Hello,
My organization wants to store data and run all apps through the Enterprise portal due to security issues, which is not public-facing. As a result, the moment we are not on the organization network, we are running into data accessibility and app functionality issues. VPN works in certain situations but not ideal for mobile applications and hardware.
We are debating an alternate solution and we want to understand the security implications of this before implementing it:
We could make the REST urls of the portal-hosted data public and build our mobile apps on the organization's AGO platform using those urls. While the apps would be behind the AGO login, the source urls are still public. How easy/difficult is it for someone to stumble across a public REST url under such setup if they don't have access to the organization's AGO login?
Thanks for your help!
Deb.