Collaboration in Mobile BI and the Need for Security
The emerging trend is to enable collaborative decision taking from within the application by providing the ability to share insights, discuss about data, seek immediate clarifications, or obtain feedback from others.
Chief Architect, Technology and Innovation Platform, SAP LabsAnand SinhaEnterprises must understand that security is important even when using collaboration features in Mobile BI applications and ensure that appropriate user-training is provided to utilize these features in an effective, yet responsible and secure fashion.
Not too long ago, Business Intelligence (BI) reports landed on the email inbox on a scheduled basis. The data could be looked at, analyzed and put into action. That’s changed now. Today, mobile business Intelligence enables analysis and action of data on the move. The emerging trend is to enable collaborative decision taking from within the application by providing the ability to share insights, discuss about data, seek immediate clarifications, or obtain feedback from others.
Different mobile business intelligence applications have varying abilities when it comes to collaborative features. While the basic functionality is to allow sharing of data with other stakeholders, some of them allow annotation of the reports so that the user can add context-specific comments to different data points. A few applications also integrate capabilities that permit a telephone, video call, or chat using instant messengers. A few others allow users to define action items for tracking purposes or create polls that allow collective decision making.
As with most features in mobile applications, the collaboration features too come with the concerns of security of information. While the application requires collaboration, security concerns demand that the underlying data is not accessible to users who do not have the right to it. Similarly, the sensitivity of data even in screen-shots must be respected and the data in transit must be protected from prying eyes.
Mobile BI applications must solve this effectively. To ensure that only the appropriate people access the data, the application must not attach the report data in an email, but continue to keep the data in BI system and send only a hyperlink to access the report data. Certain software send a couple of links when sharing a report – one link that opens the report inside the BI application on a mobile device, and another that opens the same report on a desktop. In both cases, users are authenticated before they access the report data.
When sharing a screenshot through the BI Application for collaborative discussions, users must be allowed to smudge certain sensitive parts of the report and crop out certain unnecessary parts. The application must also facilitate the adding of a watermark to the screenshot before sharing. These steps allow the users to visually secure the screenshot based on the collaboration goals. For example, a person in HR department may blur out the personnel’s names and ID’s before sharing a screenshot of a report that shows individual salaries. Some BI applications enforce a white-list of email addresses with whom the report screenshots can be shared.
Since the discussions around a report may be highly confidential, Mobile BI applications gain by utilizing an existing collaboration platform rather than creating their own. These platforms expect the users to be authenticated before the discussions can be retrieved and viewed.
There are a few ways to protect the data on the wire. First is to ensure that only enterprise-grade email client is used when sending emails. If a hyperlink is being shared, the application must prefer using an HTTPS link rather than an HTTP link. An alternate approach used by some BI applications to meet the security needs, is not to send any information over email, but post it directly to a secure portal where collaboration takes place.
Enterprises must understand that security is important even when using collaboration features in Mobile BI applications and ensure that appropriate user-training is provided to utilize these features in an effective, yet responsible and secure fashion.
Change your department’s goalposts now or you might have to deal with someone changing them for you.
Microsoft Technical Fellow Mark Russinovich recently caused a stir by telling a crowd of geeks at ChefConf that an open-source Windows "is definitely possible."
Underscoring the seriousness of recent cyber-attacks, the Obama Administration is seeking to establish cybersecurity standards and enact new federal laws to cover cybercrimes. The common thread throughout these recent announcements has been the importance of collaboration among business and government sectors to stop cyber-attacks and strengthen national security. However, it remains to be seen which of these proposals, if any, will be enacted into law. It is equally uncertain whether the protections afforded to the business community will satisfy businesses, or take into account the practical issues that they face every day.
Putting in place a regulatory framework for App developers is no solution. TRAI should mandate Net neutrality.