Unified Device Management Allows Centralized Governance of Corporate Network Devices



Similar documents
How Microsoft IT manages mobile device management

New Features: What s new in Windows Intune?

How To Make Your Computer System More Secure And Secure

Course Outline. Mobile Device Management Course 55078: 2 days Instructor Led

Athena Mobile Device Management from Symantec

Overview of Microsoft Enterprise Mobility Suite (EMS) Cloud University

Symantec Mobile Management for Configuration Manager 7.2

People-centric IT: Bedeutung für das Identity und Access Management. Uwe Lüthy Solution Sales Specialist Core Infrastructure Microsoft Schweiz Gmbh

Summary... 1 What s New in This Brief... 1 Details... 1 Customer Scenarios... 3 Frequently Asked Questions... 6

Empowering People-Centric IT. October 2013

Symantec Mobile Management 7.2

Getting value Changing the way people communicate and how businesses can take advantage of new opportunities.

Cloud Based Device Management Using Enterprise Mobility Suite Production Pilot Service Definition Document

SOLUTION BRIEF Enterprise Mobility Management. Critical Elements of an Enterprise Mobility Management Suite

What We Do: Simplify Enterprise Mobility

An Overview of Samsung KNOX Active Directory and Group Policy Features

Infrastructure Deployment for Mobile Device Management with Microsoft System Center Configuration Manager and Windows Intune

Windows Phone 8 Device Management

Office 365 Windows Intune Administration Guide

Agenda. Enterprise challenges. Hybrid identity. Mobile device management. Data protection. Offering details

Kaseya White Paper. Managing the Complexity of Today s Hybrid IT Environments

Veritas NetBackup With and Within the Cloud: Protection and Performance in a Single Platform

Microsoft SharePoint Architectural Models

Centrify Cloud Connector Deployment Guide

Enabling Enterprise Mobility Through People-Centric IT. October 2014

Securing Enterprise Mobility for Greater Competitive Advantage

AirWatch Solution Overview

Ben Hall Technical Pre-Sales Manager

Apps. Devices. Users. Data. Deploying and managing applications across platforms is difficult.

Mobile device and application management. Speaker Name Date

IBM United States Software Announcement , dated February 3, 2015

An Overview of Samsung KNOX Active Directory-based Single Sign-On

Course Outline. Managing Enterprise Devices and Apps using System Center Configuration ManagerCourse 20696B: 5 days Instructor Led

ios Enterprise Deployment Overview

Radia Cloud. User Guide. For the Windows operating systems Software Version: Document Release Date: June 2014

How To Configure A Windows 8.1 On A Windows (Windows) With A Powerpoint (Windows 8) On A Blackberry) On An Ipad Or Ipad (Windows 7) On Your Blackberry Or Black

Microsoft Windows Intune: Cloud-based solution

How Should Your Organization Deploy Microsoft Exchange?

Road2Master Office 365 Hybrid Deployment and Migration Part 1 - Introduction. Ashwin Venugopal

Introduction to Unified Device Management with Intune and System Center Configuration Manager

Alexander De Houwer Technology Advisor Devices Win 10 Vincent Dal Technology Advisor Business Productivity

Dell World Software User Forum 2013

Business Value of Microsoft System Center 2012 Configuration Manager

Managing Enterprise Devices and Apps using System Center Configuration Manager 20696B; 5 Days, Instructor-led

Risk and threats everywhere, all the time

Windows Phone 8.1 Mobile Device Management Overview

Symantec Mobile Management 7.1

The Maximum Security Marriage:

SAP Business One OnDemand. SAP Business One OnDemand Solution Overview

Device Enrollment Guide

Secure, Centralized, Simple

WINDOWS SERVER SMALL BUSINESS SOLUTIONS. Name: Marko Drev

A matter of trust Fujitsu Managed Mobile

Getting Started Guide: Getting the most out of your Windows Intune cloud

Device Lifecycle Management

Administration Guide. BlackBerry Enterprise Service 12. Version 12.0

BES10 Cloud architecture and data flows

Whitepaper. How MSPs are Increasing Revenues by Solving BYOD Issues. nfrascaletm. Infrascale Phone: Web:

Where are Organizations Today? The Cloud. The Current and Future State of IT When, Where, and How To Leverage the Cloud. The Cloud and the Players

White Paper. Anywhere, Any Device File Access with IT in Control. Enterprise File Serving 2.0

McAfee Enterprise Mobility Management Versus Microsoft Exchange ActiveSync

Microsoft Exam

Network Access Protection (NAP)

EMC SYNCPLICITY FILE SYNC AND SHARE SOLUTION

MODERNIZING THE DISPERSED ENTERPRISE WITH CLOUD STORAGE GATEWAYS AND OBJECT STORAGE

Enterprise Mobility Suite (EMS) Sean Lewis Principal Partner Technology Strategist

Hybrid Architecture. Office 365. On-premises Exchange org (Exchange 2007+) Provisioned via DirSync. Secure Mail flow

Microsoft Enterprise Mobility Suite

Okta Mobility Management

Secure Enterprise Online File Sharing with Syncplicity Date: November 2014 Author: Tony Palmer, Senior Lab Analyst, Aviv Kaufmann, Lab Analyst

When your users take devices outside the corporate environment, these web security policies and defenses within your network no longer work.

CTERA Enterprise File Services Platform Architecture for HP Helion Content Depot

Statement of Direction

BlackBerry Enterprise Service 10. Universal Device Service Version: Administration Guide

Centrify Cloud Management Suite

BES12 Cloud Migration Program Description ( BES12 Cloud Migration Program Description )

Office 365 deployment checklists

Cisco estore Modernizes Shopping for IT Services

Security Guide. BlackBerry Enterprise Service 12. for ios, Android, and Windows Phone. Version 12.0

20696B: Administering System Center Configuration Manager and Intune

Symantec App Center. Mobile Application Management and Protection. Data Sheet: Mobile Security and Management

Business Case for Voltage Secur Mobile Edition

Office 365 deploym. ployment checklists. Chapter 27

Course MS20696A Managing Enterprise Devices and Apps using System Center Configuration Manager

1. What are the System Requirements for using the MaaS360 for Exchange ActiveSync solution?

STRONGER AUTHENTICATION for CA SiteMinder

How To Integrate An Ipm With Airwatch With Big Ip On A Server With A Network (F5) On A Network With A Pb (Fiv) On An Ip Server On A Cloud (Fv) On Your Computer Or Ip

Troubleshooting BlackBerry Enterprise Service 10 version Instructor Manual

Microsoft Enterprise Mobility Suite

What Is Cisco Mobile Workspace Solution?

Network device management solution

Transcription:

Unified Device Management Allows Centralized Governance of Corporate Network Devices Published July 2013 The recent bring your own device trend that allows employees to use devices they own for business productivity has IT departments struggling to maintain data security and centralized device governance. The Microsoft IT solution demonstrates how a large company can implement UDM with minimal cost and disruption to its existing Configuration Manager environments. Situation Microsoft Information Technology (Microsoft IT) lacked a timely solution for keeping pace with the surging trend of employees who use personal devices to do Microsoft work. Without a userand IT-friendly way to bring all devices into the scope of centralized management, IT risked improper exposure of secure company data, among other concerns. Solution Microsoft System Center 2012 Configuration Manager SP1 with Windows Intune enables Unified Device Management (UDM) to allow flexible, centralized management for companyowned and user-owned devices while maintaining corporate compliance and control. Benefits Native support management using SCCM and Windows Intune. Simplified implementation--no new infrastructure, hardware, network complexity or custom coding. Enterprise-level scalability of a cloudenabled device management solution. Cohesive balance of user productivity with secure IT practices. Centralized administration of all users and all devices via a single interface. Adherence to the Microsoft peoplecentric IT vision, which puts user identity, single sign-on, and self-service at the core of IT governance technologies and programs. Products and Technology Microsoft Active Directory Microsoft Exchange ActiveSync Microsoft Online Directory Services Microsoft System Center 2012 Configuration Manager SP1 Microsoft Windows Intune

2 Business Case Study Situation Over the past decade, business environments have changed in significant ways. One key change is workers' use of technology devices. For many years, businesses generally followed a model where each worker fulfilled his or her duties by using one computer, owned by the company and located on the business premises. Today, that model has been augmented to include multiple device types, variable ownership, and variable locations. More employees work remotely than in the past, and their productivity is not limited to a company-provided computer. Laptops allow employees to work from home, tablet devices are the tool of choice for conference room participation, and smartphones enable the use of email and other applications from virtually any location in the world. Some businesses provide these devices for their workers, but in many environments, employees purchase the devices for personal use and then adapt the devices to their work requirements as needed. This bring your own device (BYOD) model poses new challenges for IT. The model has become so ubiquitous that in many work environments, BYOD has become a decisive factor in employee satisfaction and retention. At the same time, the proliferation of heterogeneous devices in the workplace raises privacy and security concerns for both the worker and the employer. IT departments find they must strike a balance between allowing the flexibility that workers need and ensuring the safety and efficiency of IT device management operations. In 2012, Microsoft IT addressed these needs for its organization. In order for BYOD to be successful on the Microsoft corporate network, IT needed a comprehensive plan. Four key success factors were identified: Users must be able to work from any location at any time using any device they choose. Devices must be centrally managed in a way that is acceptable to the entire business. Applications used for business purposes must be centrally available for install/uninstall. Data policies must provide for corporate data security on all devices while maintaining the privacy of workers' personal information. Like many enterprise companies, Microsoft uses Microsoft System Center 2012 Configuration Manager to manage assets connected to its corporate network. The latest version of this product, Configuration Manager 2012 Service Pack 1 (SP1), did not contain functionality that allowed Microsoft IT to centrally manage devices and applications in the cloud. Currently, no other solutions are available that provide enterprise-level centralized management of both on-premises and cloudconnected computers, devices, and applications. Solution To meet the needs of its changing device management environment, Microsoft IT enabled Unified Device Management (UDM) by adding a Windows Intune subscription and connector to its Configuration Manager console. UDM enables centralized, Configuration Manager based management and access to cloud-connected personal devices that users choose to enroll, as well as the corporate applications that users run on the devices. IT manages the devices together via the Configuration Manager administrative interface. This hybrid solution retains the scalability and administrative functionality of Configuration Manager while extending its reach via Windows Intune cloud-based device management.

3 Business Case Study Figure 1. Microsoft IT UDM solution architecture As part of this solution, users can choose their devices to enroll and have access to resources via a web-based self-service portal. Users can then extend their enrollments across all devices they use, regardless of platform: for example, Windows Surface RT, Windows Phone 8, or Apple ios. Based on the success of a recent beta program, IT made UDM available to all 98,000+ Microsoft employees. To assemble the solution, Microsoft IT performed the following steps: 1. Using its existing production Configuration Manager environment, provisioned users by performing user discovery for the entire corporate Active Directory forest. 2. Provisioned a Windows Intune subscription for the Microsoft tenant and configured the Windows Intune connector. 3. Synchronized all existing Configuration Manager data with the Windows Intune cloud. 4. Redirected Domain Name Service (DNS) for the user portal website to the Windows Intune beta environment. 5. Applied device-specific certificates for Windows Phone 8, Windows Surface RT, and Apple ios. The solution can be replicated in any Configuration Manager 2012 SP1 environment that owns a Windows Intune subscription. Future plans include support for Android devices. Benefits The Microsoft IT UDM solution provides the following primary benefits to Microsoft IT: Simplified, low-cost implementation. Enabling UDM does not require adding any new infrastructure, hardware, or network complexity to the Microsoft IT environment. Also, because

4 Business Case Study the connector uses native Configuration Manager 2012 SP1, no custom coding is required for its use. In these ways, the solution provides significant benefits with minimal cost or effort. Native support management. Enabling UDM allows IT to synchronize user and device data without relying on an external service, such as Microsoft Exchange ActiveSync. Cohesive balance of user productivity with secure IT. By managing the installation and removal of IT-approved corporate applications on a variety of devices via the user portal, the solution allows user flexibility and the enforcement of corporate data security policies while leaving users' personal data untouched. Single administrative and user interfaces. Although the solution spans two technologies Configuration Manager and Windows Intune only the Configuration Manager administrative console is required for managing devices and computers. Similarly, employees who log on to the portal have a seamless user experience, regardless of the server technology they use to request applications and services. Enterprise-level scalability. The solution connects the cloud capabilities of Windows Intune to the scalability of Configuration Manager, which was designed to support large companies' infrastructures but which previously lacked a cloud-based method for managing off-premises devices. People-centric IT UDM plays a key role in Microsoft IT's people-centric IT (PCIT) vision, which places users' needs at the core of a new approach to managing the modern workplace. More enterprise workers expect their professional technology to look and behave the same as their personal technology: always on and always available. In order to allow employees to work with their preferred device whenever and wherever they choose, PCIT provides options for creating a consistent, reliable, and secure work environment that can be centrally managed by Microsoft IT regardless of each user's location or device. Figure 2. Pillars of the PCIT vision The UDM feature that best models PCIT to users is the self-service portal, which functions as a marketplace and self-service command center for enterprise applications. As adoption of UDM at Microsoft increases, more employees are visiting the portal to perform these tasks: Provision new devices and add the devices to their corporate user profiles. View, install, or run corporate applications on their registered devices. Remove applications from devices and remove devices from the corporate network. Employee Productivity and Satisfaction The Microsoft IT UDM solution enhances employee productivity in key ways. Not only can users choose the device to run an application, they can also store work-related data in a single location and

5 Business Case Study use it in various scenarios: for example, they can check mail from their phones or use their personal tablets to present at meetings. Although these abilities are not specifically part of Windows Intune or Configuration Manager functionality, cloud-based data storage enables this data to be kept in sync regardless of the devices being used to store or retrieve it. A subtle but important PCIT concept that guided effective UDM adoption at Microsoft was letting users opt-in to using the technology rather than feel it is being foisted upon them. By introducing the solution in phases through internal marketing campaigns to select areas of the company, Microsoft IT was able to deliver the message to employees that a platform is now available for accessing corporate resources using their personal devices. Resources Microsoft IT Work Smart Guides For More Information For more information about Microsoft products or services, call the Microsoft Sales Information Center at (800) 426-9400. In Canada, call the Microsoft Canada Order Centre at (800) 933-4750. Outside the 50 United States and Canada, please contact your local Microsoft subsidiary. To access information via the World Wide Web, go to: http://www.microsoft.com http://www.microsoft.com/microsoft-it 2013 Microsoft Corporation. All rights reserved. Microsoft and Windows are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. The names of actual companies and products mentioned herein may be the trademarks of their respective owners. This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS SUMMARY.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information