Northern Trust Case Study from Gartner Catalyst 2012 Featuring Layer 7 Mobile Access Gateway: Beyond the Wireless Tether: An “Occasionally-Connected” Architecture
Similar to Northern Trust Case Study from Gartner Catalyst 2012 Featuring Layer 7 Mobile Access Gateway: Beyond the Wireless Tether: An “Occasionally-Connected” Architecture
Similar to Northern Trust Case Study from Gartner Catalyst 2012 Featuring Layer 7 Mobile Access Gateway: Beyond the Wireless Tether: An “Occasionally-Connected” Architecture (20)
Northern Trust Case Study from Gartner Catalyst 2012 Featuring Layer 7 Mobile Access Gateway: Beyond the Wireless Tether: An “Occasionally-Connected” Architecture
2. About me…
Christopher Price
Vice President, The Northern Trust Company
cp68@ntrs.com
Architecture and Innovation Team member
IT Standards and Guidance
Evaluation of New Technologies
R&D for High Value Projects
At Northern Trust for 7 years, experience with:
Enterprise Architecture
Software Design and Development
2 “Beyond the Wireless Tether” - Gartner Catalyst 2012
3. Agenda
Background on Northern Trust
Determining the Requirements
Application Architecture
Infrastructure
Security
3 “Beyond the Wireless Tether” - Gartner Catalyst 2012
4. Northern Trust Overview
Founded in 1889, Northern Trust Corporation is a global
leader in asset servicing, asset management, wealth
management, and banking for personal and institutional
clients.
Assets under custody
US$4.6 trillion
Assets under management
US$704 billion
Banking Assets
US$94 billion
*As of 30 June 2012
4 “Beyond the Wireless Tether” - Gartner Catalyst 2012
5. Northern Trust’s Global Presence
Chicago (Corporate HQ) Abu Dhabi Guernsey London
Toronto Amsterdam Jersey Luxembourg
New York Dublin Limerick Stockholm
Bangalore
Beijing
Hong Kong
Melbourne
A network of offices Singapore
in 18 States and Tokyo
Washington D.C.
5 “Beyond the Wireless Tether” - Gartner Catalyst 2012
6. Agenda
Background on Northern Trust
Determining the Requirements
Application Architecture
Infrastructure
Security
6 “Beyond the Wireless Tether” - Gartner Catalyst 2012
7. Determining the Requirements
Focus on what matters to clients, not on technology.
Relationship managers want latest mobile technology but need:
All data necessary to conduct meeting
Minimal distractions
Ability to work anywhere the client is located
Having “zero bars” shouldn’t hinder the conversation!
7 “Beyond the Wireless Tether” - Gartner Catalyst 2012
8. Business Requirements
Need to avoid this situation….
WELCOME - Today’s Agenda
9am – 9:05am Attempt to connect to available Wi-Fi with incorrect settings
9:05am – 9:15am Give up and struggle with slow 3G connection
9:15am – 9:20am Locate presentation materials with assistance from help desk
9:20am – 9:30am Diagnose problems with projector and screen
9:30am – 10am Finally… Discuss client’s financial goals
8 “Beyond the Wireless Tether” - Gartner Catalyst 2012
9. Technology Requirements
The two primary technology requirements...
Disconnected mode
Maximize time with client
No connections to establish.
No interruptions caused by poor reception, network outage, etc.
Quick
Highly responsive user interface by minimizing server requests.
Not relying on slow connections to transfer large documents during meetings.
Reach
Client meeting location not bounded by reach of antennas.
Want to accompany the client on their yacht? – No problem.
Security
Highly sensitive client data being stored.
Mobile device more susceptible to loss and theft.
Primarily using untrusted networks.
9 “Beyond the Wireless Tether” - Gartner Catalyst 2012
10. Agenda
Background on Northern Trust
Determining the Requirements
Application Architecture
Infrastructure
Security
10 “Beyond the Wireless Tether” - Gartner Catalyst 2012
11. Architectural Choices
“Got the requirements, let’s build a mobile app!” ...not so fast.
Need to establish formal guidance for building mobile solutions at
Northern Trust with help from vendors, consultants and peers.
The result: Northern Trust Mobile Strategy and Reference Architecture
Strategy contains guidance for management:
• Definition of mobile apps, devices and content
• Governance recommendations
• Usage Policies
• Risks
• Etc.
Architecture contains developer guidance:
• Style of app: web, native, or hybrid
• Security
• Device support
• Service development
• Etc.
11 “Beyond the Wireless Tether” - Gartner Catalyst 2012
12. Architectural Choices
First major decision…web, native or hybrid*?
Web/Hybrid Native
* Defined as a thin native wrapper around a primarily HTML/JS view. Hybrid apps fall within a
spectrum between web and native depending upon how many native features are utilized.
12 “Beyond the Wireless Tether” - Gartner Catalyst 2012
13. Architectural Choices
Decision: Native Application Architecture
1) Secure offline operation
Secure local storage
“Why not HTML5 local storage?”
Size restrictions (app is a storage hog!)
Reliability – browser cache easily erased
Security concerns
2) Superior presentation
Better appearance
Greater app awareness
3) Performance
Fewer round-trips to server
Quicker rendering
13 “Beyond the Wireless Tether” - Gartner Catalyst 2012
14. Architectural Choices
BUT: Typically don’t recommend native at Northern Trust
Web or hybrid apps are preferred because:
Cheaper to build with in-house web expertise
Majority of effort is reusable
Can be indistinguishable from native with HTML5/JavaScript
Quicker to deliver new features
14 “Beyond the Wireless Tether” - Gartner Catalyst 2012
16. Agenda
Background on Northern Trust
Determining the Requirements
Application Architecture
Infrastructure
Security
16 “Beyond the Wireless Tether” - Gartner Catalyst 2012
17. Infrastructure
1. User places documents in folder on internal portal
2. Synchronization initiated by user from iOS app while online
3. Middleware sends updates back and forth between mobile
app and source systems.
17 “Beyond the Wireless Tether” - Gartner Catalyst 2012
18. Infrastructure
Decision: iOS Platform Only
Internal application. Control of device choice
Users more familiar with Apple products. Less training.
Fewer platform specific updates.
2012 Market share
Apple
Android
Microsoft
Other
http://www.gartner.com/it/page.jsp?id=1980115
18 “Beyond the Wireless Tether” - Gartner Catalyst 2012
19. Infrastructure
Decision: Vended service gateway
Layer 7 is edge security for external services
Integration with authentication providers
Speaks multiple security protocols
Custom solution added no value
http://www.gartner.com/technology/reprints.do?id=1-17Q04QM&ct=111019&st=sg
19 “Beyond the Wireless Tether” - Gartner Catalyst 2012
20. Infrastructure
Decision: ReST over SOAP
Lightweight - important for mobile
Heavier SOAP difficult to handle on mobile client.
Mobile clients have APIs for handling basic URL calls
Poor web service support in iOS/Android unlike in Java or .NET
20 “Beyond the Wireless Tether” - Gartner Catalyst 2012
21. Infrastructure
Decision: Custom Middleware
Purpose – Extract data from source systems, feed to mobile client apps
Why Custom?
Anticipated consolidation within market for mobile middleware (MEAP)
Cloud based solution not acceptable for use case
Custom source system integration
21 “Beyond the Wireless Tether” - Gartner Catalyst 2012
22. Agenda
Background on Northern Trust
Determining the Requirements
Application Architecture
Infrastructure
Security
22 “Beyond the Wireless Tether” - Gartner Catalyst 2012
23. Security
Decision: Plan for the worst with numerous security layers
Over the wire
OAuth 2.0
Popular standard for cloud APIs
Open to federation in future with 3rd parties
Easy to use with ReST services
Two-factor
Access token required due to sensitivity of data
RSA SecurID Software Token + iOS SDK chosen for limited
user involvement
Better user experience, but still as secure as physical token
23 “Beyond the Wireless Tether” - Gartner Catalyst 2012
24. Security
On device
Mobile Device Management (MDM)
Passcode requirement
Remote data wipe
Local Authentication
Support offline identification of users
Future SSO with all Northern Trust applications
Local Encryption
Secure whether online or off
Strongest available algorithms
Double security – iOS platform and custom
24 “Beyond the Wireless Tether” - Gartner Catalyst 2012
25. Summary
Listen to your clients
Define your Strategy
Design for Resilience
Go Web by default
Buy a Gateway
Caution: Middleware
Security: Plan for a worst case
25 “Beyond the Wireless Tether” - Gartner Catalyst 2012
26. Questions?
Thank you for attending!
26 “Beyond the Wireless Tether” - Gartner Catalyst 2012