Next: Part I, Session I
DID YOU KNOW YOU COULD HAVE A NOKIA LUMIA 800 TO TEST YOUR APPS
In January of 2002 Bill Gates introduced Trustworthy Computing to Microsoft and in doing so redefined the whole process of writing software throughout the company. Since then Microsoft has been recognized for its strong commitment to building software that is secure by design and secure by default. Windows Phone is not exception to this. This series is an expression of that commitment to help you understand the process of building secure government LOB applications for the Windows Phone platform.
This series is intended as a guide for writing secure Line of Business (LOB) applications for the Windows Phone 7 (WP7) platform. It includes guidance for both WP 7.0 and WP 7.1 release.
While this series is not intended as a comprehensive security solution to every development scenario, it addresses the major security features included in the WP7 platform (7.0 and 7.1 release) and shows how (and to what extent) they can be used to write secure LOB applications.
The initial release of the Windows Phone platform, i.e. the WP 7.0 OS is designed primarily as a consumer device therefore may not include some key Security features that would be required in an Enterprise platform. In fact, many Enterprise relevant features that were available in the Windows Mobile 6.x platform are not available in Windows Phone 7. In the WP 7.1 release (code-named Mango), some new features have been added so as to help developers in creating better and more secure applications.
Mobile devices and software offer potential benefits to the enterprise, including lower operating costs and greater productivity. However, deploying mobile enterprise solutions expose new risks to the enterprise and therefore Security should be a priority. The following illustration shows possible security threats to a corporate network that supports mobile devices. This guide focuses on the Security challenges and recommended Security best practices to develop more secure line of business enterprise applications for Windows Phone platform.
Reference: Security Risks in the Mobile Enterprise - http://technet.microsoft.com/en-us/library/cc182262.aspx
2– INTENDED AUDIENCE AND SERIES STRUCTURE
This guidance is primarily aimed towards– software designers, architects, developers and testers, who design, build and deploy enterprise mobile solutions. This guidance will cover Windows Phone 7 (7.0 and 7.1 release) as the platform for developing LOB applications. The document is targeted, primarily, at developers writing applications using the Silverlight for Windows Phone and .NET Compact Framework-based development platform on Windows Phone 7.
The rest of the series is organized as follows:
WP7 Features Summary:
WP7 Security Guidelines and Best Practices:
Based on the above, subsequent posts will cover:
I hope you find these series useful and that it will help you build more secure government Line-Of-Business (LOB) applications in the future.
Based on work from Manish Prabhu, Sameer Saran, Don Willits, and Dharmesh Mehta.
PLEASE DON’T FORGET TO CHECK OUT THE FREE RESOURCES BELOW
G E T F-R-E-E Phone: Tools, Devices Cloud: Tools, Account Client: WebMatrix Resources: Infokit Apps Ideas: Ideas
Hey, would a series on Building Secure GOV-LOB WP Apps be something of interest to you ??? Let
Lack of VPN was the first thing I noticed when I started using my WP7. I cannot understand how we can use the phone in corporate network when there is no VPN... Here are some of scenarios that explain why I(a sales analyst for a company with more than 10000 employees) need VPN support :
1- I receive an email from my manager to provide him some sales figures. I cannot connect to our web based business intelligence system to get the number because it's behind corporate firewall and the only way to access it is through VPN
2- I receve an email from one of our sales reps to check status of one of sales orders. The data is in an excel file. Excel files are huge (20M-100M) and they are saved in the shared drive in corporate network. I need VPN to connect to my desktop and open the file and answer the email.
Great first article on Security! Keep them coming... can't wait for the others!
1) The team is fully aware of features that were part of WM6.x and are not in Windows Phone. I cannot speculate as to what the future holds.
2) If your enterprise uses SharePoint you could make arrangements for creating a document library that is accessible from Windows Phone. In such scenario you could not only view documents but actually change them and save them back to SharePoint.
@Llenroc - thanks for the feedback... it is a comprehensive series wiht a log of relevant detail! enjoy it!
@Joelcitizen: Thanks for your reply... I hope we see these security features on WP very soon.