Tableau Mobile Deployment
This content is part of the Tableau Blueprint Methodology. Meet Tableau Blueprint(Link opens in a new window).
Mobile business intelligence enables any user to make decisions no matter where they are. We’re no longer shackled to our desks; we’re on the go, visiting customers, traveling, or walking the shop floor. With Tableau, any workbook you create is automatically mobile-enabled when accessed from a device. You can pinch to zoom, swipe to scroll, and leverage other touch-optimized interactions like quick filters. You can also edit workbooks and create new views to answer new questions from your data. This works seamlessly in a mobile browser, with an embedded viz in custom mobile apps, and in the Tableau Mobile app itself.
Key consideration for deploying Tableau Mobile are listed in the Tableau Enterprise Architecture Survey of the Tableau Blueprint Planner. The following roles should be involved in the mobile deployment: Network Administrator, Security Administrator, and Mobile Device Management Administrator along with the Tableau Server or Tableau Cloud Administrator, content authors, and business users with specific mobile requirements.
Tableau Mobile App Distribution
Organizations have various strategies for distributing mobile apps to their users. Many enterprises distribute apps via a Mobile Device Management (MDM) platform, these provide precise control over how and to whom the app is deployed. In addition to controlling app delivery, MDM platforms let you customize the Tableau sign-in experience, configure app policies, and provide additional security and governance controls. They can also make the sign in process easier. In this scenario, a user with a device enrolled in their organization’s MDM platform would go to the internal app store provided by the MDM platform and download the app from that catalog.
To manage Tableau mobile deployments, we recommend using mobile device management (MDM) or mobile application management (MAM). The following are supported mobile management systems: Blackberry Dynamics, VMware Workspace ONE, MobileIron, Citrix Endpoint Management (formerly XenMobile), and Microsoft Intune. Users will see touch-optimized views on Apple iPad and iPhone, Android phone and tablet, as well as mobile browsers. For more information, visit .
For organizations who haven’t invested in MDM, users can simply download the Tableau Mobile app from public app stores, and then connect directly to the service.
Securing Mobile Data
Security is paramount in any mobile deployment. Mobile devices will be out and about in the wild. They will be used on different networks. They may even include users’ personal devices if your organization supports a bring-your-own-device (BYOD) policy. It’s critical that your data remain secure both in transit and at-rest.
If you use Tableau Cloud, we securely connect to data for you so there’s no additional effort on your part. Tableau Cloud by default leverages SSL communications and the Tableau Mobile app supports it by default. If you use Tableau Server, SSL should be configured . This ensures that all to- and from-traffic is encrypted and helps avoid potential man-in-the-middle attacks.
You must also determine how your Tableau Server will be reachable by a mobile device if the device isn’t on the same network or the internet. There are two options to tunnel through your corporate firewall to reach the server: connect via a VPN, or use a reverse-proxy server. The choice of which option is best for your organization depends on many factors, such as whether you have an existing solution (VPN or proxy) that you can use, licensing costs, security considerations, and user experience. Ensure that the cross-fuctional project team discusses this topic and understands the options. Because Tableau Cloud is a fully-hosted SaaS offering, it can be accessed from the Internet with valid login credentials to your site.
The final piece of security involves data-at-rest, which Tableau takes care of for you. All information that gets persisted on a device, such as metadata about content, snapshot images, and access tokens, is securely stored using native OS encryption. As a best practice, consider regularly confirming overall data security by having a third-party security specialist audit your organization.
Before users can get to their data, they have to sign in to the Tableau Server or Tableau Cloud. While this may sound obvious, ensuring that users have a secure, seamless experience is critical. If users struggle to sign in, they’ll give up on mobile workflows, undermining your entire deployment effort. The value of Tableau Mobile is realized when people have access to data when and where they need it. To streamline sign-in, we recommend using a single-sign on (SSO) technology like Active Directory, SAML, or Kerberos. SSO lets users use their existing set of corporate network credentials rather than having to memorize something new.
In addition to SSO, we recommend leveraging additional capabilities provided by MDM platforms to improve the sign-in experience. With MDM, you can display a preset list of servers to connect to, and even automatically fill in their user ID. MDM can also push out policies and certificates, so that everything is pre-installed and configured ahead of time. For example, with Kerberos authentication, MDM can push certificates to devices so that authentication happens behind the scenes and users aren’t even prompted for credentials. MDM can also automate tasks such as loading a VPN client in the background when needed, eliminating a bunch of initial steps for users so they can go to the app and directly connect to their data. Anything you can do to reduce friction in the sign-in experience will pay off in greatly increased mobile usage.
Configure Offline Access
As mobile users travel offsite, their internet connectivity can vary, so a seamless offline experience is a big benefit. For quick offline access on mobile devices, Tableau Mobile automatically caches high-resolution snapshot images of a user’s favorite views. When users know they’re about to go offline for a period of time, they can manually refresh snapshot images in the app. On iOS, snapshots are also regularly refreshed in the background. Snapshots are beneficial even when users have connectivity because they provide at-a-glance access to the most important content. For example, users can pan and zoom snapshots to zero in on areas of interest and swipe between them as they‘re walking between meetings. When a user finds something of interest in a snapshot, they can tap it to go to the interactive view and answer additional questions with their data. As an administrator, you can disable cached snapshots for specific sites, but in most cases you’ll find that the advantages of snapshots access outweigh any security concerns, as snapshots exclude the raw underlying data and are stored encrypted on the device.
Rollout and Support
Pilot your mobile rollout by testing it with a small group of users first. After addressing any issues you uncover, extend the rollout to your entire organization, with accompanying step-by-step instructions that help users quickly set up their devices. An initial, in-person training session can dramatically speed up adoption, particularly if your organization uses unique deployment options.
If you use Tableau Server, consider creating custom admin views for mobile, drawing upon the rich database of user behavior stored in the Tableau Server repository. To continuously improve your organization's mobile experience, capture feedback from users while they’re on the go. Successful approaches include a weekly “mobile office hours” meeting that anyone can dial into, and an email alias specific to mobile support that routes issues right to your group.