Milja Gillespie is the Director of Product Marketing for SAP Mobile Security. I met her on the show floor at TechEd where she was explaining mobile security to a crowd of SAPers eager to try everything out on the iPads provided for them. She agreed to take a break and talk to me about SAP’s latest announcements in the world of mobile security and what they mean.

Tell me about the big mobile announcements.

What we actually announced this morning [10/22/13] were some pretty significant enhancements to the SAP Mobile portfolio. So, we have three key products as a part of this portfolio around managing and securing devices, apps, and content. With each of these three technologies we’ve done significant enhancements that we just announced. The first one is around securing devices. We just announced support for – this is the SAP Afaria product – Samsung Knox. This is something a lot of customers have been asking for. Knox is a container-based dual persona-type device and we can now manage about one hundred and eighty features within that capability and support for iOS 7 and all their new MDM capabilities that Apple released September 10^th.

The second area is our mobile app protection by Mocana solution. That is one of my personal favorites. It’s all about app wrapping and adding added security layers into a mobile app. So, whether you built the app or your partner built the app, SAP built the app, anyone – if you had an intern in the summer build an app – you can actually inject code directly into the app, any app, to add very, very deep security to it. What we announced today was the availability of that product in the Cloud and a secure mobile browser, which is another thing a lot of our customers are interested in. We’ve been able to secure apps, native apps, but now we can actually secure web apps. So, you have a browser – if you have a web page or an intranet site or anything, you can force that to open in the secure browser and add capabilities like FIPS compliance, hugely important to a vast number of our customers in highly regulated industries and in the public sector.

And the third announcement is a lot is SAP Mobile Documents, which is our mobile content management solution and we released a number of enhancements to that technology, a very nice user interface both for iPhone and for Android and added Enterprise connectors to be able to access any corporate content management systems from a mobile device. So, that’s it in a nutshell. That’s a lot of enhancements there all rolled into one.

What added functionality does the Mocana Solution provide?

“What we have is a mobile app protection solution. There is a console you basically go to via a website – sapmobilesecure.com. You go there and you can either upload a native app and add the security capabilities to it or you can use the secure browser that is already provided, kind of like a default app that is already up there. And then what you can do is add fourteen different security policies to that app. So, there is a whole number of different policies. You can add AES 256-bit encryption. You could add geolocation. So, for example, that browser could only be opened within the Venetian Hotel or within a Starbucks location or within a hospital, you know, the four walls of a hospital. So, you can restrict access to the browser, or any app, geographically. You could also add additional password requirements. There is basically a whole list of fourteen different policies that can be added to that browser and then you basically target the web page to only open in that browser to guarantee that the access to everything in that browser is secure. It’s a browser. Just exactly the same as any other HTML.

You go to this console, you apply the policies to the browser or any other native app and then you download the app or browser and then you deploy it to the device. You still have to get it to the device somehow, but it’s just like you would see Safari on your iPhone. It’s just a different name for a different browser. We call it Secure Mobile Browser.

In the light of Apple’s iOS 7 and its security capabilities, what makes the Mocana Solution a technology worth watching?

Since Apple announced iOS 7, we get asked a lot ‘Is this technology still necessary?’ – the app wrapping as a concept with iOS 7. iOS 7 added VPN, per app VPN, and added a few security features. So, we constantly get called and told ‘Oh, Apple’s added all this stuff do we still need it [app wrapping?] And the answer is: absolutely yes. Apple has added some kind of introductory capabilities that sound the same on paper, but if you get into the deep, when you look at it really technically, the security capabilities provided by the Mocana solution are just much, much more deep and from a company that has ten years of security expertise and does this stuff very, very well. So, that’s one thing.

Probably the most important one [difference between the Mocana Solution and iOS 7] is, for apple, in order to use any of their added security features you have to have an MDM, mobile device management, relationship with the device. So, if you’re an employee of SAP, or any company, you typically have a mobile device client on the device, which is what you’re using to secure your password and your app management, etc. So, you have to have an MDM relationship. With the Mocana Solution, you don’t. So, that really ideal for non-bade carrying employees, so me as an SAP employee, I can have MDM, I can have any relationship; its fine. But, if I’m a contractor, or a partner, or a distributer, or a reseller or someone in my partner ecosystem, a contractor who might only work for me part time – you can’t have an MDM relationship with that person because they don’t work for your company. So with this technology you can wrap and secure just the application, just the app, and not have to worry about MDM. That’s a big deal.

But the Mocana Solution is more than just a way to bring contractors in, right?

Yes and more. There are a lot of very deep security requirements. One of the biggest reasons we partner with Mocana overall is for FIPS compliance. So, I think I mentioned earlier, SAP’s customers are very big in the public sector, care a lot about security and if you want any SAP mobile apps, they say ‘Are they FIPS compliant?’ and there was typically ‘well no,’ but now with Mocana we can wrap that app and add FIPS compliance to anything and then it can be deployed for government use, which is fantastic.

Anything in financial services, retail, healthcare or anyone who’s got sensitive data, this is the exact solution that they’re looking for.  We have a lot of people interested.

Jessica Sirkin

Jessica Sirkin is the managing editor of the IT and Mobile hubs of SAPexperts.  She comes to SAPexperts after being a reporter on big data and business intelligence.  She received a B.A. in English and writing from Bard College.  Send her an email or follow her on twitter @JessicaSirkin.

If you have comments about this article or publication, or would like to submit an article idea, please contact the editor.