Mobile: FAQs about Security in arcplan Mobile
Q: Which kind of security technologies do mobile arcplan applications offer?
A: Mobile arcplan applications offer the same security technologies as classic arcplan Desktop applications. Hence it is possible to use https encryption, Kerberos & NTLM (starting at the web server) or Single Sign On techniques offered by web portals like MS SharePoint, SAP Netweaver, etc.
Of course, you have to consider that normally mobile devices do not access internal applications via the intranet but over the internet or an intermediary VPN instead.
Q: I have published my application on a web server in the intranet. What do I have to configure additionally to enable mobile access?
A: There are two different options:
a) Configure a VPN Login to the domain where the web server is located.
b) Provide the web server via the internet. In this case you have to protect the web server from unauthorized access.
Q: I want to enter my password only at the first login because manual input is too cumbersome on mobile devices.
A: This depends on how the web server is accessed. Normally a VPN access is used. Manufacturers already offer divers technologies, in order to login comfortably to a VPN. For example, only a PIN is requested instead of the Windows password. The VPN Software then performs the Windows login. The URL of the mobile arcplan application is then called after the successful logon in the app of the VPN provider.
For logins inside of the arcplan application, e.g. at databases or at the arcplan User Management, arcplan Mobile offers the option to save passwords for later logins.
Q: How does saving passwords work in arcplan?
A: On the mobile device a password must be entered only once at the first login to an arcplan application. Then the password is encrypted on the arcplan Application Server. To ensure the best security possible the most used encryption algorithm (AES) is used. The key itself is sent back to the Client and thus stored apart from the password. At the next login the arcplan Application Server checks if passwords exists for this user and the device used and then uses these passwords for the database logins. If the login fails for some reason (e.g. the password has expired), the login dialog is displayed again on the Client.