The use of mobile GIS offers flexibility and provides beneficial functionality as part of an enterprise GIS. Security plays an important role in ensuring that the confidentiality, integrity, and availability of data is maintained in an evolving mobile environment. This topic describes some best practice recommendations to mitigate risks specific to mobile as part of an enterprise GIS.
General mobile security recommendations and capabilities to improve the security posture of a mobile deployment are listed below. For a comprehensive listing of mobile risks and mitigation strategies, see the OWASP Mobile Top 10.
An enterprise mobile device management (MDM) solution is a good starting point to a more secure mobile posture. MDM is the administration of mobile devices in an organization. This is typically applied with software that enables the centralization and optimization of functionality and security management for mobile devices. The software commonly includes a server component that sends out management commands to mobile devices that have a client component to receive and run the management commands.
An MDM solution typically includes the following capabilities:
- Device monitoring, reboot, and encryption
- Enforcement of password policies, password reset
- Predefined WiFi settings/virtual private network (VPN) configurations
- Remove lock and wipe capabilities
- Backup settings enforcement
- Jailbreak detection
Mobile application management (MAM) provides an additional level of security for mobile devices; it is the use of software and services that provision and control access of individual apps on devices. This enables administrators to have more granular control at the application level to manage and secure app data. An MDM software solution can include MAM capabilities as part of its functionality.
Esri has observed that MDM-centric MAM offerings that require rebuilding the app with the MDM Software Development Kit (SDK) typically do not work well. Esri does have some customers using MAM offerings that do not require incorporating an MDM SDK. Esri will provide support for released store versions, listed within the product's life cycle support only.
For more detailed information, the Esri Software Security and Privacy team has released a technical paper titled ArcGIS Secure Mobile Implementation Patterns to help guide IT managers and GIS administrators in deploying an enterprise GIS with a mobile field component.
Authentication involves verifying the credentials in a connection attempt to confirm the identity of the client. Ensure authentication is enabled for accessing GIS services. Specifically for mobile, there are several potential options depending on the capabilities available in your enterprise, such as whether a mobile security gateway is present or whether an existing virtual private network (VPN) can be leveraged by mobile devices. These options include the following:
- Integrated Windows Authentication (IWA)—Using Kerberos (or if unavailable, NTLM), which provides a single sign-on experience to a Windows-based environment.
- Token-based authentication—Using ArcGIS tokens, which provides authentication across ArcGIS.
- Organization specific using SAML 2.0 or OpenID Connect—ArcGIS Online or ArcGIS Enterprise enables customers to use SAML 2.0 or OpenID Connect to provide a web single sign-on experience.
Authorization is the process by which client permissions are verified prior to accessing a resource or performing a specific function. Users should be assigned privileges based on role and the principle of least privilege. For mobile, this can be at different levels:
- Appropriately managing authorization within available roles in ArcGIS such as administrator, publisher, and user
- At the EMM level, using coarse-grained application-level authorization and provisioning
Encryption is the process of transforming data so that it is unreadable by those without access to a decryption key.
- Encrypt data in transit requiring HTTPS across your enterprise GIS.
- Encrypt data on rest on the mobile device. This can be technically enforced by using the following:
- An enterprise MDM
- MS Exchange ActiveSync if using Microsoft Exchange
Logging and auditing
Logging involves recording events of interest from a system. Auditing is the practice of inspecting those logs to ensure that the system is functioning appropriately or to answer a question about a specific transaction that occurred. Logging and auditing can be facilitated at the following levels for mobile:
- At the device level, as facilitated by the enterprise mobility management solution
- At the application level, by logging specific user transactions
These results should be fed into a corporate Security Information and Event Management (SIEM) solution to facilitate automatic correlation of the log data to aid in the detection of malicious activity.
Hardening is the process of securely configuring systems to mitigate as many security risks as possible. The attack surface can be minimized for mobile deployments by doing the following:
- Hardening server endpoints
- Use a mobile application management (MAM) solution to restrict applications.
- Server-side security is identified as the number one mobile risk according to the OWASP Mobile Top 10.
- Follow standard server hardening recommendations that align with industry best practices.