1 Reply Latest reply on Sep 19, 2016 11:49 AM by Senta

    Best security implementation for workspace in mobile phone (native apps)

    Apprentice

      Hi All,

       

      I have some questions and maybe need some experience from anyone if you have implement workspace in mobile apps :

      1. Have you ever use "Shibboleth Authentication" in workspace for mobile apps? Is it hard to implement it to mobile phone (native apps)?
      2. I think that vpn is more secure way to access the server from mobile apps. Have you ever use vpn?
      3. Can we authenticate by email to confirm the valid user?

       

      Thank you

       

      Regards,

       

      Fikri

        • 1. Re: Best security implementation for workspace in mobile phone (native apps)
          Senta SupportEmployee

          Hello Fikri,

           

          I try to answer you questions as good as I can, but you might seek the assistance of a consultant who checks your requirements in detail.

           

          1) shibboleth authentication in SD is SAML-based authentication. Which means that an external Authenticator forwards an "authenticated" request to the Web Application. Your Mobile users will therefore first need to authenticate themselves against this Authenticator. The Authenticator itself is not part of Service Desk and could be any enterprise single sign-on solution which supports SAML. As Mobile Phones (smartphones) have supported browsers for Workspaces (see https://help.landesk.com/docs/help/en_US/LDSD/10.0/Default.htm#../Subsystems/SupportedPlatforms/Content/BrowserClients.h…  ) there is no need for any native application.

          2) The communication between the browser and workspaces are secured by SSL. You can add you company's SSL certificate to increase security here as well. Setting up a VPN would add another layer of encryption and protection. There is, however, no build in VPN solution in Service Desk and this would need to be provided by an external solution.

          3) This is not a feature of Service Desk. You can set up Service Desk to create new users out of incoming emails, but there is no email verification and any sender will create a new user. I suggest that you take a look at Landesk Password Central (Password Management & Recovery | LANDESK ) for automated user creation and verification.