1 Reply Latest reply on Jan 24, 2016 11:30 AM by odubov

    Local file security and the iOS SDK

    Mike_Mitchell

      Good day, all. Having watched the webinar and downloaded the SDK, I'm intrigued by the concept. However, I'm not sure how local security would be handled in this configuration.

       

      I'll use an example to illustrate better what I have. In the particular system I'm thinking about, we have a server-hosted version of the database and a mobile version. For increased security, each user receives a customized version of the mobile file with only his account. I've automated the creation of the mobile file via a template stored in a container field on the server side, and the administrator can create a new mobile instance assigned to any account holder via that automation. The mobile version is then distributed to the user by email. Since we don't store passwords, the user has to change the password after each new install.

       

      Now, this works fine for a small number of users. However, I can see it becoming burdensome if the number of users should rise. So the idea of distribution via the SDK and MDM software is attractive. Unfortunately, I'm having trouble figuring out how that might work, given the "each user gets his own copy" security setup.

       

      So, based on wanting to secure the mobile file for each user, is it reasonably possible to do that via automation? Or does the SDK encapsulate the database file in such a way that this isn't a concern? Right now, we're using generated passwords for the initial password to get into the database. How would that be handled in an SDK / MDM paradigm.

       

      I realize the SDK is intended primarily for access to server-hosted systems, but the ability to "go offline" is valuable in selected situations. Todd Geist demonstrated the viability of syncing through a packaged app, so I'm not really concerned about that. But how should the security be handled?

       

      Thoughts?