How to Release Fusion Set Templates Between Teams in a DevSecOps Build System

This Knowledge Base article explains how to use Appdome’s Release Fusion Set functionality to move mobile app protection templates (Fusion Sets) through a security release process involving different teams while maintaining a’separation of duties’ among the teams and their participants.

What is the Appdome Release Fusion Set Feature?

Appdome’s  Release Fusion Set to New Team  feature allows customers to securely transfer security templates (Fusion Sets) to other teams within the security release process in a way that helps organizations comply with separation of duties requirements. This is achieved by ensuring that roles, responsibilities, and entitlements are distributed among various teams. Additionally, it prevents any team member involved in sharing Fusion Sets between different teams from being a member of both teams.

Separation of Duties, also known as segregation of duties, comprises operational practices and internal compliance measures aimed at preventing security control failures and/or abusive practices. This goal is achieved by distributing the responsibilities and associated privileges for a specific security process across multiple individuals on different teams. Controls and entitlements are applied to enforce this separation and prevent any team member from assuming roles in multiple teams. A practical example of separation of duties would be a scenario where a person who requests approval for a task is not allowed to approve it themselves.

Prerequisites for using Appdome Release Fusion Set

In order to use Appdome’s Release Fusion Set feature, you’ll need the following:

• Appdome account
• Mobile App (.ipa for iOS, or .apk or .aab for Android)
• A Fusion Set which you want to release
• A license to Release Fusion Set
• The entitlement of Release Fusion Set must be enabled for a particular Appdome user.

How To Use Appdome Release Fusion Set (With Separation of Duties)

To access the Release Fusion Set feature, use any of the methods below:

• Create a fusion set
• Select the Release Fusion Set icon (which becomes visible when hovering).
  
• Alternatively, click the … (Details) icon to open Fusion Set Summary, with the Fusion Set details tab displayed by default.
• Click Release Fusion Set.
  
• After selecting Release Fusion Set, you may be presented with several options. If your company requires separation of duties, select the option Release Fusion Set to New Team, as shown below. This option will ensure that the Released Fusion Set is frozen for both teams and maintain separation of duties by not allowing team members to be part of both the originating team and the receiving team for the Released Fusion Set.
  
• To continue with the Release Fusion Set To New Team option, enter the Team Name and Team ID in the required fields, as shown below.
  Note: In order to use the Release Fusion Set To New Team option, we recommend including Fusion Freeze Settings for both teams, even if the Fusion Set for the originating team was not frozen. For more details on how to freeze fusion sets, please refer to this knowledge base article: How to Freeze-Lock Protection Templates for Android & iOS Apps.

  Note: Before clicking Release, you can cancel or click the X button at the top right to avoid this option. Then, go back to Team Selection, and select a different fusion set to copy to the new team. For more details on Fusion Set templates, please refer to this knowledge base article:  How to Create and Manage Appdome Mobile App Protection Templates for Android & iOS Apps.

• Click Release
  
• Upon successful release, the team member who released the Fusion Set will see the following notification.
  
• After releasing the Fusion Set, you will see an indication within your own Team (Team 1) that the Fusion Set is frozen and released, as shown in the figures below.

  
  
  

The receiving Team (Team 2)  will see an on-screen alert notifying them that the Fusion Set has been released to their team. Entitled members of the receiving team will see an option to either “Accept” or “Decline” the Released Fusion Set (Note, only team members who have the proper entitlement will see this alert).

Note: The receiving team will also receive an email notification (if that option is enabled) with all the details about the released fusion set.

The receiving team can preview all the security features contained within the Released Fusion Set by selecting it.

Note: The receiving team will not be able to build with the Released Fusion Set until they have accepted it. This is indicated when the Build My App button remains disabled (greyed out) until the Released Fusion Set is accepted.

Related Articles

• Freeze Fusion Set
• How to Manage Fusion Set Security Templates iOS/Android
• How to Create and Manage Appdome Mobile App Protection Templates for Android & iOS Apps

If you have any questions, please send them our way at support.appdome.com or via the chat window on the Appdome platform.

Thank you!