Lot 3 Service Specification MANAGED MOBILE SERVICE Fujitsu Services Limited, 2013
OVERVIEW OF FUJITSU MANAGED MOBILE SERVICE Fujitsu Managed Mobile is a global service providing lifecycle management services for mobile computer devices (Smart Phones and Tablets) including device procurement and bulk configuration services, OTA service provision, secure policy enforcement, app deployment, app control, remote support, reporting and mobile connectivity management. Built using market leading technology components, it is designed as a turnkey service underpinned by a fully managed service model. This is the Service for the purpose of the Agreement. Introduction to Fujitsu Managed Mobile Service A shift in IT end user practices (often referred to as the Consumerisation of IT) has led to a growing requirement for IT departments to allow a variety of new mobile devices access to company networks or data sources (e.g. Email). These devices can be company owned or in some cases part of a BYOD initiative. IT departments are being forced to change their standard work practices and standards to support these diverse devices. It is widely accepted that to support this requirement in adherence to company security policies some form of management and control is required over the mobile devices and the data they access. Typically to date this is achieved by adopting some form of Mobile Device Management solution. A MDM solution can be complex to implement and operate and in most cases requires extensive training of IT operatives. The technology and mobile industry are fast paced and the IT department is required to stay up to date with the evolving and expanding devices available in the marketplace. To compound the challenge further most of the devices in question are designed with the consumer or end user in mind rather than company security or management needs. This can prove to be an expensive and complex addition to an IT department s responsibilities at a time when most are being asked to achieve more with less. Fujitsu Managed Mobile Service is a turnkey solution designed specifically to address these requirements. A fully managed, evergreen, standardised Service offered from the Fujitsu secure private cloud, dedicated on-premises or as a hybrid model. The Service is for Customers who have a requirement to allow mobile smart devices secure connectivity to their private networks and company data sources Fujitsu Managed Mobile Service will enable an IT department to embrace new technology practices and mobile smart devices today without the significant overhead of researching, deploying and operating such a solution in isolation. Areas Addressed The main area that is addressed with this Service is to enable the Customer to confidently control mobile devices and their access to company systems and data. Approach Initial Engagement The key to successful mobile management is to understand the Customer s immediate and future requirements in detail. Fujitsu will also provide thought leadership, guidance and best practices as standard with this Service. Using standardised requirement gathering methods and tools Fujitsu can quickly map specific requirements against standard service models. Planning Once the initial engagement has occurred then the majority on the next stage will be the detailed planning and technical discussions about the best approach to creating the Customers private instance of the Service, including 1st line help desk integration if required, LDAP integration and also any network changes which may be required to publish specific data sources (e.g. Email system) or development of private mobile apps. Fujitsu can also assist with end user transition if required but this is normally light touch and self service. Once the planning has been complete a statement of works will be produced outlining the transition plan. Proof of Concept A proof of concept can be arranged to allow the Customer to evaluate the Core Service. Transition An initial analysis of the data will be performed to ensure all relevant transactions have been captured. If anything is identified as missing or the initial analysis identifies an un-expected anomaly then there may be another series of data captures performed. Page 2 of 6 Fujitsu Services Limited, 2013
Service Operation The Service is a fully managed Service designed to be available 365/24/7. The Service will provide 2nd line multilingual service desk as standard. Standard monthly reports will be generated and ad hoc reports can be created. A self service portal is also available for end users. Delegated administration access for a 1st line help desk can be provided if required. Data Security There are numerous and various security options dependent upon specific requirements. The private cloud model is deployed in Fujitsu Tier 3 ISO 27001 data centres and centrally supported from Fujitsu s global delivery centres. All data is encrypted in transit via SSL to a minimum AES 256. Various data at rest security measures are available from device encryption to data segregation. KEY DELIVERABLES The scope of the Service: Supports devices which run the following operating systems Android (2.2 & above), Apple ios (5.x & above), Blackberry (5.x, 6.x and 7.x), Symbian S60 FP2 and above, Windows Mobile (5.0 and above), Windows 8 Phone and Windows 8 Tablet Device Configuration; User/Group management; mobile app deployment (Application Store) mobile app control (white/black list); Security Policy Enforcement; Extensive reporting Jailbreak/Root detection User self service portal Mobile anti-virus & malware for Android, Symbian & Windows Mobile Secure ActiveSync Secure Email for Android Mobile SSL VPN gateway Mobile Data Leakage Prevention (DLP) for Microsoft SharePoint Triple layer security (checks device compliance in real time) LDAP integration (e.g. Active Directory) Supported by 24x7 multilingual global service desk (from 2nd line) Mobile app development Mobile app testing & lifecycle services Transition services Device procurement services Bulk device configuration and logistic services Break fix. Page 3 of 6 Fujitsu Services Limited, 2013
CUSTOMER OBLIGATIONS The Customer is responsible for the following: Provision of Network Topology Diagrams/Documentation Permission for Fujitsu to access network environment Sign-off of Statement of works Provision of access to back office data sources (e.g. Email system or LDAP integration) Provision of data such as requested for the project, such as current device quantities and growth projections. Provision of a point of contact for the Fujitsu Consultant to co-ordinate and deliver the engagement. Response to questions by the Fujitsu Consultant within two days, recognising that delays in providing information may impact the project delivery dates. Any change control processes required to publish back office systems. Compliance with the Customer s Change Management Processes. Signing of the Apple Push Notification Service certificate request (if required) Provision of Private Keys for any back office system or application is encrypted across the network. Fujitsu will not be liable for any delay or deficiency in providing the Service if such delay or deficiency results from the Customer s failure to fulfil these dependencies. Should a delay to the Service result from the Customer s failure in relation to the above dependencies, Fujitsu shall be entitled to amend the Service, Schedule and/or Charges with no liability and shall be entitled to charge Customer for any cost incurred as a result. EXCLUSIONS The following lists the exclusions: Any device using a mobile operating system not specified above or in the Service Specification. Mobile device network connectivity (mobile carrier, SIM, Wi-Fi or other wireless internet connectivity) Encrypted communications where the private key is not provided Anything not stated in the Statement of Works unless it is covered in an agreed change control document ROADMAP It is planned to enhance the managed mobile Service over time to include the following (though this list is not exhaustive or legally binding and is subject to change): Containerised email, browser and apps. Mobile app management and security. Access control service. Secure document sharing features. SAML Authentication Support. Page 4 of 6 Fujitsu Services Limited, 2013
CHARGES AND PAYMENT (ILO) The Charges for the Service are set out in the table below. Customer will be invoiced for the Charges on completion of the Service. When remitting payment, Customer will include the applicable Fujitsu invoice that the payment applies to. Table 1: CHARGES (PER MONTH) Product Unit Quantity Unit Price CORE service 1 2.82 CORE+ Secure ActiveSync 1 1.16 CORE+ Enhanced Security for Android 1 1.16 CORE+ Enhanced Mobile Security (AV/AM) 1 1.67 CORE+ Mobile SSL VPN 1 2.35 CORE+ Mobile DLP for SharePoint 1 1.83 Secure Mobile Gateway 1 447.26 Note: Any CORE + pricing in the above table is in addition to the base CORE service of 2.82 Enhanced (on premises) offerings can also be provided by Fujitsu as additional offerings. Table 2: CHARGES (ONE OFF) Product Unit Quantity Unit Price Transition CORE service 1 10,000 (example, will vary dependent on requirements) New device charge 1 One month device charge Page 5 of 6 Fujitsu Services Limited, 2013
DEFINITIONS Any terms used in this Service Specification have the meaning assigned by the Fujitsu Cloud Service Agreement Terms and Conditions. Additional terms used have the meaning assigned by this paragraph. In the event of any conflict between the terms of this Service Specification and the other documents that comprise the Agreement, the provisions of this Service Specification shall prevail. Table 3: DEFINITIONS Definition BYOD CORE CORE+ ENHANCED FMM MDM Meaning Bring Your Own Device The base cloud service Defined service components of specific functionality which can be added to the CORE service Bespoke design e.g. On-Premises Fujitsu Managed Mobile Mobile Device Management Page 6 of 6 Fujitsu Services Limited, 2013