Finally, when planning your data architecture, you’ll want to consider a few data-related design choices that are particularly unique to mobile.

  • Offline Storage
  • Unlike the computers on our desktops, mobile devices can and often do go without a consistent network connection. A modern mobile application should have a plan for offline storage, especially for use cases where users will consistently find themselves without a steady connection.

  • Caching
  • As discussed above, many BaaS systems help manage data access speed and mobile performance by caching certain types of data. In addition, mobile apps may choose to cache data on device for improved performance.

  • Queuing
  • As discussed above, many BaaS systems help manage data access speed and mobile performance by caching certain types of data. In addition, mobile apps may choose to cache data on device for improved performance.

In all three of the above cases, you’ll want pay close attention to how the systems, SDKs and tools you’re using to help facilitate storage, caching and queuing handle sync schedules and conflict resolution. You’ll want a solution that provides some common-sense defaults, while enabling your teams to control schedules and how conflict resolution decisions are made, at runtime. As these features are often complex to manage, we recommend using a 3rd party solution, as opposed to attempting to build all of these capabilities into your mobile apps and API, in house.

Making Offline Data Easy

For most real-world mobile apps, the ability to work offline is critical. Yet so many apps fail to provide this capability because offline is hard. It doesn’t have to be with Kinvey from Progress.

Kinvey SDKs make it easy for developers to quickly add robust offline support to any mobile app, complete with automatic data sync to ensure offline changes are synchronized with the cloud. This even works when using Kinvey to mobilize an existing database or legacy system. In fact, Kinvey’s advanced caching techniques can make apps faster when interacting with slow, legacy backends.

Learn more

Security

Now that we’ve talked about key considerations for designing your API, let’s look at factors for making sure that APIs and apps stay secure, and your core data protected. In the context of security, there are three major areas you’ll want to pay careful attention to:

  • App and API Authentication and Authorization
  • Data Encryption and Local Storage
  • Compliance

App and API Authentication and Authorization

When mobilizing and modernizing your monolith, your primary concern should be ensuring secure access on three fronts: your apps, your cloud-based API and, finally, to your internal data sources. Each of these points of authentication and authorization should work in-concert, be planned in advance, and be consistent across all apps and your entire API surface.

fig5-securing-mobile-apps-and-RESTful-API-endpoints

Fig 5. Securing mobile apps and RESTful API endpoints is an essential step during a cloud migration. Integrating with existing identity providers ensures consistent permissions across all apps, legacy and cloud, while allowing users to reuse existing credentials.

And while it’s possible to implement your own security framework in all three of these areas, this is a complex task that is often better left to a trusted platform provider. Kinvey, for instance, provides a complete Identity Connect solution with client libraries for in-app authorization and authentication, an identity server for your cloud APIs, and no-code integration into your existing enterprise authentication sources, like ADFS, LDAP and SAML.

Data Encryption

Even if you’ve secured access to your apps and data sources, its essential to use encryption as an added layer of protection. In the context of mobile modernization, you should encrypt data:

  • On the pipe, in transit, using secure communication protocols like SSL
  • At rest, especially when data is to be cached or stored locally apart from its source. This could be either data stored on a mobile device, or in a cloud cache.

As with authentication, handling encryption of your data, especially on device, iscomplex. Consider client libraries that assist in this encryption, and which can communicate securely with your token servers. Kinvey, for example, provides client libraries for all mobile app types that facilitate encryption and decryption of your sensitive data.

Compliance

Finally, if your organization operates in an industry where compliance is always a built-in consideration, you’re likely already thinking about this topic, when it comes to data and making your core business cloud-accessible and mobile. And while secure authentication and encryption are always top considerations on a compliance checklist, there’s much more to consider, especially with compliance requirements like PCI, PII and HIPAA. If you’re evaluating cloud platforms to accelerate your mobilization efforts, pay careful attention to what compliance certifications and guarantees each candidate provides. Progress Kinvey, for instance, considers compliance an essential core feature of its platform, and provides a set of purpose-built HIPAA-compliant services into its core products.

Choosing the Right Cloud

When considering a cloud provider, it’s important to consider not only your needs and context, but also the strengths and specializations of the provider. While there are several cloud vendors on the market of various sizes, not every cloud is the same. Some are a loose collection of services that you assemble (like AWS, Azure or Google Cloud Platform), while others are pre-integrated or specialize around a set of use cases, like hosting or mBaaS providers.

Within specialized providers, you’ll also find that some are stronger with greenfield (typically B2C) scenarios, while others are optimized for working with existing clouds and monoliths. For example, while both Kinvey, from Progress, and Firebase, from Google, are focused on adding value on top of “raw” clouds to accelerate mobile app development, Firebase tends to be better suited for consumer apps, while Kinvey provides building blocks and functionality tuned for enterprise modernization efforts.

The table below summarizes some key factors to consider when choosing a cloud based on the needs of your app and the strengths of the provider.

Mission-Critical & Compliant

Not all apps are created equal. Some are just for fun and disposable. Some are mission-critical, working with sensitive customer data.

Kinvey, from Progress, is the backend for your mission-critical apps. Kinvey is HIPAA compliant and powers the Progress HealthCloud, a tailored cloud platform for healthcare organizations, pre-integrated with EHRs and other healthcare data sources.

Connections to existing data and authentication systems happen over secure pipes, and the Kinvey SDKs make it easy to encrypt and decrypt data.

When it’s time to ship, Kinvey provides BAAs, SLAs, operational intelligence dashboards and industry leading support.

Learn more
Cloud Pros Cons
“Raw” Cloud (AWS, Azure, Google Cloud)
  • Maximum access to cloud capabilities
  • Complete control over cloud resources
  • Nothing is pre-integrated; some assembly required
  • Added maintenance overhead
  • Steep learning curve
  • Unpredictable pricing
Consumer BaaS (Firebase)
  • Easy to get started
  • Abstracts “raw” cloud complexities
  • Great for “greenfield” apps with no need to access existing data/auth providers
  • Useful consumer-oriented capabilities (ads, public app stores)
  • No support for reusing existing data/auth providers
  • No cloud portability
  • Limited compliance and SLA options
Enterprise BaaS (Kinvey)
  • Easy to get started
  • Abstracts “raw” cloud complexities
  • Robust support for connecting to existing data and auth providers
  • Additional SLA and compliance options
  • Cloud portability
  • Less flexible than “raw” cloud services
  • More expensive than Consumer BaaS options

Table 6. Weighing the pros and cons of three different options

mobile-modernization-ebook-patch

Want to learn more about mobility solutions?