1 2 3 61 Previous Next

SAP for Mobile

905 Posts

"...but please remember, you can access or modify the strictly confidential data in this app only in very secure locations...OK?"

 

"Yeah sure!...ehm, but what do you mean exactly? Well nevermind, I have to go, see you!"

 

"Well..."

 

Welcome to another post (here the first post) with use cases for ProtectMe, a research prototype developed at the SAP Product Security Research group.

 

What happens if you need your users to access and manipulate sensitive data in your ERP, and they should also respect your company's policy to protect the confidentiality of such critical information? How to provide users with convenient tools for their business operation that at the same time enforce corporate policy terms?

 

In the following videos, ProtectMe is used to control two mobile apps, respectively usingMBO and OData to retrieve business information. The scope of ProtectMe is however broader and can be integrated within the business logic of any application.

The policy conditions have been simplified in these use cases, and essentially comprise a list of geographic locations where data manipulations are allowed. However, ProtectMe is integrated out-of-the-box a number of mobile device components like bluetooth and WIFI network adapters, GPS, alarm and so on, thus supporting more use cases. And the engine used by ProtectMe supports the definition of complex conditions using data coming from the different components.

 

The apps in the videos are rather simple, but as you can see, ProtectMe is smoothly integrated in the user experience, thus it does not represent an obstacle for business users during their activities.

 

ProtectMe providing usage control to MBOs

 

ProtectMe and OData resources

 

 

More details on ProtectMe can be found at the following links:

or simply by contacting Francesco DI CERBO, Laurent GOMEZ or Slim TRABELSI from SAP ACES Product Security Research group.

 

Special Thanks to Stuart SHORT for the precious help.

Being mobile is often seen as something valuable. It makes your business more flexible, more dynamic. But do you know what really drives the value in SAP Enterprise Mobility? Is it just that the products have to perform well? Or should they be highly customizable? Or does the level of innovation have to be high? That is what I am currently trying to find out for my Master thesis.

 

I have built a model that I want to test. To get significant results I would like to ask you kindly to help me by filling in this questionnaire (http://www.surveyexpression.com/s/31729/SAPEnterpriseMobility). Next month I will analyze the data. If I get enough response to have an actual solid tested model, I will share the results here.

 

Thank you!

This blog tends to take a step forward on Fiori Launchpad introduction blog by me.

 

Now that we know that Wave 2 apps have been designed to be accessed by Fiori Launchpad and Launch page is already history. If you have all the Wave one apps up and running, it would be better if you get the entire wave 1 & wave 2 apps on the Launchpad.But how do we do it? SAP has provided a thorough documentation on what Launchpad is, and how it helps us. But still we are missing on any step by step approach to add new apps to your Launchpad.

 

This blog will help you to do the same. And as Fiori aims at “Keeping simple things simple”, adding apps to your Launchpad is also simple!

 

  • Here’s a link to the Launchpad designer that can be used to add catalogs and groups to your existing Launchpad.

       Launchpad designer:

 

http://<SERVER>:<PORT>/sap/bc/ui5_ui5/sap/arsrvc_upb_admn/main.html

 

 

  • Once you are on the designer, you can select to “Create a new catalog” by clicking on the + sign on the bottom. Provide a suitable Title and ID, and you are good to go.

 

1.png

 

 

2.png

  • Now that you have your catalog ready, you add tiles to your catalog. These tiles correspond to the apps you want visible in this catalog.  Select “App Launch Static” to create a simple Manager approval app.

 

3.png

 

Here’s how the tile would look like once added to the catalog. You can customize the tile, for the app you need to add.

 

4.png

 

If you click on the tile, you can see the details that can be modified for a particular app.

Add the relevant title and the target URL for the Manager Leave approval app.

 

5.png

 

  • Now you can add the catalog to a group. To create a Group, select the group icon and provide details like Title and ID.

 

6.png

 

  • You can select the catalog that you would like to add to this group.

 

7.png

 

  • You select Manager to add this to the group.

 

8.png

 

  • Now you want this app only visible to the Manager, who holds the right set of roles for approvals.

       To restrict the Access of app, Go to PFCG in the gateway system, and create a new role  for manager apps.

       Click on “Transactions” to add a “Grupee”.

 

9.jpeg

 

From the drop down list you can select the appropriate Gruppe, in our case “manager”.

 

10.png

 

  • The last step to assign the appropriate users to this role .

 

11.png

 

  • Save it! And you are all set to use the “Manager leave approval” app on the new Launchpad.

 

12.png

In this blog, I talk a lot about mobile payments, machine-to-machine technology, the Internet of Things, big data, cloud computing… We often look at each thing in isolation. But when the technology gets really exciting is when it all comes together to create something greater than the sum of its parts.

 

 

 

For the second year in a row, SAP (my employer) showed off its smart vending machine at the February Mobile World Congress (MWC) in Barcelona.

 

 

 

A vending machine is a humble device. But don’t let that limit your thinking about what it can do.

 

 

 

When we demonstrate it, we have people download a mobile wallet app onto their phones or another NFC device, such as this year’s MWC conference badges. We load up some spending money on their app, spin them around three times, and point them at the vending machine.

 

 

 

Once you get close enough, the machine recognises you, and displays a welcome message on a giant touchscreen with your name in it, plus an assortment of snacks available to purchase. You select the one you want. The machine deducts the purchase price from your mobile wallet app, and dispenses your choice. No money required.

 

 

 

Each time you return to the machine—or another one like it—the machine learns a little more about your preferences. Over time, it’ll offer deals on snacks you buy most often. You can even select to buy a gift snack for someone you know, and send a claim voucher to his or her own device.

 

 

 

That’s just the consumer experience. On the backend, it’s just as impressive, if not more so. The SAP smart vending machine is full of sensors that keep track of internal temperature, maintenance status, and inventory levels; accelerometers that measure when someone shakes it in frustration; and even cameras that measure traffic patterns. The machines can also send all of that data back to a home base, so that the company that owns the machine can proactively restock and repair the machines, dynamically re-routing truck drivers to the locations that need service.

 

 

 

The real point to all this isn’t so much to build such a posh vending machine, but to demonstrate how all these technologies work, and more important, how they work together to create real business value. Instead of a network of vending machines, this could be a network of ATMs, supply lines, windmills, or turbines. All of the technology for such a smart, connected network exists—and is made by SAP. How could it help your business?

1. What is the standard way to connect a SAP system to Datasift?

SAP delivers a standard connector to connect to Datasift and harvest social data. This is part of the deliveries under the topic of Social Intelligence. You can find more details in this help.sap link. Once data is harvested, all the necessary aspects like Legal Compliance (Consent Management and Retention) and Archiving are taken care of. The block diagram below gives an idea about all the deliverables related to the Social Intelligence topic.

ppt_img.gif

 

2. Do I need an account with Datasift?

Yes, you will need an account with Datasift. You can find more details about Datasift here. The connector supports most of the Channels supported by Datasift but it takes a few minutes to add additional channels to the connector (as long as Datasift already supports the Channel).

 

3. What are the technical pre-requisites for the connector?

The connector requires SAP_BS_FND 7.47 SP03 or a higher SP. The database tables and all the features of Social Intelligence are part of the Business Suite Foundation 9SAP_BS_FND) layer. For real-time harvesting of social data, the connector also requires SAP BusinessObjects Data Services 4.1.

 

4. Where can I find the connector for installation?

The installation guide for the connector is available at https://websmp110.sap-ag.de/instguides -> SAP In-Memory Computing -> SAP Customer Engagement Intelligence -> Installation Guide Social Data Harvesting Connector.

 

5. Which applications in SAP use this connector?

SAP Customer Engagement Intelligence uses the features of Social Intelligence and customers can use the connector to connect to Datasift. SAP Fiori application for Analyze Sentiment also uses the connector for harvesting data from the social world. You can find more information about the Fiori application in my earlier blog. But it is possible to use the connector and harvest data independent of these applications (for example, you can use the harvested data to implement your own analytical content)

In the old days living in remote regions meant exclusion from vital services such as healthcare, education or banking because of the distance to populated areas . Not so any more. Adarsh Credit Co-operative Society, India's largest credit co-operative society, was founded with a vision to provide financial services to every person no matter how remote on the premise that they already have access to mobile services.

 

Priyanka Modi, Managing Director at Adarsh, says only 35% of India's population has a bank account. The company's mission is to change that, and they are using SAP Mobile Platform to drive financial inclusion throughout the world's seventh largest and second most populous country. Adarsh employs 3,000 office workers and 100,000 agents in the field to service one million customers -- all from a basic feature phone.

 

SAP Mobile Platform (SMP) enables Adarsh to offer a seamless, personalized and contextually relevant experience to its members any time, and at any location across India. The power of the platform, says Adarsh's CTO, is in the security, scalability and the integration to the bank's core systems. Customers have the advantage of real-time services. They can get their balance at same time they make a deposit.

 

SMP makes life a whole lot easier for Akarsh's field force as well. Previously, they spent hours waiting at the bank to make deposits and check customer accounts. Now, they can access the account directly at the customer's location and look at the account together. The deposit is made in the customer's presence, and he can see it himself. This kind of service inspires trust, and saves time for both parties. The customer can make financial transactions instantaneously without leaving his shop or farm, and the bank's agent can spend more time working in the field, servicing existing customers and finding new ones.


One million customers may seem like a lot, but in a country of 1.2 billion, there's plenty of room for expansion. Adarsh is working hard to build a cashless society and help raise the social and financial status of its members by fostering saving habits and providing technical and financial support.  With SMP, Adarsh customers now have a fast, easy and convenient way to conduct bank transactions in a secure, user-friendly, and cost-efficient fashion anywhere, any time.

 

Watch the video!

Host Card Emulation Breaks the Mobile Payments Gridlock

We’re likely to see the NFC payments space accelerate this year thanks to host card emulation, or HCE. It’s a technology supported by Android 4.4 that gives any mobile device with NFC the ability to behave like a contactless smart card—without needing to go through the secure element. Instead, HCE stores and transmits payment info (name, card number, etc.) via the cloud. For more on HCE, this Monitise MobileFI article provides a great intro.

 

MasterCard and Visa have both formally announced they’ve gotten behind HCE—and it’s no surprise, as the technology could allow financial institutions to finally offer mobile payment services that go around telcos altogether. HCE also will greatly expand the options for consumers, who won’t have to use specific devices on specific networks, but will be able to use any NFC-enabled device running Android 4.4.

 

HCE could be the big break mobile payments have been waiting for. It seems like every day I read about another bank or payment provider announcing HCE-driven mobile wallets or payment solution. Google Wallet is transitioning over the HCE, and will no longer support physical secure elements.

 

The just-out Forrester Research Mobile Payments Forecast, 2013 To 2018 (US), predicts that mobile payments adoption will grow significantly over the next several years, primarily fueled by proximity payments. HCE could be the reason why.

 

Remember all the hullaballoo about Apple not including NFC in the iPhone 5? (I even jumped on the bandwagon and blogged about it.) The company deliberately didn’t make a play to own the secure element, which until now, was the major stumbling block.

 

I think that together, the several announcements we’ve seen about HCE from major players in the space form another major milestone in the evolution of mobile payments. (And I think Apple could be kicking itself yet.)

In yesterdays post, I covered how mobile is a catalyst for change and innovation.  The post focused on the change aspect where mobile helps organizations (1) capture and validate data at the point of performance, (2) enforce business processes, and (3) offers real-time access to your systems.  Today we will discuss how mobile innovations are becoming available to help you outpace your competition.

 

In particular, there are four new areas where we see analytics, cloud and mobile coming together.

 

  1. Geospatial (GIS) integration
  2. Live 2D and 3D visualization
  3. Predictive Maintenance
  4. Wearables and augmented reality

 

With the complexity of business processes and equipment today, new mobile technologies can help make it easier to understand and act efficiently at the point of performance. .For instance, SAP Work Manager mobile app will combine geospatial data and 3D visual content with work order business processes which gives an extremely rich, multi-system work environment.  This innovation leverages the new SAP Mobile Platform Open UI SDK which enables developers to implement extensions for two way communication (data and event information) between the Meta Data Driven App and the 3rd party App. It will include GIS integration such as ESRI and SAP 3D Visual Enterprise Viewer integration in the upcoming release in June 2014. 2014-02-18_SAP_Work_Manager_Esri.png

 

Mobile GIS such as Esri ArcView will enable users to manipulate interactive maps and to obtain extremely detailed information on the geographic region in question. Mobile users can efficiently find jobs and assets nearby, filter for equipment by location and view work orders from a map. This can completely eliminate paper data entry and the hunt for the right information. Field work will see a huge impact on speed, responsiveness, quality of output, productivity of resources and reduction of resources needed to maintain operations.

 

With SAP 3D Visual Enterprise integration, field workers will see improved speed clarity, and execution with visualization.  We believe it will help eliminate inaccuracies and lost time associated with language differences, paper based transactions and undocumented part histories.  Example scenarios include launching and viewing visual work instructions, showing all steps and safty procedures, and selecting replacement parts.

 

Predictive Maintenance also will change how your mobile solution is used.  Work order assignments to your mobile device will be driven by the big data recommendations from predictive maintenance.  Better decisions drive better field performance such as better first time fix rates, greater number of completed jobs, lower service and support cost, and getting the right service parts on time.  Read more at this blog Innovating Maintenance with Customer Specific Solutions Built on SAP HANA

 

Lastly, augmented reality is revolutionizing the user experience.  Asset management is a hands-on environment.  In fact, its not uncommon to be wearing bulky gloves as you get a little dirty.  Augmented reality and wearables changes how you interface with your SAP system because you can stay hands-free.  For instance while you work on a peice of equipment, you can see vital information on your glasses and use hand gestures to interact.  All the while you keep those gloves on and keep turning the wrench.  Now combine all of the above so you are working on the predicted maintenance jobs, navigating with GIS, and getting work instructions in 3D without ever touch a screen using AR.

 

The future is now with mobile asset management.

 

You can learn more about this on the ASUG webcast (April 16th)  "Asset Management and Condition Monitoring: Take Operations to the Next Level" by registering at http://www.asug.com/events/detail/Mobile-Asset-Management-and-Condition-Monitoring

What are the ingredients for success in Enterprise Asset Management (EAM).  First let’s turn our attention to your SAP ERP system. Your organization made a large investment in this system with the promise that it would bring your maintenance practices to a new level and deliver business benefits such as productivity, cost reductions and lower asset lives.

 

Why?  Because organizations care about providing quality maintenance practices. Many are moving from a corrective maintenance, reactive model to a predictive and preventive maintenance one with targeted, measured processes. To start, you to define your processes and put a system in place to execute on those best practices which allows you to clearly set goals, measure your practices and improve cycles. Along with clearly defined processes, your SAP EAM system offers one unified system to track and monitor those business processes offering more visibility into your assets, the work performed on those assets, and the people doing the work. Thus your EAM system offers a good place to store data, but how do you get the data into your EAM system after it is collected in your defined business processes?273325_l_srgb_s_gl.jpg

 

Data has been the achilles heel of many organizations that simply implement an EAM system and wait for it to fully revamp their maintenance practices. What they don’t understand is the key to unifying under one system and advancing your business processes is data. And data is only timely and accurate if it is captured daily at the point of performance. For an EAM system to fulfill its job you have to be able to capture and access all of the data from your day-to-day business processes to standardize them. Without sufficient data, your EAM system can’t enhance your operations.  So how do you capture all of the data you need to without burdening your workforce?

 

Mobile is the catalyst of change and innovation as it helps solve the problem outlined above. It’s transforming communication between people and machines through connected devices and goes hand in hand with the other disruptive forces in the world today including big data, social and cloud.

The first benefit of mobility here is that it helps capture complete and accurate data. The mobile application can not only make sure that all necessary information is captured, but that the data itself is free of errors. This is achieved by validating all data at the point of entry to ensure it’s in the right format and within the expected range.

 

You can also capture and retain more data with less effort. Part of it comes from the fact that the mobile app captures a lot of information (time/date, status, technician, coordinates, duration etc.) without the technician’s involvement. The other, more important, part is that it no longer takes several people – including the technician and multiple support staff – to collect and enter the information into the enterprise system.

The third major advantage of mobility is that it gives your employees real-time access to your systems information in the field.  It enables real time reporting and analytics anytime, anywhere


Together, these things make for incredible returns for your EAM organization.

You can learn more about this ont the ASUG webcast "Asset Management and Condition Monitoring: Take Operations to the Next Level" by registering at

http://www.asug.com/events/detail/Mobile-Asset-Management-and-Condition-Monitoring

 

Additionally, you can also calculate the potential benefits of going mobile for EAM at http://www.sap.com/uptime

A lot was said about SAP Fiori and the SAP Fiori Launchpad, but not a lot was written till today. So,… it’s time to start.

 

SAP Fiori Launchpad is a real-time, contextual, role based and personalized aggregation point for business applications planned to be deployed on multiple platforms – ABAP (available today), SAP Portal, Cloud Portal and HANA. It runs on multiple device types and provides a single point of access for business applications such as transactional, analytical, factsheet, smart business applications and others.

 

SAP Fiori Launchpad key values:

  • Simple - intuitive, easy and coherent user experience
  • Role based - simplified role based navigation and business function access
  • Contextual - real time, contextual and personalized access
  • Responsive – consumption a cross devices, versions and channels with a single user experience
  • Multi-platform – planned to be running on multiple platforms – ABAP (available today), SAP Portal, SAP HANA Cloud Portal and HANA

 

IMG_0186-small.pngIMG_1624-small.pngIMG_1623-small.png

 

SAP Fiori Launchpad, across its underlying planned platforms, showcases the SAP user experience alignment (following the Fiori user experience), the branding tools alignment (SAP Theme Designer) and the responsive, multi-channel UI alignment.

 

To get more updates, keep following our up-coming posts on SCN and our twitter account @Portal_SAP

SAP has a long successful history in delivering solutions for technicians and maintenance workers to manage their work orders and time. These workers conduct physical labour and require the use of their hands to perform routine jobs. Mobile technology, such as mobile 1.0 apps, have been leveraged by these professionals to streamline processes however there are new technologies like wearables and specifically smart glasses that can integrated with enhanced mobile 1.0 deployments and free up hands to complete work more efficiently and effectively.

 

Sounds great, but let's look at a real example.

 

We were able to get a demo of this exact scenario. Arno Mielke, Director of Mobile Solutions and Innovations, SAP provides an overview of a concept application for integration of SAP 3D Visual Enterprise Viewer into SAP Work Manager. The demo shows how maintenance and service technicians can enhance their performance with remote control, gesture control, augmented reality and wearables like smart watches (e.g. Samsung Gear) or glasses (e.g. Google or Vuzix).

 

But there's more (as always).

 

Manuel Saez, Director of SAP Mobile Innovation Centre teamed up with Olivier Mercier, Senior Developer for SAP Mobile Innovation Centre to dive deeper into the AR and Multimodal demo given by Arno. They give the specific behind the project, such as AR technology from Metaio, and SAP Software such SAP 3D Visual Enterprise Viewer and talk about how this technology can be applied to any user, not just technicians and maintenance workers.

 

This is a seriously cool demo and video interview that I highly recommend that you watch if you are considering how to leverage AR and multimodal interaction in any project.

 

Enjoy!


Since the acquisition of WhatsApp by Facebook, just prior to the 2014 Mobile World Congress, there has been considerable press about Facebook and WhatsApp.  In the last few days, the latest headlines have been about how WhatsApp handled a record 64 billion messages in a 24 hour period.  That is a fantastic number and it represents magnificent growth.  I’m not trying to take away from this brilliant achievement, but I must point out that WhatsApp subscribers didn’t really generate 64 billion messages.

 

WhatsApp also noted that they recorded 20 billion inbound (originated) messages and 44 billion outbound (terminated) messages.  Simply stating that “WhatsApp handled 64 billion messages in a 24 hour period is misleading.” In fact, WhatsApp subscribers sent 20 billion distinct messages.  They are counting the message when it leaves the originator and then counting it again when it is received by one or more recipients.  That’s not the most accurate way of publicizing their messaging metrics and unfortunately; both the press and some analyst do not make this distinction.

 

How this industry counts messages is not the most standardized process; however, we should be counting distinct messages (with one originator and at least one recipient):

Counting Messages.png

 

Today, there are approximately 22.5 billion SMS messages generated worldwide, on a daily basis.  This is based on SAP Mobile Services’ own traffic statistics, coupled with information from Portio Research and others.  Much has been said that WhatsApp alone greatly exceeds the daily SMS volumes.  Again, this is not completely true, although, they are knocking on the door.  As a group; however, OTTs (non-SMS interworking) do exceed the daily SMS rate.   I have calculated that OTT messages are between 35-45 billion messages per day – even if I only focus on the real number of distinct messages that are generated.

 

So, let’s talk about the differences in how subscribers interact with OTT messaging services vs. SMS for a moment.  First off, I should also acknowledge that these messaging style differences were brought to my attention from a Portio Research report that we reference.

 

One of the nice things about pure OTT messaging services is that many offer typing indicators along with delivery and/or read indicators.  Many even provide the concept of presence – that it, the availability status of the other party is displayed.  It is much more of an Instant Messaging type of exchange.  Therefore, each user will likely send many more messages to convey the same thoughts and ideas that would normally be sent in only one or two SMS messages.  The mindset of most senders of an SMS is that they’ll send the message and expect it will be read either now or in the future.  If the other party reads and responds quickly, then the exchange could take on a more IM-style characteristics.

 

The example below shows the differences between an OTT based conversation and an SMS conversation:

SMS - vs - OTT Conversations v.1.0.png

 

The OTT conversation shows 8 distinct messages (although WhatsApp might say that’s 16 messages! ) while the SMS-based conversation conveys the same ideas in 3 messages.  While this is a rather radical view, the concept is sound.  In reality while many SMS messages convey more in the initial messages of a conversation, most times, once both participants realize they are chatting in near-real-time, they conversation looks more “IM-like.”  Nevertheless, this illustrates how free OTT apps can easily generate more messages per conversations than SMS.

 

The key to accurate OTT messaging metrics as a measure of progress is a common statistic; however, it is also one that can easily be misunderstood.  That measure plus number of monthly active users (MAU) are both good indicators of the true reach and value of a messaging service.  Simply stating that a service has 100 million registered users, without an MAU metric is useless.  For example if 100 million users were registered, but only 20 million are MAU, then there is likely some problem with the app/service when 80% are not using the service on a monthly basis.  Interestingly, MNOs do not typically report MAU for certain services, but simply subscribers.  We then have to look to other metrics, sometimes painstakingly acquired by analyst firms, to ascertain more usable metrics regarding overall status of a service.  Accurate measurements of messaging and similar metrics in today’s global mobile ecosystem are important as it enables both potential users as well as enterprises to make accurate decisions about engaging with and using these new, innovative services.

 

Please follow me on Twitter: @wdudley2009

Hi there. My name is Mariah Perry, and I am an intern on SAP’s Global Product Marketing Team. I am currently in my fourth year of university, studying English and Business with a specialization in Digital Arts Communication. I am pleased to be sharing my first – but not last – SCN blog with you.

 

I was born into a generation that quite literally had the Internet at their fingertips. Between sharing updates on social media to messaging friends, mobile has been part of my day-to-day life since I was old enough to own a cell phone. As someone hard-wired to share content on a mobile device, it was something that I did unconsciously and freely. However, until my internship at SAP I did not know much about enterprise mobility or mobile security. My internship has fostered an understanding of enterprises’ need to deliver safe and secure content on mobile devices, especially in a Bring Your Own Device world. Today, I would like to share the top three things I have learned while piecing together mobile security.

 

1. Be your own detective

 

In a workforce equipped for BYOD, do you know where your data is being used? According to Enterprise Mobility for Dummies, only 12% of employees have signed any kind of usage or security agreement with respect to personal devices in the workplace (1). That leaves 88% of the mobile workforce susceptible to how their data is being used. Why is this? Global VP of SAP Mobile Secure Senthil Krishnapillai explains that traditionally, people only associate security with devices. However, the expansion of BYOD now supports mobile app security and content security as well. One must be aware of – and adopt – all of these elements in order to stay on top of mobile security.

 

The other critical component of being your own detective is understanding where your data is coming from. Is it on premise or in cloud? The massive adoption of cloud cannot be ignored, especially in terms of mobile security. Krishnapillai articulates the benefit of providing security as a service in the cloud, stating that the lack of manual upgrades to existing infrastructure not only increases speed but makes the businesses more secure. For an enterprise, investigating the benefits of mobile security in the cloud is an extremely worthwhile task.

 

Watch the video with Senthil Krishnapillai now.

 

 

2. Don’t be afraid to adopt and evolve

 

During my time at SAP, I have learned change happens constantly – whether it is the coffee in the lunchroom or the latest technology trends, nothing it static. In such a fast-paced environment, the best advice I can give is: don’t be afraid to adopt and change. Mobile security illustrates this concept well. As I mentioned before, when a company thinks about security, they typically think of securing the mobile device, which is a Mobile Device Management (MDM) solution. However, for companies facing stricter industry security requirements, extra protection is required. Right now, there is a need for companies to further secure their applications.  Milja Gillespie, Director of Marketing for Mobile Secure, explains that mobile app protection, or app wrapping, can provide these capabilities. App wrapping is a great example of why it is important to grow and adapt. This solution opens new doors for enterprises and their customers. For example, enterprises can now deploy a secure application  on an unsecured device, particularly that of a customer or partner. With app wrapping, the future of security is full of possibilities. Since it became available 6 months ago, Gillespie says the solution has had “fantastic interest and uptake.” It seems they are taking my advice!

 

Watch the video with Milja Gillespie now.

 

 

3. Collaboration is Key

 

Fundamental to my role at SAP is collaboration. Every day, I collaborate on a global scale in order to complete my work. On any given project, I am sharing information and content with my team members spanning time zones and countries. Working in such an environment has taught me that employees need the ability to access personal and corporate content at any time. Matt Carrier, Senior Product Manager for Mobile Security, addresses the question at the heart of the mobile workforce: How do I collaborate within teams securely? The answer is simple: the right solution needs to be in place. The new version of SAP Mobile Documents allows teams to edit documents in a secure space, leading to increased productivity. A good product’s security must be virtually unnoticeable for employees to collaborate, which is what SAP Mobile Docs excels at. When pressed with a deadline, I do not have to worry about the security requirements before clicking send.

 

Watch the video with Matt Carrier now.

 

 

 

If you are interested in learning more about how mobile security can work for your enterprise, attend Milja Gillespie’s seminar in Toronto, Canada. Here are the details:

 

Mobile Security Seminar

Wednesday, April 16, 2014

Registration: 8:30 a.m.–9:00 a.m.

Seminar: 9:00 a.m.–12:00 p.m.

SAP Offices at 4120 Yonge St. Toronto, ON

Connected to TTC subway at York Mills station, paid parking available for $14/day

 

Register here.

 

1 Coad, Carolyn, Tom Badgett, and Corey Sandler. Enterprise Mobility for Dummies. 2 ed. Mississauga: John Wiley & Sons Canada, Ltd., 2013.

With the introduction of HTML5 as latest markup language in UI world, SAP has aligned its priorities for new developments on mobile/desktops on the same lines using SAPUI5. Recently SAPUI5 became open source to allow creative ideas to pour in and easy consumption along with different landscapes in client systems.

 

SAP Fiori, frontrunner in the consumption of latest UI5 technology has opened new paradigm for versatile, easy to use, productive with user centric designed business applications. This provides stateless approach using OData for business applications. It is available for all devices like mobile, Ipad, Desktop etc. But to achieve best out of Fiori we need to make it run faster and smoother on every device.

 

Performance being one of the product standards in SAP, takes priority along with quality and security standards.

 

Effect of performance on user experience can be seen from below analytical chart:

UserExp.jpg

 

Environment effect on performance

Performance criteria are applicable for both mobile and desktop applications. Here hardware create some limitations as follows:

 

NetworkSpeed.jpg

 

Front end also put some limitations in terms of:

  1. Hardware and software of mobile devices (slower than desktops).
  2. Different browser performs differently on same hardware.
  3. Memory consumption on various browsers along with garbage collection and caching.
  4. Number of parallel connections on mobile can be 2-6 as compared to 6-8 on desktop.
  5. Mobile devices are optimized for low data volumes

 

 

Hotspots:

In any UI5 project we need to look after for below hotspots:

 

1.     Long running OData processing in backend:  Backend implementation of the OData services based on existing legacy APIs – which were not designed or optimized for the new use-cases.

 

2.     Initial loading time of main application

a.       Cascades of many OData requests within a single user interaction step (i.e. loading user data, menu data, application metadata, master data, detailed data in one sequence)

b.      Fine granular application resources/assets (*js.,*css,. …) in sequence can harm the “first impression” - especially on the networks with higher network latencies.

 

3.     High number of round trips and heavy network traffic

a.       Transferring data which are not needed / consumed.

b.       Using verbose data formats, not enabled compression

c.      Loading the same resources several times (instead of using the browser cache)

 

4.     Complexity of the UI / Client Application Code

         

a.      Complex application logic in JavaScript - i.e. for the visualization of high volume data

b.      Implementation of own Custom Controls, using “heavy” 3rd-party controls or libraries

c.      Triggering periodical activities & timers in the applications too often

d.      Using High Resolution Images on low resolution screens

 

 

Measure, Analyze, Improve

In order to improve performance we need to first measure different entities and analyze various aspects of the same on performance (perceived by user). This can be understood from below diagram:

 

Perceived Performance.jpg

 

 

End-to-end response time

This can be measured using Stop watch or video recording of the test application. Detailed performance analysis can be done using dedicated tools and network traffic recordings etc.

 

SUPA is one of the SAP internal tools which can be used for performance measurements supporting set of “Data Providers” to read performance-specific data and logs from the client, network and servers. It also measure End-to-End response Times derived by analyzing Browser CPU utilization.

 

Further reading can be found at https://wiki.wdf.sap.corp/wiki/display/NWEngPer/SUPA

 

 

Network Traffic analysis

Network Traffic Records and Waterfall Chart visualize the order of the network roundtrips and their exact timing

1.       shows which all assets and data of the Web Application are loaded over network

2.       helps to find missing assets (response Status 4xx, 5xx) and long running requests

 

This can be understood from below figure:

NetworkTraffic.jpg

 

Various tools are provided by each browser as follows:

  1. IE: Tools-> “F12 Developer Tools” -> “Network” Tab
  2. Firefox: Firebug plugin
  3. Safari: Web Inspector
  4. Chrome: Tools->DeveloperTools->Network

 

Apart from above 3rd party tools can also be used:

  1. Simtec HTTPWatch (IE, Firefox) http://www.httpwatch.com/
  2. Fiddler2 - Http Debugging Proxy http://www.fiddler2.com/fiddler2/
  3. Wireshark : Network Protocol analyzer http://www.wireshark.org/

 

All these tools can be difficult to use due to availability of various tools for various browsers. Get familiar with network traffic tools and developer tools (i.e. Chrome Timeline, Profiling, and Debugging) and actively use them already during the development.

 

Chrome Tools: https://developers.google.com/chrome-developer-tools/docs/timeline

Profiling: https://www.youtube.com/watch?feature=player_embedded&v=nxXkquTPng8

 

For SAPUI5 you can use two below options for front end analysis:

  1. CTRL-ALT-SHIFT-P: This provides information on version, UA, config, modules etc.
  2. CTRL-ALT-SHIFT-S: This starts the performance block on SAPUI5 which shows the rough timings on main activities driven via UI5 core. URL parameter should be used as sap-ui-measure=true.

 

 

Best practices for fiori

 

     1.     Keep it simple: Try to keep your UI as simple as possible and do not clutter your UI with unnecessary data.

            

              Keepitsimple.jpg

 

     2.   Fast OData response from backend:

a.       Runtime of OData service should not exceed 500ms

b.      At most 2 sequential round trips per user interaction step

c.       Minimize data volumes  and cache smartly with the help of JSON format and GZIP to compress data

d.      Use OData optimization statements e.g. $top, $batch, $expand, $select, $inlinecount

                      e.        Consider Paging for the Long Lists e.g. $skip, $top

 

     3.     Reduce roundtrips and roundtrip times:

a.       At most 2 sequential round trips per user interaction steps

b.      Avoid Bad Requests (HTTP Status 4xx, 5xx)

c.       Load in lazy way and asynchronously (when possible)

d.      Reduce resource fragmentation (JS, CSS to merged files)

e.      Avoid loading of resource duplicates

f.       Use aggregation of small images / icons

 

1.       4.     Minimize payload size

a.       Send only the Data you really need to the Front End

b.      Keep Size of Responses under 10KB - especially on mobile devices.

c.       Check and Enable Compression settings for the responses

d.      Use Image Formats supporting compression e.g. png, .jpg, .gif -> depends on the features you need

e.      Avoid using of “oversized” images

f.        Remove unused code from JavaScript and CSS

                     g.          Use Minified Version of JavaScript and CSS Files

                                        i.     Optimized version of SAPUI5 libraries is to be used for productive usage and also during performance measurements.

                                        ii.    Consider minification of your application resources as the part of the build process for your application.

                                                 Further reading can be found at http://vesapui5.dhcp.wdf.sap.corp:1080/trac/sapui5/wiki/Documentation/AdvancedTopics/Optimizations

 

1.       5.     Enable Browser cache

a.       Ensure cacheable $metadata files to your OData calls

b.       Define appropriate life time for resources to reduce roundtrips (Expires / Cache Control Headers, …)

                      c.          Consider usage of Cache Buster / Application Cache Buster. Cache Buster allows the application notify the browser to refresh the resources only when they has been changed – otherwise can be fetched from browser’s cache. Further reading can be found at

                                   http://vesapui5.dhcp.wdf.sap.corp:1080/trac/sapui5/wiki/Documentation/AdvancedTopics/CacheBuster

 

1.       6.     Optimize browser rendering

a.       Reduce # of DOM Elements

b.      Minimize DOM Container Nesting

c.       Manipulate DOM Responsively

d.      Minimize Repaints / Reflow

e.      Make CSS Rules as specific as possible

f.        Avoid CSS Expressions

g.       Specify Image Dimensions in Tags

h.      Avoid long locking of UI Thread (JavaScript execution max. 50 ms)

i.        Use internal Timers with sufficient delays

                      j.          Check the performance effects when using new/ 3rd-party libraries and UI controls

 

1.       7.     Enhancing perceived performance

a.       Progressive Rendering - at least part of the page is displayed fast and other parts are fetched later. (“Paging”, Above the Fold“-Principles principle)

b.      Meaningful Progress Indicators - if processing takes longer time, visualize the progress. (but avoid simple sand clock or turning wheels)

c.      Visual Transitions from the one visual state to the other may help improve perceived performance.

d.      Pre-loading Techniques - once the application screens is displayed and waiting for user action, the application can start to fetch resources needed for next pages in the background.

                              For further reading you can refer to http://www.sapdesignguild.org/community/design/perf_general.asp

 

 

Further Readings

Web Performance Best Practices (Google) https://developers.google.com/speed/docs/best-practices/rules_intro

Best Practices for Speeding Up your Web Site (Yahoo)http://developer.yahoo.com/performance/rules.html

HTML5 Rocks http://www.html5rocks.com/

    

 

I’m excited to be presenting a seminar in April on the topic of mobile security. While I’ve been working on this topic for the better part of 7 years, I rarely get a chance to present on my home turf to fellow Canadians. If you are based in the greater Toronto area, I would like to personally invite you to join me for a seminar on April 16th to learn strategies to secure your mobile enterprise.

 

If you’re following this blog you probably recognize that enterprise mobility is essential to the success of most businesses. But without the proper security measures in place, many enterprises risk data leakage, malware infections, and data loss. The question to as is: Is your enterprise protected?

The premise for this seminar is that that security is NOT something that you want to risk doing wrong! I’m excited to be joined by two fantastic partners; Rogers Communications (who has partnered with SAP to provide cloud based mobile security solutions) and Mocana (who specialize in mobile application security - or app wrapping). Together we’re uniting forces and bringing our best security experts to this event. We’ll discuss and evaluate available alternatives to secure your mobile enterprise and dive deeply into advanced security techniques.

You’ll learn about mobile security solutions that will:

  • Secure applications and data across all managed and unmanaged devices
  • Comply with strict industry requirements
  • Decrease liability from exposure to corporate data breaches
  • Secure applications without using mobile device management (MDM) in scenarios where MDM is not feasible (e.g. legal requirements, bring your own device, contractors)

 

SAP’s mobile security solutions enable you to secure devices, apps, and content – protecting you well beyond simple MDM. You can register today to attend our April 16 seminar or if you’re not local, you can check out our solutions anytime at sap.com/mobile/EMM.

I look forward to seeing you in Toronto!

 

 

 

Mobile Security Seminar

Date:
 Wednesday, April 16, 2014

Time:
 Registration: 8:30 a.m.–9:00 a.m.


Seminar: 9:00 a.m.–12:00 p.m.

SAP Offices at 4120 Yonge St. Toronto, ON

Connected to TTC subway at York Mills station, paid parking available for $14/day

 

 

Actions

Filter Blog

By author:
By date:
By tag: