Jquery mobile security for new project

Question

We are currently looking at the possibility of a jquery mobile app for company employees. But, we don't have a ton of experience and would like suggestions on how to do security?

Background:

• Salesmen with Android phones or Iphones
• most of the time on foreign wireless or 3g/4g, sometimes on intranet/internal wireless.
• Would like app to show customer info, current orders, pricing, etc
• Windows 2008 Active Directory environment.

Obviously because of the sensitive customer data, security would be fairly important.

Just barely researching jquery mobile, and wondering what the ideas for security are out there?

Also, all the phones are company provided, and we have access to the full phone, would using something hardware/os related on the phone provide extra security? A hash of the imei, phone number, mac address, etc?

Thanks

Answer 1

Run the company portal on HTTPS - assuming you are just building a regular site. If you are planning on wrapping it in a e.g. a PhoneGap layer, be sure to communicate securely.