This article will explain the different levels of security that can be applied at a server, device and app level.
Web Services Gateway is just a conduit that allows our apps to talk to different data sources using a common communication language. All communication between apps and WSG are done via HTTPS to provide security of credentials and confidential data. Since WSG is just a conduit all security and permissions to an individual data source are defined by that information management system.
Installing Web Services Gateway in your companies DMZ allows secure access of data stored in information management systems that are behind your firewall without the need of configuring VPN access on a mobile device. This will also allow you to provide data access to outside organizations as long as they are provided the proper credentials and authorization to your data sources.
There are several ways to ensure that your data on your device is secure. Below is a set of options that are available to provide device, app and file level protection.
We strongly encourage all tablets to enable the password feature. This will require a password or PIN to enter every time the device comes out of sleep mode.
We encourage all organizations to install some mobile device management solution. Bentley apps are designed to provide the most efficient usage of the app for the field worker. All credentials and documents that are stored local on the device are encrypted and stored per the operating systems directions. Using a MDM solution allows IT administrators to control devices above and beyond the security of an individual app.
Field Supervisor stores credentials for each data source you connect to. For Bentley information management systems like ProjectWise or eB we advise you to associate your active directory so that users just login with their domain credentials. In the case that the device is lost or stolen all that needs to be done is changing the password for the user of that device to render the cached credentials useless.
Encrypting files is the best way to ensure that unwanted individuals will not be able to access and view confidential or sensitive information. Associating a password to a document will require the password to be entered every time the document is viewed regardless of the specific app trying to view the data. This functionality could negatively impact efficiency of your users performing tasks in the field which require viewing documents.