Mobile Device Management (MDM) MOBILEIRON
Context Office of K-12 Outreach, College of Ed MI Excel - Michigan Department of Education s State Wide System of Support (SSOS) 70+ Field Personnel working in schools Geographically distributed (Detroit to Escanaba, MI) Retired school administrators = no tech savvy
Why ipads (Assumptions) Easy to carry Less hardware support New configuration tools Apple Configurator, AirWatch, MobileIron Existing hardware in schools (projectors) Reality is that schools still don t have dedicated administrative meeting spaces (or spaces are in high demand) LTE Availability
Need for MDM Retain ownership of equipment User profiles On the road support Security & data protection App management
Barriers Lack of productivity Apps (2012) MS Office clones PDF editors Accessories Car charger, power supply, VGA adapter, HDMI adapter, Logitech keyboard/case
Security #1 Concern Family Education Rights and Privacy Act (FERPA) Golden Package PDFs Access to MISchoolData.org (CEPI) Loss prevention Three ipads stolen in two years
MobileIron VSP Virtual Smartphone Platform (VSP) Connects to ipads through MobileIron App Loads security and policy certificates remotely Intuitive web-based management console
Cloud based MobileIron Two virtual machine appliances (multiday phone supported install) VSP Sentry Hosted on College of Education vsphere Cluster $75 per device + $15 annual license Licensed through AT&T (Enterprise Portal)
VSP - Device Management User management with Active Directory Labels Control of features & policies Policies Security, App control App distribution (in-house & app store) Prepaid Apps (Volume Licensing Program)
Provisioning ipads 1. Add device to MobileIron 2. Attach to an Active Directory user 3. User is automatically notified through email and follows instructions to download MobileIron app, or username & PIN is provided to install 4. MobileIron App is loaded and connected to VSP server 5. Profiles are downloaded and installed, Apps@Work app is loaded onto ipad 6. Loads Exchange account
Device Management Remote operation Unlock, Wipe, Geo-locate, Review client logs, Push notifications, Policy updates Apps@Work Allow user to install App Store apps through Volume Licensing Program Allows users to be temporarily assigned apps Set policies for allowable Apps
Policy Violations Remove access to secure services Revoke ActiveSync Close App Tunnels Notify Administrators & Users Multiple automated triggers and actions 12
Issues with Deployment Exchange functionality (root cause tbd) Backing up/restoring ipads Multiple passwords per user (Apple, MSUNet, Exchange) 13
Positive Aspects Easy to deploy ipads Easy to manage large number of users Volume Licensing Make prepaid Apps available through Apps@Work Volume Licensing for Ed 50% off on bulk orders 14
Unexplored Windows, Android, Blackberry support App Tunnels Ability to temp assign Apps Very restrictive policies 15
CLIENT MANAGEMENT SALESFORCE 16
Managing our Clients Client/Customer Relations Management Schools = clients Manage multiple contact people Manage points of contact Collect data about activities in schools through easily customizable forms 17
Workflows Automated Workflows Intervention Specialist Regional Manager Manager Payroll & Travel Data & Evaluation Team Multi-tiered access to data Data portability (transferring ownership) 18
Advanced Customization Create custom reports (text & graphic) with automated processing & workflows APEX classes allow you to build custom, integrated web apps that take advantage of jquery, CSS, HTML 19
Worth the Money Inexpensive Cloud Based Solution Annual license: $360/year for Full Salesforce Named Portal Users: 100 for $1,000/year 90% Discount through Salesforce Foundation 20
Thank You! Ken Dirkin {dirkinke@msu.edu} 21