Mobile App Security Recommendations
To ensure security, the system administrator must apply the following precautions when configuring the management platform and the mobile device to work with the mobile app.
Internet or Intranet Deployment
The IIS web server of the Desigo CC deployment can be configured to communicate with mobile app clients within an intranet (WLAN) or over the internet (using Wi-Fi or 3G/4G).
- Intranet deployments are inherently more secure, since the app will only function when the mobile device is located on the site, and the IIS web server is not exposed to the internet.
- For internet deployments, it is recommended to configure the system with a remote IIS web server (which runs on a separate computer from the Desigo CC server), and to isolate the IIS web server from the rest of the management platform with a perimeter network (also known as DMZ, demilitarized zone, and screened subnet).
See Mobile App Deployment Overview for more information about deployment scenarios.
If the mobile app is connected to the management platform over the internet, one or more of the following precautions are recommended:
- Configure the management station Web Services in view-only mode.
- Set up a Virtual Private Network (VPN) connection between the router and the mobile device. Or, as an alternative to a VPN, use a remote IIS Web server in a perimeter network (DMZ) with firewalls.
- Use the IIS Client Certificate Mapping Authentication method to ensure that only mobile devices with a valid certificate can connect to the Web Service Interface.
The vendor does not accept responsibility for misuse of the app in a non-secure environment.
Secure the Connection Between IIS Web Server and Mobile App
The mobile app connects to Desigo CC through a web application hosted on an IIS web server. This communication is secured (https://) with a security certificate that can be:
- (Recommended). A public CA host certificate (issued by a publicly-trusted certification authority) that you install on the IIS web server. These can be purchased from commercial certification authorities. Public CA host certificates will be automatically recognized by the app. This is the common security solution for communicating with the app over the internet.
- A private CA host certificate that you create yourself, using the SMC, and install on the IIS web server. This is a common technique for communicating with the app over an intranet. In this case, the non-public root certificate used to generate this host certificate must be explicitly installed on the mobile device for the app to trust it.
See Preparing Certificates for the Mobile App for more about information about configuring the certificate used to communicate with the mobile app.
It is recommended to always use a public CA host certificate to have the best performance in terms of IT security, especially when the app connects to Desigo CC over the internet.
Secure the Connection Between the Desigo CC Server and the IIS Web Server
For deployments with a remote IIS web server (that runs on a separate computer from the Desigo CC server), communication between the Desigo CC server and the IIS web server computer must be secured with a certificate. For instructions see Preparing Certificates for Web Services.
Secure the Device Wi-Fi Connection
The Wi-Fi channel used by the mobile device must be always protected with WPA2 encryption. To ensure this:
- Configure the wireless routers that the mobile device will connect to (on the site and elsewhere), so that they use WPA2 encryption with a strong password.
- On the mobile device, to prevent it from auto-joining unsecured Wi-Fi networks, select any unwanted networks in the Wi-Fi settings and delete them. Also disable any settings that allow the device to autoconnect to available Wi-Fi.
Lock Down the Mobile Device Configuration
The mobile device on which the mobile app is installed must be dedicated exclusively to that purpose, with a software configuration that is tightly controlled and locked down. The user must not, for example, install other apps or alter any of the device settings.
As a security feature, the mobile app will not start on jailbroken or rooted mobile devices, nor will it start if the Android Developer Options are enabled. (See System Requirements).
Protect the mobile devices by appropriate security measures.
- Set a device password, and configure a screen timeout and automatic screen lock.
- Do not connect to ad-hoc WLANs.
- Configure the browser for secure usage.
- Do not use cloud/online storage and services.
- Secure use of Bluetooth and NFC.
For more details, contact customer support.
.
Protect User Credentials
- Ensure that users employ a strong password (minimum length 8 characters, containing a combination of numbers and letters) for signing into the app.
NOTE: The credentials (user name and password) used to sign into the app are the same ones used to log onto the management station on the site. - If the mobile device is lost or stolen, immediately do the following:
- Deactivate the user account, or change the password.
- Initiate remote wiping of the mobile device.