Sophos Mobile Control - Competitive Overview



Similar documents
How To Manage A Mobile Device Management (Mdm) Solution

IT Resource Management vs. User Empowerment

Healthcare Buyers Guide: Mobile Device Management

Sophos Mobile Control

IT Resource Management & Mobile Data Protection vs. User Empowerment

Chris Boykin VP of Professional Services

Guideline on Safe BYOD Management

How To Manage A Corporate Device Ownership (Byod) On A Corporate Network (For Employees) On An Iphone Or Ipad Or Ipa (For Non-Usenet) On Your Personal Device

AirWatch Solution Overview

Secure, Centralized, Simple

Symantec Mobile Management 7.1

McAfee Enterprise Mobility Management Versus Microsoft Exchange ActiveSync

Symantec Mobile Management 7.2

Feature List for Kaspersky Security for Mobile

Symantec Mobile Management Suite

Symantec Mobile Management 7.1

BYOD: End-to-End Security

Security Guide. BlackBerry Enterprise Service 12. for ios, Android, and Windows Phone. Version 12.0

AirWatch Pricing EUR. Effective May 15 th, 2013 Expires September 30 th, 2013

Symantec Mobile Management for Configuration Manager 7.2

Athena Mobile Device Management from Symantec

A guide to enterprise mobile device management.

Kaspersky Security for Mobile

Mobile Device Management and Security Glossary

Ben Hall Technical Pre-Sales Manager

CHOOSING AN MDM PLATFORM

1. What are the System Requirements for using the MaaS360 for Exchange ActiveSync solution?

APPENDIX B1 - FUNCTIONALITY AND INTEGRATION REQUIREMENTS RESPONSE FORM FOR A COUNTY HOSTED SOLUTION

Device Independence - BYOD -

Addressing the BYOD Challenge with Okta Mobility Management. Okta Inc. 301 Brannan Street San Francisco, CA

Bitdefender GravityZone Sales Presentation

What We Do: Simplify Enterprise Mobility

Embracing Complete BYOD Security with MDM and NAC

Bring Your Own Device Mobile Security

BYOD: Should Convenience Trump Security? Francis Tam, Partner Kevin Villanueva, Senior Manager

IBM Endpoint Manager for Mobile Devices

Codeproof Mobile Security & SaaS MDM Platform

The ForeScout Difference

Good for Enterprise Good Dynamics

Mobile Device Management in the Systems Management Ecosystem. Katie Wiederholt, Dell Software

Total Enterprise Mobility. Norbert Elek

Mobile First Government

Mobile device and application management. Speaker Name Date

BYOD in the Enterprise

Managing and Securing the Mobile Device Invasion IBM Corporation

Sophos Mobile Control Administrator guide. Product version: 3

MobileIron and Samsung Value Proposition

McAfee Enterprise Mobility Management

ForeScout MDM Enterprise

EndUser Protection. Peter Skondro. Sophos

Enterprise Mobility Services

Securing Corporate on Personal Mobile Devices

RFI Template for Enterprise MDM Solutions

Sophos Mobile Control Administrator guide. Product version: 3.6

Choosing an MDM Platform

BENEFITS OF MOBILE DEVICE MANAGEMENT

AirWatch Enterprise Mobility Management. AirWatch Enterprise Mobility Management

Enterprise Mobility Management Migration Migrating from Legacy EMM to an epo Managed EMM Environment. Paul Luetje Enterprise Solutions Architect

The Security of MDM systems. Hack In Paris 2013 Sebastien Andrivet

Unified Windows Device Management in the Enterprise

Systems Manager Cloud Based Mobile Device Management

Administration Guide. BlackBerry Enterprise Service 12. Version 12.0

The User is Evolving. July 12, 2011

How To Protect The Agency From Hackers On A Cell Phone Or Tablet Device

Where are Organizations Today? The Cloud. The Current and Future State of IT When, Where, and How To Leverage the Cloud. The Cloud and the Players

IT Self Service and BYOD Markku A Suistola

Kony Mobile Application Management (MAM)

BlackBerry Enterprise Service 10. Secure Work Space for ios and Android Version: Security Note

Frequently Asked Questions & Answers: Bring Your Own Device (BYOD) Policy

Enterprise Mobility as a Service

Building Apps for iphone and ipad. Presented by Ryan Hope, Sumeet Singh

Total Enterprise Mobility

Deploy secure, corporate access for mobile device users with the Junos Pulse Mobile Security Suite

Symantec App Center. Mobile Application Management and Protection. Data Sheet: Mobile Security and Management

Vodafone Total Managed Mobility

Five Steps to Android Readiness

Cisco Mobile Collaboration Management Service

GETS AIRWATCH MDM HANDBOOK

Critical Capabilities for Mobile Device Management

Mobile App Management:

Mobile Protection. Driving Productivity Without Compromising Protection. Brian Duckering. Mobile Trend Marketing

Mobile Device Management for CFAES

Answers to these questions will determine which mobile device types and operating systems can be allowed to access enterprise data.

Hands on, field experiences with BYOD. BYOD Seminar

Agenda. Enterprise challenges. Hybrid identity. Mobile device management. Data protection. Offering details

Transcription:

Sophos Mobile Control - Competitive Overview Content Page Introduction to MDM Market overview, positioning and discovery questions 2 Lightweight vs Heavy weight approaches 3 Competitive comparisons AirWatch 4 MobileIron 5 Comparison Sophos vs AirWatch and MobileIron 6 Good Technology 7 Comparison Sophos vs Good Technology 8 Feature comparison Sophos vs Security Vendors 9 Objection Handling and MDM Vendor Capability Overview 10

Page 2 of 10 Sophos Mobile Control Introduction to MDM What is happening in the Mobile Device Management market? The MDM market is growing rapidly (>100% per year) with many new players. It will mature over time. To support a multitude of different device types, especially in the BYOD (Bring Your Own Device) environment As the above criteria cannot be met by MS Exchange ActiveSync There is little differentiation in the level of control of the mobile devices between the different MDM products as they are limited by what the mobile OS vendors allow on their platforms. Note: Be sceptical of MDM vendors claiming they are not affected by or can circumvent explicit OS limitations. This is probably not true or applies only to jail-broken or rooted devices. Apart from Blackberry, which can be closely managed by a Blackberry Enterprise Server (BES), Apple s ios is the most frequently adopted platform in enterprises. Android has proven less popular in the enterprise due to the limited MDM capabilities provided by Google. Some OEMs have developed their own MDM capabilities for Android but these are specific to that vendor. How does Sophos Mobile Control compete in this market? SMC is very light on the mobile device SMC is easy to implement and use for customers in the mid market SMC is non-obtrusive to the device user and requires minimal training SMC is part of our Complete Security Suites Sophos is a provider of complete security which means customers can cover all their security needs from one vendor. For the mobile area, this covers especially Sophos Mobile Security, our mobile AV solution and Sophos Mobile Encryption, our data protection solution SMC is backed up by 24/7 tech support; externally audited for quality and with optional service level agreements for complete peace of mind Why do customers buy MDM solutions? value proposition To get an inventory of all smartphones and tablets accessing the corporate network or data To push out security policies and settings over-the-air (OTA) To make sure only devices compliant with their policies have access to corporate email and data To remotely lock or wipe a lost or stolen device To provide approved apps in an Enterprise App Store and control time-wasting or inappropriate applications To reduce the IT burden with over-the-air management and user selfservice web portal Discovery questions What resources are you planning to dedicate to the deployment and management of mobile devices? How will you know if devices are running malware or compromised apps? How do you know if devices are compliant and not jail-broken? How many vendors are you using to build your complete security solution? What level of technical support do you expect from your supplier?

Page 3 of 10 Lightweight vs Heavyweight / Container based approaches There are two approaches to mobile security and data protection currently available on the market, each with its advantages and disadvantages. - The lightweight MDM approach secures devices through a combination of security features available in the operating system and tools provided by the MDM vendor. - The heavyweight container app approach uses a proprietary app (container app) which holds all the data and provides all user functionality like email, calendar and document editing. Lightweight approach Vendors: Sophos, MobileIron, AirWatch, Zenprise, McAfee, Symantec, Trend Micro Advantages: Keeps the native user experience, leading to happy users Only one log-in needed Low cost of implementation 1. Easy and quick to deploy 2. Minimal user training required 3. Low user support requirement Manage and control more aspects of the device e.g. camera, app store, VPN settings, proxy settings and many other Covers other areas of MDM like device inventory, compliance check, SW distribution Disadvantages: Can only manage, what the mobile OS allows, especially in the new sandbox type of runtime environment Separation of personal and company data only possible with support of the OS vendor (like ios) or some 3rd party tools (Dual Persona, Touchdown Mail client, ) Somewhat limited control of the company data (copy&paste, forward per mail, local unprotected files) Heavyweight / Container App approach Vendors: Good Technology, Excitor Advantages: Strong control of data 1. Full control over the capabilities of the app, like encryption, separation of corporate and personal data, copy&paste protection 2. Selective wipe of corporate/personal data is very easy Disadvantages: Different user experience in the container app is not very well accepted (e.g. log-in twice) The container app requires training as it is different from the host OS A container app comes with a number of restrictions in usability, which significantly lowers the user acceptance (call number from mail) Heavyweight app is often a burden to the phone in respect to performance and battery lifetime (see the app rating in the App Stores) This approach does not protect data in other apps The container is often limited to e-mail, calendar and address book, leaving all other data unprotected Does not configure the phones other settings As you can see from the lists above, both approaches have their pros and cons. A pure play container approach is mainly focused on data protection, but leaves device management requirements uncovered. After careful consideration we chose the lightweight approach as this aligns better with the requirements of our customers.

Page 4 of 10 Sophos Mobile Control vs. AirWatch Company Profile: AirWatch - Headquartered in Atlanta, USA, Founded 2003. Privately owned - Staff: 600 - Revenue: Unknown, Estimate 20-30 million USD - Leaders in Gartner MDM MQ Product Mobile Device Management - Complete MDM functionality + extended MDM - Modern user interface, non-intuitive structure What we can exploit Complete Mobile Security - AirWatch has an offering, which includes MDM, MAM and Document Sharing (called MCM). Combining our Sophos Mobile Security offering, UTM appliances with captive page for mobile and our web appliances we offer a more complete solution. Global 24/7 Tech support - While AirWatch constantly improves its support offering, Sophos is still far ahead. Highlight our 24/7 offering and SCP certification. Complete Security from a global security vendor - AirWatch is just focused on Mobile Device Management and related features. As a global security vendor, Sophos can bring more to the table. Highlight all the benefits of a single vendor approach. SaaS Data center in Europe - Depending on the customer this may be a strength. For some mid-size customers in Europe and elsewhere, storing data in a SaaS solution in the European Union is perceived as positive. What to watch out for Nice looking user interface - Customers love the AirWatch interface at first look. If they compare SMC to AirWatch, make sure, they have used both interfaces. The AirWatch interface has a non-intuitive structure which takes time to get used to. Over Marketing - AirWatch is known for over-marketing their capabilities. They often claim support for a super set of ios and Windows Mobile capabilities. Suggest that prospects comparing AirWatch to SMC should confirm support for their environment with AirWatch. They always confirm supporting the same feature set as SMC. - This is especially true, if a prospect compares SMC against the AirWatch web page. Aggressive pricing - AirWatch has the most aggressive pricing in the MDM market. They are at the same price or 10% higher than SMC. We have heard of additional discounts beyond the public pricing. If you compete against AirWatch on pricing, please check the AirWatch web page for the latest pricing. It is changing quarterly (http://www.air-watch.com/pricing). Usually, SMC pricing can match AirWatch pricing, except for special offers or discounts. In some well-established regions, AirWatch has raised prices again and SMC can clearly undercut them. If you compete against AirWatch, try to offer multi-year contracts to undercut them and be aware of special offers. Handling objections AirWatch supports deployments over 100.000 devices Yes, AirWatch might support such deployments, but at what cost. An AirWatch server supports only 2.500 devices. Beyond this, a network load balancer, multiple servers and a common joined database is needed. The 100k installation would require >40 servers! Ask your customer to request a sizing from AirWatch for their larger deployment. AirWatch is in Gartner s leaders quadrant Undeniably, AirWatch is in the leader s quadrant, while Sophos is not. Sophos made it to the Gartner s MQ, after only 9 months in the market, which is a very good achievement. Please check the existing CIA regarding Gartner s report for more details. AirWatch provides more than MDM AirWatch claims to support multiple solutions beyond MDM: Mobile Security Mobile Content Management Mobile Application Management Mobile Email Management BYOD Management This looks good at first glance, but is marketing bloat. Mobile Content Management is the only valid solution, which can be sold separately. See Sophos components for comparison: Mobile Security > Security settings and compliance check. AW has no Mobile Security solution Mobile Content Management > Sophos Mobile Encryption Mobile Application Management > Built-into Enterprise App Store Mobile Email Management > Built-into EAS Proxy BYOD Management > A business need, not a feature, which Sophos address as well.

Page 5 of 10 Sophos Mobile Control vs. MobileIron Company Profile: MobileIron - Headquartered in Mountain View, CA, USA. Founded in 2009. Privately owned. - Staff: ~500 - Revenue: Unknown, estimated 20-30 million USD - Leaders in Gartner MDM MQ Product Advanced Mobile Device Management - Complete MDM solution but lacking extended MDM functionality - Poorly structured UI What we can exploit Complete Mobile Security - MobileIron has an offering, which includes MDM and MAM. Document protection has just been added recently and we have very little details on this. With our Sophos Mobile Security offering, UTM appliances with captive page for mobile and our web appliances we can offer more, than they have. Global 24/7 Tech support - MobileIron s support organization is not positioned to support the product globally. For example their webpage says APJ and EMEA customers: please contact your regional partners for MobileIron Support inquiries. This results in overly long support cycles in case a partner is not able to handle the support request. Complete Security from a global security vendor - MobileIron is just focused on Mobile Device Management and related features. As a global security vendor, Sophos can bring more to the table. Try to play vendor consolidation and support simplifications. If the customers buys everything from one source. Simple SaaS Solution - MobileIron s SaaS offering Connected Cloud is not as easy to setup and use as the SMC SaaS offering. It always requires a server to run in premise at a customer. Setup times at MobileIron and at the customer are much higher than with SMC. This is driven by the MobileIron architecture, which is not designed as a SaaS solution. Highlight the fact, that SMC SaaS offering is up and running in minutes without any change to the corporate IT SaaS Data center in Europe - For a lot of mid-size customers in Europe, storing data in a SaaS solution hosted in America is a critical point. Highlight the fact, that the SMC SaaS offering is hosted in a German data center Pricing - MobileIron has positioned itself as a premium vendor, resulting in a pricing which is >50% higher than Sophos and a minimum deal size of 100. In Germany they send customers below 100 away. If you feel, that the customer is price sensitive, this might give you a competitive edge What to watch out for Customer references - MobileIron is strong in reference customer sales. They can provide a success study for almost every industry, region and customer size. This is related to their time in the market.

Page 6 of 10 Comparison - Sophos Mobile Control vs. AirWatch / MobileIron Sophos AirWatch MobileIron Complete Security Vendor Yes No - MDM only No - MDM only Easy to use interface Yes Yes with some complexity in navigation Complex interface, not clearly structured Example: Compliance Settings are mixed with device settings. Compliance mitigation is in another place Mobile security offering Y N N Secure document exchange Y - Sophos Mobile Encryption Y - Secure Content Locker N Tech Support Availability 24/7 Global support operations. 24/7 - US based. Some issues with support have been raised, especially non-us. MI supports only 8-6 PST. EMEA and APJ customers have to contact MI partner/supplier Tech Support Accreditation SCP certified None None Price for 100 users (list price per user or device /year -unless stated otherwise) On premise Subscription: $31,50 Perpetual: $50,00 + 20% maintenance/year Hosted Subscription: $44.50 On premise Subscription: $39,00 Perpetual: $50,00 + 20% maintenance/year Hosted Subscription: $54 On premise Subscription: 55 Perpetual: 86,00 + 20% maintenance/year Hosted Subscription: $48 /year $4 /month Minimum license size 10 user 25 user* Platforms Gartner comments Android, Apple ios, BlackBerry, Windows Mobile See CIA for responses to Gartner (Sophos internal only) *A onetime activation fee of $1,500 is required for accounts with less than 100 devices Android, Apple ios, Mac OS X, BlackBerry, Symbian, Windows Mobile, Windows Phone AirWatch needs to raise its level of local support outside the U.S. 100 user Android, Apple ios, BlackBerry, Symbian, webos, Windows Phone It does not have its own encryption capabilities

Page 7 of 10 Sophos Mobile Control vs Good Technologies Company Profile: Good Technologies Inc. - Based in Sunnyvale, California, USA. - Products: Good for Enterprise (suite consisting of Good Mobile Messaging, Good Mobile Control, Good Mobile Access, Good Dynamics), Good for Government (access card integration, S/MIME support) Product Good for Enterprise Good is one of the few vendors who have adopted the container app approach to managing mobile devices. This means that one application is used to access secure email and for document exchange. What we can exploit SaaS Offering - Good does not offer any SaaS solution. Highlight our flexibility in deployment and fast time to go live. Sophos does not touch mails - All data send to the Good app on the device has to go via the Good NOC in America. The architecture is similar to the Blackberry architecture. This is a concern for many customers, particularly outside USA. Pricing - Good is offered at a premium price. With SMC, we will undercut Good pricing in most cases. Note: Good has just recently (Oct 2012) released a lightweight MDM offering similar to SMC. Pricing information on this product is still unknown. Usability & Employee acceptance The Good container app brings with it all the downsides of the heavy weight approach. - Usability: It has a proprietary user interface, which differs from native apps. Restrictions imposed by data protection in the container will also affect the way people can use the system, causing problems with usability. For example (depending on configuration of the container app): o o o o Users cannot dial a number directly from the container The caller s number is not linked to an address book entry, so the user cannot see, who is calling If a user wants to add a new address, he/she must make sure to add it to the Good app and not to the device address book New mails are not shown on the phone. The user has to login to the system and press sync, before new mail will arrive - Lifting these restrictions would void the security provided. - System Impact: Another area of user annoyance is the burden the Good app puts on the phone. The phone will slow down, the app uses a lot of memory and the battery lifetime will suffer. Check the App Store for user comments and use as proof points. What to watch out for Good is loved by the CISO - If the CISO is driving the decision for an MDM solution, the customer will favor restrictive solutions like Good. Try to get end users into the deal. Link them to the ratings of Good on the Apple App Store or Google Play (https://play.google.com/store/apps/details?id=com.good.android.gfe and https://play.google.com/store/apps/details?id=com.good.android.webkit.ging erbread) Selective Wipe SMC can wipe information instantly. Users with personal devices need to balance the convenience of using their device when deciding to use it for both personal and business use. Most personal devices are backed up on personal computers. Handling Objections You need Good to successfully implement BYOD - Good make a lot of noise about data security in BYOD. They claim that only the container approach will deliver the needed level of security. It all depends on the security needs of the customer. Especially on ios, the builtin data separation and data protection covers most requirements and leaves few needs for a container app. Remember to bring back the conversation to user satisfaction. Offer a trial of SMC and ask the customer to compare satisfaction. o The container app has its own password, so the user must login twice

Page 8 of 10 Comparison - Sophos Mobile Control vs. Good Technologies Opportunities Customer value & Proof point - Sophos How Good Technologies does it Single login Users only need to log in to a device once Users are forced to log in to the Good app as well as entering the normal device log-in. This can cause frustration in the long term. Uses existing infrastructure SMC requires no changes to existing communications. All email and calendar communications are routed via Good s operations center in USA. This introduces delay and may cause privacy concerns in some markets. Tech Support availability as standard 24/7 telephone, Web/Email Business hours only telephone Mon-Fri. Web/Email Tech Support Accreditation SCP certified None Price for 100 users (list price) Subscription: $31,50 Perpetual: $50,00 Street prices of >$100 have been reported Impact on the mobile device (battery, memory) Little impact on battery life or memory consumption Significant impact on battery life and memory consumption Usability Little impact on device usability Depending on configuration, significant impact on usability in standard operations (e.g. call number from mail) Gartner comments See CIA for responses to Gartner (Sophos internal only) Pro It has a large installed base in regulated sectors, such as financial services, government, defense, public sector, healthcare and professional services Con The cost of the Good solution is relatively high per user seat There are no cloud offerings, nor does Good yet integrate with major cloud-based email service providers.

Page 9 of 10 Sophos Mobile Control vs. Security Vendors Sophos Mobile Control Symantec Mobile Management McAfee Enterprise Mobility Management Trend Micro Mobile Security Kaspersky Endpoint Security for Mobile Managed through Symantec IT Management Suite (Altiris) or MS System Center on premise. There is no hosted SaaS option. Integrates with the epo management console. Hosting offered by 2e2 to ISPs and large enterprises not the SMB market. This product integrates with existing Office Scan management consoles. It has weak app management and they don t support Apple s volume purchasing. Kaspersky lacks an MDM solution per se. KESM is in essence a consumer product with basic security features. Can be managed from K. Security Center. No support for Apple ios. Platforms Android 2.2+ Apple ios 4+ BlackBerry 5.0.3+ Windows Mobile 6.1+ Android 2.0+ Apple ios 4.0+ Windows Phone 7 7.5 Windows Mobile 6 6.5 Android 2.2+ Apple ios 4.x+ BlackBerry Windows Phone 7.x Android 2.1-4.0 Apple ios 4-5.1 BlackBerry 5.0+ Symbian S60 3 rd, 5 th Windows Mobile 5-6.5 Android 1.6 4.0 BlackBerry 4.5 6.0 Symbian Windows Mobile 5.0 6.5 MDM MQ Position Niche Challenger Niche Niche - Device Inventory Over the Air enrollment and config. Lock, Wipe & Locate Self-Service Portal Optional Enterprise App Store Device Messaging Compliance Enforcement MS Exchange ActiveSync Proxy Jailbreak detection SaaS No. of downloads from Google Play 1K-5K 100-500 10K-50K 100-500 N/A Apple ios Client Managed security (SMC 3.0) ios/android Profile Manager (SMC 3.0) SCEP Support (SMC 3.0)

Page 10 of 10 General Objection Handling Sophos is not listed as a leader in the Gartner 2012 MDM MQ It is our first year in the MQ and we are well-positioned in the upper right of the niche players quadrant. We were the highest placed new entry We were included after just 9 months on the market The MQ positioning was done before our acquisition of Dialogs Sophos is not as feature-rich as some competitors We deliver complete security without complexity and are innovating fast We strive for simplicity and the most relevant features, not the most features No other vendor provides the same combination of complete security and ease of use Our capabilities closely match those highlighted as critical by Gartner (see below) MDM Vendor Capability Overview This capability overview is based on Gartner s Critical Capabilities for Mobile Device Management report published August 2012. While Sophos was not included we have made a mapping of SMC to generate comparative scores. AirWatch MobileIron Good Sophos 5 4 3 2 1 0 Policy enforcement and compliance Security Containerization Application Management Document sharing and management Scalability SaaS and cloud delivery models

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information