Eliminating file, database downloads a key to securing mobile apps, Citrix guru says

When you’re operating in a mobile environment, issues like security and managing users are all intertwined, says Traver Gruen-Kennedy.

Gruen-Kennedy, vice-president and chief evangelist of Fort Lauderdale, Fla.-based Citrix Systems Inc., said Wi-Fi hot spot providers are starting to see the

business benefits of their service.

As chairman of two industry associations — the Mobile Enterprise Alliance and the Application Service Provider Industry consortium — Gruen-Kennedy is well connected in the networking industry. He recently spoke with C&N about issues surrounding applications in a mobile environment.

C&N: 802.11 has been around for a while. Is there anything about the technology or about the market that accounts for the fact that it’s only recently started to pick up?

TGK: Any new marketplace takes some time to develop momentum. We’ve seen a wide range of implementations, in independent hotspots, as well as large deployments — this is what starts to drive the marketplace. Wireless technology has often been about the tech itself, rather than about the business benefits of that technology. I believe that businesses who are deploying these systems — in a hotel, in a restaurant, in a book shop, in a cyber cafe — are beginning to see a real business benefit by providing these types of services. In addition, the users of these networks increasingly have devices that are compatible. When the big companies, such as Intel, Cisco and HP adopt these types of solutions, that’s when it becomes a safe bet for an enterprise to choose a technology such as 802.11, because you have an ongoing discussion about how to increase the security and how to increase the manageability of these types of networks.

C&N: With mobile environments, a big issue is interoperability. What are some things users should keep in mind when it comes to interoperability? What are some things they can do to help minimize the effort involved in making everything work together?

TGK: There is an increasing migration to using IP. That allows people greater integration and compatibility with the installed base that organizations already have. One of the most important interoperability deployment challenges that we’ve had in the past was that when a new wireless device came forward, it was optimized for a specific type of network, and you had to write an application for that device. I think we’re starting to move away from that, because you can write an application to run on a server and you can get to that application with a wide range of devices. If I can use an application that I have already deployed on desktops on devices that are wired, and I can now deploy that wirelessly, whether it’s in a local-area network or a wide-area network setting, I can get a productivity gain from that investment without having to rewrite that application. That’s a significant change over what we’ve had to date.

C&N: Two of the big issues that have come up about mobile applications are security and manageability. Do you think that one is of greater concern than the other?

TGK: I think the biggest concern for business decision makers is, what’s the business value that’s going to motivate me to use a mobile solution? Once you get through the business reasons to do this, then it’s appropriate to start looking at what technology you’re going to use. I think security, management of users, management of best practices and how you meet the needs of those users, are all intertwined. Rather than trying to separate them all into individual point solutions, it’s better to look at things from a holistic manner. It’s not enough to just say, “”I’ve got a firewall, I’ve encrypted a connection,”” or “”I’ve got somebody coming through on a VPN.”” I think it really becomes a question of securing the connection, authenticating the user and the device, providing only those applications and resources that the user has rights to view and use, and managing the control of what gets downloaded. In most cases, if people need to use applications or data, they don’t need to download things. The moment a file leaves your firewall, you’ve lost control of it. If your end user only sees those things they’re allowed to see and can’t download the whole database, then you’re not exposed. If you could secure that connection, and you’re only sending keyboard clicks, mouse clicks and screen updates across the line, you’re not as exposed if somebody sniffs into it as you would be if you’re downloading files. I think it all comes together in form of the architecture in how you manage each user account.

C&N: One of the issues with mobile access is you have the 802.11 networks, and you also have the carrier networks, such as 1X and GPRS. Can you comment on the extent to which users are roaming between the two?

TGK: Citrix has a lot of users that are doing this. They would like to be able to do it seamlessly. If you designed an application for a specific device, and that device only works on a specific network, then you’re locked in to the network. Increasingly, what you’re going to see is that applications and devices and security and networks will be increasingly independent of one another, but more integrated.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Story

How the CTO can Maintain Cloud Momentum Across the Enterprise

Embracing cloud is easy for some individuals. But embedding widespread cloud adoption at the enterprise level is...

Related Tech News

Get ITBusiness Delivered

Our experienced team of journalists brings you engaging content targeted to IT professionals and line-of-business executives delivered directly to your inbox.

Featured Tech Jobs