There are two buzz words that are flying around the enterprise world right now and that is SaaS (Software as a Service) and SSO (Single Sign-On). These two naturally go hand in hand in any conversation about security and moving an enterprise application to the cloud. IT directors will always throw out the big “S” word when someone suggests you move Maximo to any 3rd party hosting provider in the cloud, whether you go with Amazon Web Services or a more specialized Maximo hosting provider like Projetech. Their first question will be, “How do we keep our user information/credentials secure”? And the answer to that is with SSO, more specifically SAML.
Single Sign-On isn’t a new concept but in the mobile enterprise world, it is, especially with mobile operating systems like iOS and Android. When it comes to SSO and the enterprise, SAML (Security Assertion Markup Language) is the preferred way for a high level of security. SAML is a framework for user authentication and authorization between two entities; particularly, service providers that host Web applications such as Maximo. For more information, click here for an overview of SAML.
With the release of Maximo 220.127.116.11, IBM added SAML support specifically because their Maximo SaaS is growing at an alarming rate. I was recently at InterConnect and an IBM representative, presenting Maximo SaaS options, mentioned they added support for SAML specifically for the City of Austin using their Cloud Flex program.
So the question now, is your mobile solution for Maximo ready for the cloud and enterprise SSO? Your answer is probably “No”. Don’t be discouraged because there is a technical reason for that. First and foremost, when you enable SAML for Maximo, there are a few limitations and the following features do not function, and the first is a BIG one:
- The OSLC, REST, and the Maximo Integration Framework is disabled
- E-Signature is not supported
- User synchronization is not supported
- BIRT Report Only Server and Cognos is not supported
All of these features are not supported when you use SAML without a direct LDAP connection. But why would you give a third party software provider direct access to your LDAP? Where is the security in that? If you did, why use SAML at all?
With the OSLC or the Maximo Integration Framework disabled, every mobile solution that relies on it will not work with SAML. This includes IBM Maximo Anywhere which was confirmed by an IBM Cloud representative that I recently spoke to. There isn’t a single mobile solution provider for Maximo that supports SAML, except one, EZMaxMobile.
EZMaxMobile is the only solution that doesn’t use the MIF/OSLC for many reasons and now supporting SAML is the biggest reason. All in the name of the big “S” word, security. Fundamentally, EZMaxMobile is a web application which is the basis for SAML to work, whereas all other mobile providers are native mobile applications that don’t support it.
So, if you are thinking of going to the cloud and in need of a mobile solution, feel free to contact us for a demo today and let us secure your mobile enterprise.