Top Three Challenges for the Beginner Enterprise Mobile Application Developer

May 15th, 2013

Enterprises have started adopting mobile technologies as desktop solutions or web applications do not satisfy the needs of enterprises anymore. Majority of employees in large organizations are taking their own devices to work, and their IT teams are charged to find a way to set up and implement smart BYOD standards.

Although there are several obstacles to enterprise adoption of mobile apps, the need of the employees forces enterprises to opt for mobile solutions. The post-PC future envisioned by Steve Jobs is knocking at our door, and mobility solutions are the need of the hour. So, if you are a mobile developer, you will, sooner rather than later, work on mobile apps for enterprises.

Most mobile developers are used to creating apps for the app stores. But when you work on internal mobile apps for large businesses, all that you have learned earlier will not be of much use. The needs of every single enterprise will differ, and you will have to put on your thinking hat and find solutions to their specific concerns.

There are several challenges that will make developing that first app difficult:

Multi-platform Compatibility

This should not be your headache, but it will become at some point. While some enterprises will let its employees use only one mobile platform, most use multiple platforms. If the company has implemented BYOD, you may need to create an app for a vast array of devices and mobile operating systems.

As a mobile development company providing the services, you need to analyze and decide the approach: is it worth the time to create separate versions of the app for different operating systems, or should you use HTML to create native apps? When you consider that most enterprise mobile apps will be more complicated than the projects you usually handle, you may get an anxiety attack.

Back-end Integration

Most business organizations already have a complex IT infrastructure. The mobile applications that you are building for them are just an icing on their cakes. Most of the times, your app is not replacing any back-end system – it is simply augmenting the existing infrastructure by providing mobility. This will require complex cross-platform coding and an in-depth understanding of the client’s business processes.

Mobile developers who do not possess domain knowledge will face a very steep learning curve. Not only will you need expertise in a different sort of programming, but you will also have to spend more time understanding the client’s existing IT infrastructure.

Crazy Deadlines

Developing desktop or web apps for enterprises is a long-term process: software developers take months or years to create one large-scale enterprise app. But if you are creating a mobile app, people expect you to get it done within a few weeks. Most mobile developers, however, will need to spend a lot of time understanding the client’s requirements and conceptualizing an app that can provide the perfect solution.

Add development and integration to it, and you will realize that you need a lot of time. Collaboration with the client’s IT team and other project stakeholders may also be necessary. The only way you can cope with the workload is by using agile methodologies. And if it is your first time, you are going to have a wild time!

To wrap it up

Platform-compatibility, back-end integration and difficult deadlines are just the major challenges you will face. Finding out ways to secure the app, helping the client deploy it and testing the app will also take a lot of focus, effort and expertise. Best of luck!

Author’s Bio

My name is Ryan Benson and I work for PLAVEB, a leading mobile application development company. I’ve been involved with enterprise mobile app development for a long time, and I’m into finding ways to create innovative and secure enterprise apps using the simplest methods.

Posted in Guest Posts | No Comments »

What Is a Client Side Certificate?

April 25th, 2013

A client side certificate is a certificate you use to establish your server to the client.  This is the best way for the server to “know” exactly who is connecting to it.  It works a lot like having a username and a password on your server but without having to interact with the user.  This certificate is used when the client must be known without having to enter a username and password.

These certificates are quite useful as far as the security of your network.  They are created on the Internet server on your computer and can be requested by the client’s computer.  That way, the security of your network is a lot stronger. The client will know that all the information they have sent to your computer is secured with a digital signature provided by the host domain server.

It is very important that you know how to create the client certificate on your computer.  There are several steps in this process:

1. Click on the windows “start” button and select the “settings” button.  Once you are inside of this menu, select the “control panel”.

2. Click twice on the “administrative tasks” icon.

3. Click twice on the Internet information service icon.

4. Right-click on the web server virtual directory and select “properties”.

5. Click on the “directory security tab”.

6. Click on the “edit” button.  This is going to be found in the secure communications section.

7. Check the box that says “require secure channel”.  This will allow all of the requirements for security when the user is trying to access the directory.

8. Click on the “require client certificates” button.  You will also need to check on the “enable client certificate mapping” button.

9. Click on the “edit” button.

10. Select on the “many to 1″ tab.

11. Click on the “add” button.  In the new window that is going to appear, enter a name for the new rule.  This rule is the one encrypted so that it is secure to use.  You can click on the “next” button once you have entered the name.

12. Make sure to enter the name of the organization and click on the “OK” button.

13. Click on the “accept this certificate”.  This needs to be done when the mapping windows appears.

14. Click on the “finish button”.

15. Click on the OK button and close out the window.  These are the top fifteen steps to creating client side certificates on the Internet Information Service console after which you need to test out your configuration.

There are three main steps in testing out your configuration:

1. Open up your Internet browser.  This is how you will navigate inside of your Web directory which is now very secure.  Check the web address to see what it looks like.  It should be similar to this: https://localhost/mySecurityDirectory/mySecurePage.aspx.

2. Make sure you receive a message that says your secure certificate was validated as the certificate must communicate with the application.  The application is then displayed to the user.

3. Close out the Internet browser.

All of these steps together are necessary to ensure your Internet browser is very secure for your clients. Thus, follow each one of these steps very carefully as if you miss one, then probably it will not work properly.

 

Posted in WebSitePulse News | No Comments »

What Is Ping Test?

April 18th, 2013

 is a networking utility program or a tool to test if a particular host is reachable. It is a diagnostic that checks if your computer is connected to a server. Ping, a term taken from the echo location of a submarine, sends data packet to a server and if it receives a data packet back, then you have a connection. The term “ping” can refer to the time it takes for a data packet to travel round-trip. It means “get the attention of” or “check the presence of”. In a computer network, a ping test is a way of sending messages from a computer to another. Aside from checking if the computer is connected to a network, ping also gives indicators of the reliability and general speed of the connection.

Ping Test

A ping test is a method of checking if the computer is connected to a network. It also determines the latency or delay between two computers. It is used to ensure that a host computer which your computer tries to access is operating. A ping test is run for troubleshooting to know connectivity as well as response time.

Ping Execution

Microsoft (MS) Windows has a ping utility with it to run a ping test. It also has other utilities available for free web downloads. To do a ping test, just identify the website, remote server or computer by its IP address or name. It gives you an output confirming which connection is successful as well as the number series in milliseconds, the communication delay.

Like MS Windows, Linux and Mac OSX also provide a ping command program to run from the shell of the operating system (OS). Here is how a ping test is done in MS Windows.

1. Ping by IP address:

  1. Open the shell prompt or MS DOS prompt from the Start Menu
  2. Type: ping <IP address>    (ENTER)

2. Ping a Web Site:

For Linux, open a terminal or telnet window as the equivalent to MS Windows command prompt.
For Mac OS X, click on Applications folder, Utilities then Network Utility.

Ping Options

When should you run a ping test? You use it when you have connection problems. You run ping in order to detect where the problem comes from. If the ping shows to be successful but you still cannot reach the target, then the problem is not with you.

Your options depend on the implementation. Here are a few:

  • -? Help. This is used to display ping usage and syntax.
  • -c Count.  This means to send count packets then stop. Another way to stop is type [ctrl]-C. This is best for those who check their connection nature behavior from time to time.
  • -f Flood. Send packets soonest. This is to test network performance.
  • -l Preload. This is to send preload packets then go to normal mode. This is good for finding out the number of paces the router can handle quickly.
  • -n to seek for numeric output. This is used to prevent from getting into contact with a name server.
  • -p Pattern. A number of hexadecimal digits is called a pattern. It is to pad a packet end. This is applied when data-dependent problem is suspected.
  • -R is option for IP’s Record Route. This is to determine the route the packets shall take. The target host may give the information.
  • -r is to skip routing tables. This applies when you think there is a routing problem and ping cannot find its way to the target host. This is only for hosts which can be reached directly even without routers.
  • -s size of packet. Alter packet size and check large packets to have them fragmented.
  • -t ping until stopped ([ctrl]-C).
  • -v for verbose. This means show ICMP packets with detailed information.
  • -w Timeout. This is for satellite, cellular and other networks with high latency. This means ping has a longer timeout so it identifies latency problems.

Example of the options usage is:

ping -t www.yahoo.com

Ping Results Interpretation

The output or a result of running a ping test can look like this:

1. Reply from 192.168.0.8: bytes=32 time=<10ms TTL=128

  • Microsoft Windows ping outputs four messages – confirmation line, size in bytes, time and Time to Live (TTL). The latter is a number from 1 to 128. It is the number of networks which the ping passed through on its way to the target. The value 128 means that the device is on the local computer without other networks in between.

2. Request timed out.

  • No connection whatsoever.

3. Ping: cannot resolve mysample.com: Unknown host

  • Misspelled host name.

Using ping to troubleshoot connection problems narrows down the causes of the problem in your computer from the command prompt window. This diagnostic utility gives you an understanding how computer connection works by getting used to viewing the cornerstones of regular network.

 

 

 

Posted in WebSitePulse News | No Comments »

What Is Website Testing?

April 15th, 2013

Website testing is an important part of your website’s ongoing development. Whether you’re just going into production or carrying out regular maintenance on your site, it’s essential you follow a check list and make sure you’re testing thoroughly to ensure your site is user-friendly, accessible and bug-free. But fear not – if you’re not sure where to start, we can help.

Testing at Every Stage

Testing should be carried out at every stage of your website’s development. Many have failed to do this by making the mistake of only testing when a site is near completion, and only highlighting huge errors when most of the work has been done. In order to avoid this and minimize any loss of productivity, you should perform vital tests to locate and eradicate any errors or bugs in the early stages of development, right up until product completion.

But it shouldn’t stop there. You should also be performing regular maintenance checks every time your website is updated, to keep things running smoothly.

Outlining Your Web Testing Requirements

Firstly, come up with a testing plan. Have you researched your target audience – who is likely to be visiting your website most often? Which browsers will they be using, and what is the average connection speed of these users?

Once you have gathered this information, you should bear this in mind when it comes to testing how your website is going to perform under these different variables.

Choosing the Right Tools

Testing doesn’t have to be expensive. You can acquire the necessary testing tools relatively cheaply, or even for free, but do your research first and decide which testing tools will best suit your budget and needs. Saying that, most browsers are free, and you can also pick up emulators and 30-day free trials for most of the software you’ll need.

Bear in mind if you look around, you may find some website design discussion lists and forums which openly encourage testing requests and posts for bug reports and constructive feedback. Check those out to get a better idea of what others are doing.

Determining Acceptable Testing Protocols

In order for a website to be testing effectively, protocols need to be set up to determine the standard you want to achieve. Take screenshots of how your website should look. Ideally you want it to look the same in all browsers, although sometimes this can be easier said than done.

If you are having someone test for you, communicate to them the acceptable standard you are aiming for, but be sure to outline the differences (and there will be some) in standard across varying browsers that you are willing to accept.

Setting Up a Staging Server

Prior to launching your site, you should always use a staging or test server which can emulate the conditions of your site when it goes live.

Testing Practices to Keep You on Track

  • Test one page at a time, and make sure you’re happy with each one before moving on to the next. Simple advice, but you’d be wise to follow it.
  • Keep a record of all bugs and fixes as you go – just in case.
  • Regression testing, or verification testing, basically just means going back and retesting areas of your site just to make sure there is no breakdown in your code or the site’s overall quality. This is general standard practice maintenance.
  • Validate the mark-up for your individual pages. Each needs to use structural, compliant mark-up. Doing this will help you avoid any syntax errors or typos you may have made. You can use automated markup validators which are often available with HTML editors.
  • Don’t forget to validate your CSS!

Testing on Various Browsers and Platforms

Test, test, test! Try out your website on as many browsers as humanly possible, and keep testing until you are confident that your website looks the best it can and is user-friendly and completely error-free. Otherwise all your hard work would be a waste.

For great tools to test your website for free, visit WebSitePulse today!

Posted in Monitoring Basics | No Comments »

How to Manage the Security of Your Data

April 9th, 2013

Organisations underestimate the value of their data security, yet the cost implications of doing so can be catastrophic.  Whilst daily systems and processes may be sound from a workflow viewpoint, how secure are they?  This article outlines the three key areas for consideration and specifies what you should demand from your software solution.

Safeguarding your data is vital in ensuring efficient continuity of operations.

There are many reasons why business operations fall over not least due to the sheer volume of systems and processes in operation.

The technologies and systems in place may be top-notch and increase corporate efficiencies and productivity many times over.  But is the data secure when in transit and storage?  Corporate data is to an organisation what oxygen is to red blood cells and the infrastructure through which it flows is critical and must not be underestimated.

When considering the security of your data, you need to address these three key areas:

  • Data in situ.
  • Data in transit.
  • Authentication of identities and transactions.

Data in Situ

One perspective of protecting data in situ involves whole disk encryption solutions that prevent stored data from being unlawfully accessed on the computing endpoints.  This can be centrally managed on premise but increasingly organisations are seeing the financial and logistical benefits of outsourcing to cloud-based managed data encryption service providers.  Solutions offering consistent protection on multi-platform devices with rapid deployment, web-based management, easy secure recovery and strong encryption remain key considerations.

Data in Transit

A primary data on the move application is email where businesses need to be protected from ‘organised crime’ inbound threats and either deliberate or ‘accidental’ data breaches via outgoing email.  The threat management technology of choice not only has to be the solution delivering protection from spam, viruses, phishing, spear phishing but should also enable a framework of control that identifies then protects intellectual assets through policy-based encryption.  Both structured and unstructured data must be protected.  Human error prevention is crucial in this area so choose a solution that helps avoid costly fines and ensures regulatory compliance.

Authentication of Identities and Transactions

This area requires the efficient management of digital certificates and cryptographic keys.  Failure to do this has recently been quantified by the first Annual Report from the Ponemon Institute exposing the true cost of misplaced trust as a result of the mis-management in this area.  Alarmingly over 50% of recipients didn’t know how many keys and certificates were in operation within their organisation.

Managing this critical area can be simplified and completely automated with software solutions that initially identify and record every single key and certificate on a computer estate.  The software creates a database to record them, establishes their respective expiry dates, monitors and subsequently alerts in advance of expiry.

Additionally, human error can be eliminated by automating the enrollment and application of expiring keys and certificates thus closing the door to security breaches that potentially bring organisations to their knees.  Seamless continuity within this area is achieved from those software solutions that also automate the download and deployment of these keys and certificates.

Choosing a digital certificate and encryption key provider should also be seen as a vital component to ensuring continuity of operations.  If you don’t have the budget available to automate the process then you need to minimise the downtime experienced if a key or certificate expires.  Some providers can take up to 48 hours to deliver replacements yet vendors exist that provide replacements within 2 hours.

What are the Costs of Data Mis-Management?

The implications of mis-managing data within your organisation can result in significant unforeseen direct and indirect costs.

Direct costs include loss of imminent sales. IT professionals diverted from other projects to resolve data compromise issues. Financial penalties levied from professional/legal/government bodies and complete technology and costs associated from systems overhauls and resulting new capital purchases.

Data held within the cloud itself can also be easily encrypted although the emphasis here should be on cloud ‘access’ security.  Even though storage of the data in the cloud can be easily protected, it is the entity accessing the data that needs to be validated and their actions verified.  Cloud security, by its very nature, has to place trusted entities and communication integrity as its priority. Cloud data storage moves the emphasis away from the security of the data itself towards the integrity of interactions and the security processes permitting entities from accessing the data in the first place.

Failure to protect your data, or to protect the integrity of your cloud computing infrastructure can, indirectly, erode your corporate reputation as trust in your organisation has been compromised.

In Summary

There are many potential pitfalls within the management of data security but obtaining professional advice from IT consultancy companies can steer you through.  When seeking advice it is always best to use the services of IT security professionals that are security cleared.

Author’s Bio

Krista Hague is a marketing professional at Gradian Systems.  Their blog www.symantec-gradian.co.uk focuses on cloud-based Managed Encryption Services and Laptop Encryption.  You can follow them on Facebook and Twitter.

 

 

Posted in Guest Posts | 2 Comments »

« Older Entries