The Good Dynamics SDK provides Xamarin developers a wide range of containerized security features that span almost every security need on a mobile device. There is a possibility for data leakage to occur when mobile devices access an unknown foreign web site or other content from an unsecure application server. This post will provide a high level overview of Good’s architecture and why it is secure. Understanding how Good keeps your data secure is instrumental when implementing Good’s SDK into your enterprise’s mobile apps.
Basic Security Architecture & Data Flow
When a device connects to the outside world, there are many security issues that arise: Is the application server safe and trusted? Can a malicious person intercept the traffic and make sense of the data? Could a mobile device with a virus send traffic that could potentially infect other internal servers? The Good Dynamics infrastructure does its best to ensure “no” is the answer to all of these questions.
This architecture diagram details all of the components of Good’s security system. The component that ensures security with internet traffic is the Good Dynamics Proxy Infrastructure. This proxy infrastructure is responsible for handling all traffic that travels between the application server and the mobile device. It ensures security by encrypting traffic end-to-end using AES 256-bit cipher.
Its important to note that Good Dynamics can not ensure security when a Good embedded application accesses an unsecure website that does not use SSL. Good embedded devices are free to access any web service just like a regular http request. The real security lies between the mobile device and the company’s application servers. By protecting data on the device and ensuring that it is securely transferred to the company’s servers, a Good embedded application can access unsecure web services without the concern of potential data leakage.
Network Operations Center (NOC)
The NOC is the central hub of this infrastructure and sends secure data between the mobile device and the enterprise servers. Every Good Dynamics customer shares the same NOC which is located at a Good Technology data center. The NOC fulfills the following duties:
- Send data from the mobile device to the enterprise.
- Send data from the enterprise to the mobile device.
- Validate activation keys.
- Store information about user access rights to applications.
- Store information about associations between devices and enterprises.
Most enterprises have a firewall to keep all company data secure from outside attacks. Secure connections to the NOC remove the need for companies to open up any ports or use VPNs.
Good Proxy Server
This server handles the secure communications between the enterprise application servers and the NOC via a custom protocol that uses SSL over TCP. At least one of these servers must be installed at the organization.
Good Control Server
This server handles all configuration and customization options that are offered to the enterprise by Good. Typically, an IT professional will be using this interface. These changes will be sent to the Good Proxy Server or the NOC to make the necessary adjustment. This includes:
- Application Server address configuration
- User and group management
- Application accessibility
- Mobile device monitoring and management
- Policy administration
- Good Proxy configuration
- Container management.
Enterprise Application Server
This server is on-premises, owned by the company, and may contains sensitive, unencrypted data that needs to be protected by Good Dynamics.
Why is this Secure?
Through the use of this architecture, Good Dynamics can offer exceptional security by encrypting data end-to-end and reducing the amount of infrastructure change an organization must implement. This infrastructure ensures security in several ways:
- Good secures data stored on the device by encrypting it and enforcing password compliance.
- Data transmitted from the Good embedded app to the enterprise application server is encrypted end-to-end without compromising the enterprise firewall.
- The NOC can detect jailbroken or malware infected devices.
- It’s important to note that Good Dynamics does not offer anti-malware or virus protection. Instead, the SDK keeps data safe from leakage or malicious software.
- Over-the-air security configuration updates via Good Control provides real-time administration to user access, device activation, remote wiping, and a number of other customization options for any business.
- Because cyber security is an ever-changing arms race, funneling encrypted data through the NOC at Good’s data center ensures that the organization is taking advantage of Good’s industry leading security.
This post is part of a series of building enterprise mobile applications using the Good Dynamics SDK & Xamarin. To read more about how to implement Good into your Xamarin apps, click here.
Our mobility consulting professionals have extensive experience developing mobile apps utilizing Xamarin, Xamarin.Forms, and the Good Dynamics SDK to accelerate the creation of high quality, highly-secure, mission-critical enterprise apps. Contact us for more information on how we can work with you to build highly secure, cross-platform mobile apps.