Smartphones and personal digital assistants (PDAs) are among the top growth technologies today as organizations use mobile devices to provide personnel with the information needed to make informed decisions any time, anywhere. This mobile business intelligence (BI) raises the value of mobile devices by enabling organizations to use them to deliver accurate, mission-critical performance information that is customized to personnel, where and when they need it.

Campbell

The ability to access critical business information and performance analytics on mobile devices generates smarter decision making, competitive advantage and higher productivity. It lets organizations leverage existing infrastructure investments for a lower total cost of ownership and consistent business insight as conditions change. As the delivery of business intelligence on mobile devices becomes increasingly popular among organizations, five important security guidelines must be considered:

Authentication
Authentication ensures that only users with valid passwords, IDs and related identifiers can access a system.

Mobile BI solutions should be security agnostic and  must work with an organization’s existing security model to define and maintain identifiers, such as user names, IDs, passwords, regional settings and personal preferences.

The mobile BI solutions also should support multiple user communities, including the ability to assign permission rights for users to ensure only those with the proper permission have access to specific folders, sub-folders, reports, analyses, scorecards, dashboards, shared group-based portal pages and other BI capabilities.

Ideally, mobile BI solutions should leverage your existing organizational security structure to secure all BI content, including the content used on mobile devices.

Authorization
Authorization ensures that only certain users, groups and roles can access specific data or information and can perform only certain actions on that data or information.

When setting these access permissions, organizations should leverage users and groups defined within their existing authentication providers. As with authentication, the authorization security measures that you establish apply to all of your BI content.

Safeguard Sensitive Data and Communications
Most mobile BI solutions come with an encryption mechanism for encrypting all data and communications. Only authenticated and authorized sources and users can decrypt the data, converting it back into a meaningful form that can be accessed and understood. Encryption security applies to all BI data communicated between and used on mobile devices. 

Mobile device manufacturers are acutely aware of the security issues that face users of their devices and of the need to address those issues with security geared specifically to their products.

Security for mobile devices is typically very strong and must meet stringent standards to be approved for use by NATO and governments. Security typically includes:

• Secure data transmission and encryption specific to the mobile device or mobile operating system.
• Password protection, so only authenticated people can use a device.
• Remote shut down and wiping capabilities to protect data on a device that is lost or stolen.

The system architecture for mobile devices includes a firewall-protected server that stores security and other information about each user.  This minimizes the chance of transmissions being intercepted, and it ensures that, even if a transmission is intercepted, the data is unintelligible.

Passwords: The More Complex, the Better
Passwords are used to control who can use and access data on a mobile handheld device. To maximize password protection, it is highly recommended to create a strong password that aligns with password policies for the enterprise. Strong passwords are refreshed every few months and typically mix numbers, upper and lower case letters and alpha numeric characters.

“Kill” Lost or Stolen Devices
If a device is reported lost or stolen, an administrator can prevent data stored on the device from being accessed. The administrator sends a remote “kill” command to the device, erasing all of the data on the device – including data in memory – and disabling it from further use.

If connections are disabled on a lost or stolen device, there is no ability to remotely wipe the data. “Lease key” technology addresses this challenge by ensuring data stored on mobile devices remains safe even if a device is offline and cannot be contacted by an administrator.

Lease key technology functions like a hotel key. The key is enabled for the duration, or lease, of your stay. When you check out your key is disabled, and you are unable to access the room. The room is still there, but you can’t gain access until you make appropriate arrangements – or, in the case of some mobile BI solutions, until you connect, re-authenticate, and are granted a new lease key. Consequently, BI data is even more secure on mobile devices than e-mail.

By combining the security technology that is provided within mobile BI solutions and by device manufacturers, organizations can be confident that the performance information used by their mobile workers is well protected.

Campbell is CTO, Business Intelligence and Performance Management, at IBM.