Data and privacy security in this age of mobile devices has been called impossible by some, and extremely challenging by others. For enterprises, the heart of the matter comes down to securing things that need to be secure, while at the same time realizing the unprecedented advances in speed, flexibility and transparency offered by mobile devices. Since many of the new mobile devices run on Apple’s iOS, accommodating these non-Microsoft upstarts in enterprises running on Microsoft-reliant products, adds a level of complexity.
There are however, a number of vendors who are offering solutions for iOS digital security and identity management to allow users to use internal applications. Here are three.
Becoming available on March 31 is MobiLINK from Route1 Inc. The company says it solves the challenge of securely delivering internal applications to mobile users. Available for download from the Apple App Store, MobiLINK is an authentication and secure connection technology that enables remote users to securely access internal applications using a device running iOS, including iPad, iPad Mini, iPhone, and iPod touch devices.
“MobiLINK is in direct response to feedback we have received from current and prospective clients when discussing their mobility and security requirements,” said Tony Busseri, CEO of Route1. “MobiLINK is Route1’s first technology offering that decouples our authentication capability from our remote access protocol.”
The product uses the MobiNET, Route1’s universal identity management and service delivery platform to reliably connect remote users to their workspace from any location in the world. This is NOT a VPN-based technology and does not create additional nodes on the enterprise network or open the application to the outside world. To use MobiLINK 1.0, the enterprise needs to host their own browser-based accessible application(s), and permit incoming HTTPS (mutually authenticated TLS 1.1) connections into the demilitarized zone (DMZ).
Dell’s SonicWall™ Mobile Connect provides “network-level access to corporate, academic and government resources over encrypted SSL VPN.” Dell says it’s the only vendor providing solutions delivering full malware scanning of the SSL-encrypted traffic, application control and jailbreak detection for iOS devices.
Administrators can pre-configure user-downloaded web, remote desktop and virtual network computing bookmarks and web links upon authentication. Mobile Connect includes URL control, so customized applications requiring VPN tunnels can automatically launch the app. Once deployed, Mobile Connect sets up what Dell calls a Clean VPN™ that detects and eliminates threats before they reach the network.
F5′s Big-IP Edge apps come as a pair — a portal app and a client app. Using these requires the company to have its applications behind F5′s Access Policy Manager, Gateway and SSL VPN. The portal app lets administrators control mobile access to web resources without the risk of having unmanaged and unknown devices hooking up to the network. Users can still sync up. Administrators can also create and manage access control lists, channel groups of users to particular paths and push policies to the clients.
Trusted device clients can create encrypted and optimized VPN tunnels to the company’s network so they can run enterprise apps. Users can initiate their own VPN or it can be automatically triggered based on domain and pattern matching. F5′s gateway controller optimizes the traffic and applies acceleration to manage high latency problems wherever the client might be. The company says this provides “LAN-like performance even when users are mobile.”
Users of Autodesk® Revit and Trimble® SketchUp have a new option when it comes to collaboration on design documents. REVIZTO lets all parties to a project work in real time using 3D technology, without having to deploy and learn new software programs. Basically you buy add-ins for either Autodesk or Sketch Up that allow you to convert a BIM model into a Visual Information Model, or VIM. Upload the result to the cloud and let the collaboration begin.
The Autodesk add-in costs $400 while the one for Sketchup, called a Lite version, costs $50. The Viewer that connects everyone to the cloud VIM is free.
VIZERRA®, introduces the interactive 3D platform, at Autodesk University, Nov. 27-29, 2012 at Mandalay Bay, Las Vegas.
“Collaboration has been a challenge in the AEC sector, as a project’s complex data and various plans have traditionally been controlled and managed by only one source at a time,” said Arman Gukasyan, chief executive officer at VIZERRA. “This has made it difficult to anticipate and avoid complications as they arise — not to mention the tedious, time-consuming process of different parties incorporating individual data into the overall plan. REVIZTO allows AEC professionals to share and update dataquickly and easily, and clearly present their vision of the cohesive project to the client.”
REVIZTO’s development came to fruition over the past five years, while VIZERRA was providing software as a service to worldwide projects, such as Barcelona, Spain’s city planning and the Sochi 2014 Winter Olympics. VIZERRA saw the need for an easy collaboration tool to connect all associated parties with the project, including non-AEC decision makers.
“For owners and other stakeholders, it can be hard to visualize a project’s many layers without having to learn and install complicated software – especially for those halfway across the world who do not have a strong designer background,” said Gukasyan. “REVIZTO makes it possible for the AEC professional to visually convey the project to stakeholders in a way that will make all parties happy.”
For more information or to purchase REVIZTO, visit www.revizto.com.
The number of personally-owned mobile devices that are showing up in the workplace continues to pose challenges for companies of all sizes. From basic security concerns to concerns about the compromise of intellectual property, the risks are not trivial matters. A 2011 study found that nearly half of all devices connecting to business applications were consumer-owned. That was a 10 percent increase over the previous year. The push is not only coming from the bottom up. By 2014, Gartner predicts 90 percent of organizations will allow personal devices and corporate applications to merrily coexist.
While network access control, or NAC, has been widely deployed, the newer kid on the block for managing mobile devices in the workplace is MDM, or mobile device management software. Not only is MDM use on the rise, but it is moving to the cloud, and it is being combined with NAC. As of June 2012, Gartner reported that 85 percent of MDM product buys were being used in-house on companies’ own servers, but the shift to the cloud was picking up because of how quickly users can be accommodated when using MDM in the cloud. The sale of MDM products is expected to grow between 15 and 20 percent each year for the next several years while sales of NAC products are expected to increase 10 percent during 2012.
According to an Osterman Research survey, nearly 70 percent of those firms going to a cloud MDM solution are doing so to get simpler administration and maintenance. Nearly 40 percent expect lower costs and 21 percent are doing it to avoid using their IT staff for mobile device management. While an MDM solution by itself may work for many companies, there are others that may need to incorporate NAC.
At its core, NAC is network-centered. When a mobile device tries to connect to the network the NAC software goes into action validating the device, its security scheme, and even the user. If all checks out, that is, it meets the established security requirements of the network, then the device is allowed to connect. Otherwise, it can’t.
MDM is device-centered. The MDM product installs client software on the devices that allow automatic and administrator control of them. The MDM solution keeps track of the devices and knows how many there are, where they are, and what they are. It automatically takes care of application updates and ensures the device data is encrypted. Because MDM solutions are device specific they, in effect, extend control of the devices beyond the walls of the organization. For example, if a device is lost or stolen, it can be remotely locked, or, its data can be wiped.
One reason NAC is being wedded to MDM is because it secures more than mobile devices. It also handles, PCs, printers, scanners, security cameras and anything else that needs to use, or be connected to the network. So, in the NAC/MDM world, NAC takes care of the network, including mobile device connectivity and conformance, while MDM extends the organization’s reach beyond its network and four walls, making it possible to protect organizational interests should the device become lost, stolen or compromised.
While owners of the personal mobile devices may not be enthused about the company having this level of control over them, the reality is that most will probably never know unless they read the fine print in their agreement with the organization that spells out the details of the relationship between their device and the organization’s network.
Some industry watchers say MDM is not handling Android well yet and that the industry will remain fragmented through 2015. In the meantime there is no shortage of vendors and options. Some leaders in MDM include MobileIron, AirWatch, Fiberlink and Zenprise, according to Gartner. In fact, Fiberlink recently announced a partnership with ForeScout where the two will be providing a cloud-based, NAC/MDM solution, which could be a harbinger of many more of these types of marriages to come.
Sources for this article:
If you’ve been wondering just how you were going to spread your construction business throughout the cloud with connections to key onsite IT infrastructure, and achieve iteroperability, the answer may be coming sooner than anticipated. The one-year-old Open Data Center Alliance is turning the collective heads of cloud vendors as it impresses upon them the need for interoperability.
The organization describes itself as:
global IT leaders developing a unified vision for long-term requirements for the cloud – particularly focused on secure cloud federation, automation of cloud infrastructure, common management, and transparency of cloud service delivery.
The alliance has 280 members including many familiar names such as BMW, Marriott, Hewlett Packard and CA Technologies. One of the recently announced initiatives brings together the ODCA and the Distributed Management Task Force to focus on interoperability and ease of use in reining in the most pressing issue hampering widespread cloud adoption these days — the need for a single view of all cloud resources. Here’s how the press release describes the anticipated advances.
The collaborative work of these organizations will initially foster transparent management of virtual machines regardless of virtual machine manager or data center location and is expected to create a simplified path to cloud workload migration. With virtual machine management estimated to represent 60% of the IT overhead of a physical server, simplified management across enterprise and public cloud implementations represents a major opportunity for increased operational efficiency.
A key aspect of the collaboration is to specify solutions for interoperable management of virtual machines regardless of data center location. So, your land-based enterprise systems will blend seamlessly and securely with your cloud efforts – someday soon, hopefully. Results from the collaboration are expected early in 2012.
Online planrooms were one of the early AEC industry cloud offerings and it appears they’re still going strong. Early on they were an easy way to distribute documents and today they make it very easy to access files using any mobile platform. Some even have on-screen measurement and markup abilities. Pricing on these planrooms is all over the map but many have free versions that simply limit the amount of storage and charge add-on fees for more storage space and items such as scanning or printing.
There seems to be a gradual creep in features as seen for example with Buzzsaw from Autodesk. The company offered this originally as an application service provider, (ASP), but today refers to it as a SaaS, (software as a service), and includes many more features than simple document management. One reason for that is the close marriage between its CAD offerings and Buzzsaw, allowing users to share sophisticated BIM models without having to own expensive software. It also has integrated design review where people can markup and annotate plans, and version control features that keep everybody on the same page. Then too, there are functions that would be difficult to find in other offerings that aren’t tied to a company that makes CAD software. One of those is the capability to limit the particular layers and cross references to only those portions of the CAD drawing that a user would need.
Ideal.com offers its planroom as a “complete custom solution for project management” with the application hosted on its servers where you only pay for the space you use, or as a dedicated application running in your own data center, or in theirs. The dedicated option eliminates storage charges and makes the application fully customizable. The company also offers a cloud solution that includes document management, workflow automation, collaboration, compliance and certification using a “workbasket” approach. All relevant documents get assigned to a job workbasket and then the basket makes its way through the business processes with people interacting with the documents as necessary. As with Buzzsaw, Ideal is bringing a wider range of options to the planroom than simply making plans available to interested stakeholders and subcontractors.
Keep in mind there are companies that are more narrowly specializing in the planroom and document management process. ContractorsPlanRoom has been around since 2001 and it is a completely SaaS offering so there is no software to buy or host. It has a free plan with a limit of 250 MB of storage with other plans that increase functionality such a adding on screen measuring and markup capability. Planroom Direct becomes the repository for bid documents making those documents available for viewing printing and saving by those you select to have those privileges. Bidcenter Online Planroom takes the next step and allows people to actually submit bids based on the plans you upload. DC Reprographics also focuses on the bidding process and document distribution but it adds the option for people to order plan sets by leaving a deposit or by outright purchase.
The one thing troubling about planrooms today is they continue the same old silo effect that construction has dealt with for years. Even though they are cloud-based they still force users into proprietary spaces. For the issuer of the plans that is not a big deal because everyone will need to visit their little cloud space to view or get the documents. But what about the subcontractor who works for five different general contractors? The firm is left potentially having to navigate five different planrooms, interact with five different approaches to the online user interface and deal with five different levels of functionality.
What the AEC industry needs is NOT more silos, but fewer of them. A contractor, architect, engineer or subcontractor should only need to visit one cloud planroom to work with all projects. The cloud actually offers that functionality through interoperability standards. Now, if we could just get the silo builders to understand that, the true promise of increased efficiency offered by technology might come one step closer to being realized for the AEC industries.