Showing results for 
Search instead for 
Do you mean 
Community Home Request Access Read Blogs Share Your Ideas Search Community View My Settings
Reply
Copper Elite Contributor
Posts: 153
Registered: ‎02-27-2010

MS Dynamics Mobile vs Sage SalesLogix Mobile 7.5.4

My understanding is that MS uses an encrypted wipable database downloaded to the Mobile device and Sage uses a Web service. While response may be better for Dynamics, SalesLogix will offer significantly more access that is real time (no synching). But the real issue is Security. I'm not surprised that our IT person pushing the Dynamics solution suggests that the downloaded DB is more secure but the real issue comes down to the Web Server. He claims our security folks will not allow the Web Service.

 

So here are my questions:

1. Can the Web service be secured for Mobile and how is that done?

2. Assuming security, how is Mobile access engaged and how long does that access last before reauthenticating?

 

Thanks,
Larry

 

P.S. As a few of the old timers may remember I mentioned our eventual migration to Dynamics, something that I have little say in but I must admit I am looking forward to it with the exception of the support channel that you have provided!

Highlighted
Gold Super Contributor
Posts: 3,087
Registered: ‎03-19-2009

Re: MS Dynamics Mobile vs Sage SalesLogix Mobile 7.5.4

[ Edited ]

You can use:

  A - SSL

  B - Add WIndows Auth

 

"... He claims our security folks will not allow the Web Service...".

Sounds like the security folks are living in the dark ages and have way too much power/say. Just about everything out there in "cloud land" uses some form of web service.

--
RJ Ledger - rjledger@rjlSystems.net +1 603.369.3047 x101

".. Innovators in Mobility - Experts in Workflow Automation..."
http://www.rjlSystems.net - blog: www.rjlSystems.net/blog.html
Silver Contributor
Posts: 835
Registered: ‎03-24-2009

Re: MS Dynamics Mobile vs Sage SalesLogix Mobile 7.5.4

RJ, I got the same questions yesterday from a Bank considering mobile.... SSL has nothing to do with customer information cached\stored on a iPhone\iPad solid state drive.

 

What is SLX doing about encrypting data ON the device.....nothing? And I haven't heard of Windows Authentication on my iPhone....

RJ Samp
Gold Super Contributor
Posts: 3,087
Registered: ‎03-19-2009

Re: MS Dynamics Mobile vs Sage SalesLogix Mobile 7.5.4

[ Edited ]

True... but remember at this point in time there is no "local database" w/the SalesLogix Mobile Web app and it only will cache/save if you allow it to do so.. and even this can be (programatically) disabled to not allow the user to save (in the app) if you want to do so... and even disable the "saving" of username/password so that every time you launch you have to authenticate.

 

I would hope when the Sage SalesLogix Mobile Web team does implement a local storage they do go the encrypted way.. with a method that the individual user cannot override. To do less would make it a security problem for sure and probably not meet "standards". 

 

FYI - Massachusetts has the strongest privacy laws (at the moment) on personal data stored electronically:

  http://yro.slashdot.org/story/10/04/25/1745210/mass-data-security-law-says-thou-shalt-encrypt

http://www.daymarksi.com/storage-navigator/bid/24202/Backup-Data-Encryption-and-the-Massachusetts-En...

http://www.mass.gov/ocabr/docs/idtheft/201cmr1700reg.pdf

 

Plus here's another link w/a TON of regs/laws - makes your head spin!

http://www.smarsh.com/regulations-laws

--
RJ Ledger - rjledger@rjlSystems.net +1 603.369.3047 x101

".. Innovators in Mobility - Experts in Workflow Automation..."
http://www.rjlSystems.net - blog: www.rjlSystems.net/blog.html
Employee
Posts: 535
Registered: ‎03-30-2009

Re: MS Dynamics Mobile vs Sage SalesLogix Mobile 7.5.4

re: Disabling caching of data on mobile device

As RJL mentioned - the SalesLogic Mobile client can be configured to not cache data on the local device for off-line use (a new HTML5 capability is used for caching data).

 

re: Active Directory Authentication

The SData portal (Restful web services portal) that the SalesLogix Mobile client uses for user authentication and all data interactions can be configured for Active Directory Authentication - on the mobile device the user supplies the "domainName/domainLogonName" pair as well as their domain password. The IIS webserver that underpins the SData webportal authenticates the user with those credentials and then passes the validated authentication credential to the SData portal - this is all accomplished using the stanard ASP.Net membership provider framework.

 

Note that SSL should be used to encrypt the communication channel. An exception might be if a VPN client has been installed on the Mobile device and if the SData portal is only accessible from within the internal network.

 

 

Todd Hardin
SalesLogix Professional Services Group