Thursday, December 21, 2017

Securing and managing mobile apps

Developers can build secure mobile apps, and IT managers can feel confident by securely managing mobile apps and devices in an enterprise “Bring Your Own Device” (BYOD) environment, along with their desktop infrastructure.

Securing mobile apps
With the range of possible mobile app technologies and the mobile back ends, Microsoft provides recommendations and solutions for developers creating their mobile app strategy. This ranges from
components to create mobile apps that securely manage data (such as data encryption) or to provide
authentication of the user (like single sign-on with Microsoft Azure Active Directory), to the ability for IT managers to securely manage the deployment of apps and devices in a corporate environment. It extends through Mobile Application Management (MAM)/Mobile Device Management (MDM)
capabilities with Microsoft Intune and Microsoft Enterprise Mobility.

There are many security considerations to take into account in a mobile app strategy that cover
application scenarios, IT, and developer scenarios.

 User identity, single sign-on (SSO), authorization and authentication Using Azure App Service and the SDKs, developers can authenticate users through a number of means such as Active Directory, Azure Active Directory for SSO support, or other social sign-in systems, such as Twitter, Facebook, and Google. It includes more fine-grained or higher levels of security through multifactor authentication (MFA) and role-based access to APIs. Azure App Service provides developers with a simple authentication process to handle the management of tokens and to facilitate federated authentication across enterprise back-end systems and SaaS providers.

 Back-end API management You can use Azure API Management to drive API consumption among internal teams, partners, and developers while benefiting from the business and operational insights available in the Azure portal. API Management gives you the tools you need for end-to-end API management—provisioning user roles; creating usage plans and quotas; applying policies for transforming payloads; and setting up throttling, analytics, monitoring, and alerts.

 Data at rest (local encryption) or in motion (communication) Azure Mobile App SDK provides the means to securely encrypt data stored locally on the device during offline/online scenarios, but developers can also make use of SDKs, Cordova plug-ins, and more for specific app scenarios, with and without Azure SDKs.

 Tamper and malware detection Microsoft Antimalware for Azure Cloud Services and Virtual Machines is a real-time protection capability that helps identify and remove viruses, spyware, and
other malicious software, with configurable alerts when known malicious or unwanted software
attempts to install itself or run on your Azure systems.

 Keys, certificates, and secrets Azure Key Vault helps safeguard cryptographic keys and secrets used by cloud applications and services. By using Key Vault, you can encrypt keys and secrets (such as authentication keys, storage account keys, data encryption keys, .PFX files, and passwords) by using keys that are protected by hardware security modules (HSMs). Key Vault streamlines the key management process and enables you to maintain control of keys that access and encrypt your data.

 Application and device management (MAM/MDM) With the increasing volume and diversity
of both BYOD and corporate-owned devices being used in organizations today, a growing challenge for IT departments is keeping corporate information secure. Microsoft MAM and MDM solutions based on Microsoft Intune help minimize this complexity by offering management capabilities both on-premises and in the cloud, all from a single console.

Source Of Information : Microsoft Platform and Tools for Mobile App Development

No comments: