Mobile Device Management (MDM) MOBILEIRON

Mobile Device Management (MDM) MOBILEIRON

Context Office of K-12 Outreach, College of Ed MI Excel - Michigan Department of Education s State Wide System of Support (SSOS) 70+ Field Personnel working in schools Geographically distributed (Detroit to Escanaba, MI) Retired school administrators = no tech savvy

Why ipads (Assumptions) Easy to carry Less hardware support New configuration tools Apple Configurator, AirWatch, MobileIron Existing hardware in schools (projectors) Reality is that schools still don t have dedicated administrative meeting spaces (or spaces are in high demand) LTE Availability

Need for MDM Retain ownership of equipment User profiles On the road support Security & data protection App management

Barriers Lack of productivity Apps (2012) MS Office clones PDF editors Accessories Car charger, power supply, VGA adapter, HDMI adapter, Logitech keyboard/case

Security #1 Concern Family Education Rights and Privacy Act (FERPA) Golden Package PDFs Access to MISchoolData.org (CEPI) Loss prevention Three ipads stolen in two years

MobileIron VSP Virtual Smartphone Platform (VSP) Connects to ipads through MobileIron App Loads security and policy certificates remotely Intuitive web-based management console

Cloud based MobileIron Two virtual machine appliances (multiday phone supported install) VSP Sentry Hosted on College of Education vsphere Cluster $75 per device + $15 annual license Licensed through AT&T (Enterprise Portal)

VSP - Device Management User management with Active Directory Labels Control of features & policies Policies Security, App control App distribution (in-house & app store) Prepaid Apps (Volume Licensing Program)

Provisioning ipads 1. Add device to MobileIron 2. Attach to an Active Directory user 3. User is automatically notified through email and follows instructions to download MobileIron app, or username & PIN is provided to install 4. MobileIron App is loaded and connected to VSP server 5. Profiles are downloaded and installed, Apps@Work app is loaded onto ipad 6. Loads Exchange account

Device Management Remote operation Unlock, Wipe, Geo-locate, Review client logs, Push notifications, Policy updates Apps@Work Allow user to install App Store apps through Volume Licensing Program Allows users to be temporarily assigned apps Set policies for allowable Apps

Policy Violations Remove access to secure services Revoke ActiveSync Close App Tunnels Notify Administrators & Users Multiple automated triggers and actions 12

Issues with Deployment Exchange functionality (root cause tbd) Backing up/restoring ipads Multiple passwords per user (Apple, MSUNet, Exchange) 13

Positive Aspects Easy to deploy ipads Easy to manage large number of users Volume Licensing Make prepaid Apps available through Apps@Work Volume Licensing for Ed 50% off on bulk orders 14

Unexplored Windows, Android, Blackberry support App Tunnels Ability to temp assign Apps Very restrictive policies 15

CLIENT MANAGEMENT SALESFORCE 16

Managing our Clients Client/Customer Relations Management Schools = clients Manage multiple contact people Manage points of contact Collect data about activities in schools through easily customizable forms 17

Workflows Automated Workflows Intervention Specialist Regional Manager Manager Payroll & Travel Data & Evaluation Team Multi-tiered access to data Data portability (transferring ownership) 18

Advanced Customization Create custom reports (text & graphic) with automated processing & workflows APEX classes allow you to build custom, integrated web apps that take advantage of jquery, CSS, HTML 19

Worth the Money Inexpensive Cloud Based Solution Annual license: $360/year for Full Salesforce Named Portal Users: 100 for $1,000/year 90% Discount through Salesforce Foundation 20

Thank You! Ken Dirkin {dirkinke@msu.edu} 21