Collaboration in Mobile BI and the Need for Security
The emerging trend is to enable collaborative decision taking from within the application by providing the ability to share insights, discuss about data, seek immediate clarifications, or obtain feedback from others.
Chief Architect, Technology and Innovation Platform, SAP LabsAnand SinhaEnterprises must understand that security is important even when using collaboration features in Mobile BI applications and ensure that appropriate user-training is provided to utilize these features in an effective, yet responsible and secure fashion.
Not too long ago, Business Intelligence (BI) reports landed on the email inbox on a scheduled basis. The data could be looked at, analyzed and put into action. That’s changed now. Today, mobile business Intelligence enables analysis and action of data on the move. The emerging trend is to enable collaborative decision taking from within the application by providing the ability to share insights, discuss about data, seek immediate clarifications, or obtain feedback from others.
Different mobile business intelligence applications have varying abilities when it comes to collaborative features. While the basic functionality is to allow sharing of data with other stakeholders, some of them allow annotation of the reports so that the user can add context-specific comments to different data points. A few applications also integrate capabilities that permit a telephone, video call, or chat using instant messengers. A few others allow users to define action items for tracking purposes or create polls that allow collective decision making.
As with most features in mobile applications, the collaboration features too come with the concerns of security of information. While the application requires collaboration, security concerns demand that the underlying data is not accessible to users who do not have the right to it. Similarly, the sensitivity of data even in screen-shots must be respected and the data in transit must be protected from prying eyes.
Mobile BI applications must solve this effectively. To ensure that only the appropriate people access the data, the application must not attach the report data in an email, but continue to keep the data in BI system and send only a hyperlink to access the report data. Certain software send a couple of links when sharing a report – one link that opens the report inside the BI application on a mobile device, and another that opens the same report on a desktop. In both cases, users are authenticated before they access the report data.
When sharing a screenshot through the BI Application for collaborative discussions, users must be allowed to smudge certain sensitive parts of the report and crop out certain unnecessary parts. The application must also facilitate the adding of a watermark to the screenshot before sharing. These steps allow the users to visually secure the screenshot based on the collaboration goals. For example, a person in HR department may blur out the personnel’s names and ID’s before sharing a screenshot of a report that shows individual salaries. Some BI applications enforce a white-list of email addresses with whom the report screenshots can be shared.
Since the discussions around a report may be highly confidential, Mobile BI applications gain by utilizing an existing collaboration platform rather than creating their own. These platforms expect the users to be authenticated before the discussions can be retrieved and viewed.
There are a few ways to protect the data on the wire. First is to ensure that only enterprise-grade email client is used when sending emails. If a hyperlink is being shared, the application must prefer using an HTTPS link rather than an HTTP link. An alternate approach used by some BI applications to meet the security needs, is not to send any information over email, but post it directly to a secure portal where collaboration takes place.
Enterprises must understand that security is important even when using collaboration features in Mobile BI applications and ensure that appropriate user-training is provided to utilize these features in an effective, yet responsible and secure fashion.
Cisco believes there will be 50 billion devices connected to the internet by 2050 (more than five per person).
Last June, Wisegate, a crowd sourced IT research company, surveyed hundreds of its senior-level IT professional members to assess the current state of security risks and controls in business today. The respondents considered malware and breaches of sensitive data to be the primary security risks/threats, followed by malicious outsider risk.
Once created to provide many things--including security--open source is today responsible for many bugs. Enterprises should be cautious about using it for mission-critical tasks.
In recent times, a fifth domain has emerged in addition to the four traditional war domains, land, sea, air and space--cyberspace.