytics Blog.