Skip to Content

Effectively Mobilizing Field Workers with SAP Cloud Platform Mobile Services

Business-to-Employee Scenario: Effectively mobilizing field workers with mobile apps on SAP Cloud Platform, so they can capture job data regardless of connectivity 

This blueprint provides common information, guidance, and direction for extending an SAP on-premise system, such as SAP S/4HANA, with the SAP Cloud Platform UX & mobile services to innovate fast with minimal risk and cost. Through a real customer business scenario, this guide describes a common business challenge resolved by the SAP Cloud Platform. It includes the benefits of the solution, the main SAP Cloud Platform components for licensing considerations, and a visual architecture depicting a basic architectural pattern. 

Business Scenario

Many industries employ workers to complete their daily tasks in the field with intermittent to no device connectivity. Tasks like installation of new systems, repair and/or maintenance visits, etc., can be challenging if workers are not empowered with the right tools.

Example of different industries and the types of tasks field workers may need to complete:

Industry Employee Tasks
Consumer Products
Farmer Investigate crop health in areas where connectivity is not reliable
Telecommunications 
Technicians Install cable or run phone lines into residences or business establishments
Engineering, Construction and Operations
Technicians Conduct preventative maintenance and repair activities for machines, buildings, etc.
Healthcare
Mobile Nurses
Provide in-home care for elderly or disabled
Oil and Gas
Engineers
Investigate and repair suspected leaks, maintain oil pumps, etc.
Professional Services Maintenance Person Maintain properties (e.g. tasks like landscaping, irrigation, home and office cleaning)
Retail Sales Person Replenish items in stores, take inventory, also create new sales orders
Insurance Claim Handlers Assess damage and estimate cost for repairs on a claim

Oil and Gas Industry Example

An oil and gas company sends workers out to oil rigs daily to perform specific tasks that ensure operations and productivity run as expected. While on the rig, employees have no connectivity and are often required to manually document and report their activities. In past, the company has experienced many issues with this approach, including inaccurate information being entered or lag times in order execution.

The company also recognizes the need to implement a solution to automate their field workers tasks and eliminate the need for manual data entry, thus significantly reducing the margin for error. As field workers operate in a hazardous environment, the company has approved devices from different vendors that comply with their safety requirements. In consequence, the solution must support multiple mobile operating systems.

Solution

Mobilizing field workers with mobile apps can help companies gain competitive advantage in the digital age. Field workers are often closest to your customers, so it makes sense to arm them with practical, easy-to-use mobile apps that can access and communicate relevant business information in real-time. It can help organizations develop productive employees by providing them with easy access to relevant information for products and services offered, and by giving them the tools to access organizational information from any geographic location, regardless of connectivity.  

Solution Description

A hybrid offline app was developed for this company and rolled out to field workers. Hybrid apps are a breed of application that seeks to combine the flexibility of web apps with the power of native apps. A Hybrid app was chosen for several reasons: (1) The solution needed to support multiple mobile operating systems, (2) workers needed an easy-to-use and standard user experience and (3) the company had a team of developers with existing HTML/WEB skillset.

Armed with this mobile app, workers would go out into the field and launch the app on their mobile device or tablet and immediately see a list of tasks they need to complete. They can start by opening a task, for example check to see if something needs to be fixed. They go through the steps, updating the app as they work. For example, if a part needs to be replaced, they can create a request for service and order any necessary parts. They can log the follow up items to be achieved once the part(s) ordered are received, bill their time and any other items, sign off on the job and close it. When their shift is completed and they return from the rig they connect their app and all the data stored on the device from their day is flushed out and synced with the company’s backend system. Using this approach, they eliminated the need for manual entry completely and have realized an increase in employee satisfaction. 

Solution Benefits

The efficiency and quality of the field worker service can impact the bottom line and the overall success of the company in any industry:

Industry Employee Benefits
Consumer Products Farmer Team project management is enhanced with easy access to relevant data, allowing them to provide better service
Telecommunications Technicians Technicians can access other corporate data and quickly detect the source of the problem, allowing them to reduce delays and provide better service
Engineering, Construction and Operations
Technicians Technicians are able to make informed decisions with up to date information and are able to make better responses to organizational issues, allowing them to reduce both delays and cost
Healthcare
Mobile
Nurses
Nurses can access up-to-date information about their patients (i.e., pre-existing conditions, known allergies), allowing them to provide better service
Oil and Gas
Engineers
Engineers can view blueprints of commercial infrastructure, repair recommendations, safety protocols etc.  
Professional Services Maintenance
Person
Service providers can access up-to-date customer schedules and location, allowing organizations to plan better routes and reduce costs
Retail Sales
Person
Sales person can stock items in the shelf, take inventory of items in the shelf, create new sales orders of items that need to be replenished etc.  
Insurance Claim Handlers Claim handler can access the information they need to complete their tasks with a personalized and simplified user experience, allowing them to have faster and direct access to relevant information and higher throughput

The next section describes how organizations in any industry can leverage the SAP Cloud Platform and its UX/mobile services to provide field workers with mobile apps to access corporate data and capture job data, regardless of connectivity.

Solution Diagrams

SAP Cloud Platform is the extension platform for SAP. It enables developers to develop loosely coupled extension applications securely, thus implementing additional workflows or modules on top of the existing solution they already have.

SAP Cloud Platform supports scenarios for consumers (B2C), for partners (B2B), and for employees (B2E). The solution provided in this blueprint is part of a company B2E scenario.The B2E scenario is related to services for employees of an organization and it defines certain aspects of the architecture:

  • Employees can access various applications with one logon and the logon information is generally stored in a corporate user store, which is part of the company landscape. This means we need a service in the cloud that can integrate and authenticate employees with a corporate user store.
  • Scheduled downtimes are acceptable because employees won’t be in the field outside working hours. It means the mobile application can use the backend system, such as SAP S/4HANA, as the data source. No need for additional data store or replication processes.
  • Easy-to-use and robust solutions with standard UX are expected. The solution needs to guarantee the workers can access corporate data in offline mode.

Reference Solution Diagram

The following graphical diagram of the solution illustrates a basic architectural pattern for extending an on-premise system, such as SAP S/4HANA, to mobilize field workers with the SAP Cloud Platform UX and mobile services.

Reference Solution Components

SAP Cloud Platform components for licensing considerations

Named users are individuals authorized to access the Cloud Service. Organizations can estimate that each named users will need at least 1 logon/day to the Identity Authentication service.

Check with our sales representatives for further availability details

SAP Cloud Platform services Function Licensing metrics Example
SAP Cloud Platform mobile service for development and operation Build and run hybrid apps.   Named users 1 named user
SAP Cloud Platform Identity Authentication service (Optional) Secure authentication and single sign-on for users in the cloud Logon blocks of 100/Month 100 logons
SAP Cloud Platform Bandwidth Data transfer rate to a subscribed user Blocks of 10 GB bandwidth/month 10 GB
Use the SAP Cloud Platform pricing estimator to calculate the required investment.
Scale up or down as required.
 
Other components needed to implement this scenario  
Other Components Function
Mobile Client Organizations can choose to develop native or hybrid applications according to their needs, resources, and skills. Applications can be developed using SAP Mobile Platform SDK. The SAP Mobile Platform SDK provides developer tools to streamline the development, delivery, security and management of mobile applications
SAP Cloud Platform Connectivity service Allows SAP Cloud Platform applications to access securely remote services that run on the Internet or on-premise
Cloud Connector Enables scenarios in which cloud applications access and extend on-premise systems. It establishes secure technical connectivity between SAP Cloud Platform accounts and a protected on-premise network. In this solution, the SAP Cloud Connector is used to connect SAP Cloud Platform to customer Identity provider and SAP Gateway as part of the customer’s landscape. 
Corporate User Store The corporate user store that provides identifiers for users looking to interact with a system. When the SAP Cloud Platform Identity Authentication service is configured to use your corporate user store, it allows employees to authenticate with their corporate credentials eliminating the need to use another set of credentials for their cloud access. This solution is integrating an LDAP user store running in Windows Azure, but it could be other SAML2.0 compliant Identity providers running in the cloud or on the corporate networks
SAP Gateway Offers development and generation tools to create OData services to a variety of client development tools. It establishes a connection between SAP backend systems data and target clients, platforms, and programming framework. SAP S/4HANA runs a co-deployed (embedded) gateway. However, SAP typically recommends to have one central SAP Gateway hub deployment for customers who connect SAP Gateway to several SAP backend systems
SAP S/4HANA Is the primary data source system where the business processes are defined and transactional data is stored on a daily basis

Mobile Services for Development and Operations

The mobile service for development and operations is a full-featured mobile app platform delivered as-a-service that allows you to quickly create and operate mobile apps with full offline support, notification services, superior back-end integration and enterprise-grade security. Key features of the mobile app is the ability to work in an offline scenario.

Offline Support

Create, Read, Update and Delete operations (CRUD operations) can be performed against the local store when the device is in offline mode.  Local changes that were made offline can be synchronized with the backend database when the device is in online mode.  Similarly, backend changes can be synchronized with the local store.  ETags is one option that can be used to resolve conflicts when the same record is changed on both the local store and the backend. 

There are several benefits when using offline sync:

  • Reading data from the local store is significantly faster than retrieving data from the network.  This increases the app responsiveness
  • Continuous operation of the application regardless of network connectivity increases the app reliability and adoption
  • Since data is read from the local store it limits the amount of network usage.  This is especially critical in high latency or metered networks

The Kapsel Offline OData plugin enables offline support for an OData version 2.0 based application that has its data proxied through the Mobile Service for Development and Operations.  The manifest.json file in an SAP UI5 project defines the entity sets that needs to persisted locally.  Furthermore, SAP Web IDE allows developers to rapidly include Kapsel Offline OData plugins when building and packaging their device platform artifacts.   

A command line utility (ilo.exe) can be used for querying against the local store during the development phase.  In addition, this utility can also be used for Create, Update and Delete operations.  Troubleshooting synchronization issues with local store can be simplified with the help of this utility.

Efficiently synchronizing only changed data between the backend and the local store results in smaller payloads being transmitted thereby lowering network usage and offering much better overall performance. Mobile services for development and operations server is designed to work with delta token calculations on the backend.  In the event, delta token calculations are not implemented on the backend, the Mobile Service for Development and Operations server has the ability to perform the calculation and persist changed keys on the platform.  Furthermore, an offline configuration file can be uploaded to the Mobile Service for Development and Operations server to optimize the offline synchronization capabilities.

Performance Considerations

Even though the mobile services for development and operations is originally designed for fairly large volume for mobile devices, additional performance improvements must be implemented within the OData producer, SAP Gateway in this scenario, to provide field worder with a exceptional user experience.

Improving initial synchronization experience
When field workers need to deal with large volume of data, server-side paging techniques should be used. It will improve performance and avoid errors messages caused simply because the data they are trying to download is too big. In a nutshell, server-side paging techniques allow the services to limit the size of a response to a given query reducing the impact of large queries on the overall response times of the backend system.

Improving consecutive synchronization experience
When field workders complete their inspection and return to the office, they can connect their app and synchronize the data with the company’s backend system. Delta tracking techniques can be used to exchange only those resources that were created/changed/deleted since the last time workers synchronized the data. The SAP exchange framework calculates deltas at modification time. The backend system can track relevant changes when they occur. The result is a system that is much more scalable and offers much better overall performance.

Designing the mobile app to handle any conflicts and errors
When hundreds or thousands of field workers handle corporate data in offline mode, there is a chance conflicts will occur when workers synchronize the data. The mobile services for development and operations, together with the SAP Gateway, provide with several conflict resolution mechanisms for your application to include a process to either avoid conflicts, or to log them when they arise

Protecting your workers’ data
Your field workers may handle sensitive data that needs to be protected in case their mobile devices are lost or stolen. The mobile services for development and operations provide with security mechanisms to encrypt the data the mobile app collects and stores on the device.

These are not all, but the main considerations developers and architects need to take into account when designing and developing mobile applications for field workers who need to access relevant business information in the field with intermittent to no device connectivity.

Security

Overview

Security in the cloud also referred to as ‘Cloud Computing Security’ encompasses a variety of procedures, standards and technologies employed to protect data, applications and associated infrastructure. To make it easier to understand, consider breaking it up into three topics: Authentication, Authorization and Single Sign-on.  

Consider the following topic descriptions:

  1. Authentication is the process of proving that an application user is who they say they are.
  2. Authorization is the process of providing permissions to the user, giving users the access to the application data that they need.
  3. Single Sign-On is the service that permits a user to use one set of login credentials to access multiple applications.

The diagram below depicts at a high level where the three security topics fit in an oveall  SAP Cloud Platform solution:

Solution Security Considerations

SAP Cloud Platform Identity Authentication is a cloud solution for identity lifecycle management for SAP Cloud Platform applications, and optionally for on-premise applications. It provides services for authentication, single sign-on, and on-premise integration as well as self-services such as registration or password reset for employees.

When implementing the solution just described, keep in mind that each the three security topics described above have a number of options for how they get implemented with the SAP Cloud Platform. For this solution, Corporate User Store was the chosen method for doing authentication and Principal Propagation was chosen for single sign-on. Regarding the authorization, it is the backend OData Service that enforces authorization to only return rows that the user is entitled to.

Below you will find the security solution diagram and the process steps for each of the three chosen security topics. You can go to the entire security blueprint by clicking on the link in the section.  From the security blueprint, you can link to all the other options you have for authentication, authorization and single sign on in the blueprint library.

Scenario Authentication

Corporate User Store - This blueprint provides common information, guidance, and direction for implementing a Corporate User Store as a user repository along with the SAP Cloud Platform Identity Authentication service for applications on the SAP Cloud Platform to use as it IdP. It will allow you to use a common source of identities for all your cloud based application.  It provides a standard, internationally adopted method for authentication using SAML assertions.

For more information, visit SAP Cloud Platform Blueprint - Corporate User Store

Scenario Single Sign-On

Principal Propagation - This blueprint provides common information, guidance, and direction for implementing principal propagation with X.509 certificate from SAP Cloud Platform to the backend system that is running on-premise to achive Single Sign-On. It will allow you to use this method for any endpoint service that accept X.509 certificate base authenticion.

For more information, visit SAP Cloud Platform Blueprint - Principal Propagation

Learn more

This blueprint highlights important considerations companies need to analyze when building mobile apps with offline capability in order to achieve effective field mobilization. However, it is recommended to review further information to help you design and develop mobile apps with offline functionality. The following resources are a starting point:

Preparing backend system for offline access:

Connecting SAP Cloud Connector with the SAP Cloud Platform: This official guide describes how to install and configure the SAP Cloud Platform cloud connector (cloud connector) to serve as the link between on-demand applications in SAP Cloud Platform and existing on-premise systems.

Configuring and Building Apps through Cloud Build Service: SAP Web IDE and the Hybrid App Toolkit plugin enable you to build your apps through the cloud build service.

 

Back to top