Collaboration in Mobile BI and the Need for Security
The emerging trend is to enable collaborative decision taking from within the application by providing the ability to share insights, discuss about data, seek immediate clarifications, or obtain feedback from others.
Chief Architect, Technology and Innovation Platform, SAP LabsAnand SinhaEnterprises must understand that security is important even when using collaboration features in Mobile BI applications and ensure that appropriate user-training is provided to utilize these features in an effective, yet responsible and secure fashion.
Not too long ago, Business Intelligence (BI) reports landed on the email inbox on a scheduled basis. The data could be looked at, analyzed and put into action. That’s changed now. Today, mobile business Intelligence enables analysis and action of data on the move. The emerging trend is to enable collaborative decision taking from within the application by providing the ability to share insights, discuss about data, seek immediate clarifications, or obtain feedback from others.
Different mobile business intelligence applications have varying abilities when it comes to collaborative features. While the basic functionality is to allow sharing of data with other stakeholders, some of them allow annotation of the reports so that the user can add context-specific comments to different data points. A few applications also integrate capabilities that permit a telephone, video call, or chat using instant messengers. A few others allow users to define action items for tracking purposes or create polls that allow collective decision making.
As with most features in mobile applications, the collaboration features too come with the concerns of security of information. While the application requires collaboration, security concerns demand that the underlying data is not accessible to users who do not have the right to it. Similarly, the sensitivity of data even in screen-shots must be respected and the data in transit must be protected from prying eyes.
Mobile BI applications must solve this effectively. To ensure that only the appropriate people access the data, the application must not attach the report data in an email, but continue to keep the data in BI system and send only a hyperlink to access the report data. Certain software send a couple of links when sharing a report – one link that opens the report inside the BI application on a mobile device, and another that opens the same report on a desktop. In both cases, users are authenticated before they access the report data.
When sharing a screenshot through the BI Application for collaborative discussions, users must be allowed to smudge certain sensitive parts of the report and crop out certain unnecessary parts. The application must also facilitate the adding of a watermark to the screenshot before sharing. These steps allow the users to visually secure the screenshot based on the collaboration goals. For example, a person in HR department may blur out the personnel’s names and ID’s before sharing a screenshot of a report that shows individual salaries. Some BI applications enforce a white-list of email addresses with whom the report screenshots can be shared.
Since the discussions around a report may be highly confidential, Mobile BI applications gain by utilizing an existing collaboration platform rather than creating their own. These platforms expect the users to be authenticated before the discussions can be retrieved and viewed.
There are a few ways to protect the data on the wire. First is to ensure that only enterprise-grade email client is used when sending emails. If a hyperlink is being shared, the application must prefer using an HTTPS link rather than an HTTP link. An alternate approach used by some BI applications to meet the security needs, is not to send any information over email, but post it directly to a secure portal where collaboration takes place.
Enterprises must understand that security is important even when using collaboration features in Mobile BI applications and ensure that appropriate user-training is provided to utilize these features in an effective, yet responsible and secure fashion.
Many CIOs are still hesitant to deploy a DCIM solution for their enterprise datacenters because they find it difficult to determine the ROI on it. However, those who have gone for a DCIM solution felt that it met or exceeded their ROI expectations.
While passwords are a cost effective security measure, they are not under the control of the organisations unlike many other security control. 2015 might see enterprises switching to two step authentication and non standard security methods like biometrics.
No chief information security officer has ability to stop all attacks all the time.
Not that long ago, every PC could read and write CDs and DVDs. Not anymore.