ios 9.3 Enterprise Solution Brief MobileIron and ios 9.3



Similar documents
Using the Apple Configurator and MaaS3360

Windows Phone 8.1 in the Enterprise

MobileIron for ios. Our Mobile IT Platform: Purpose-Built for Next Gen Mobility. MobileIron Platform: Accelerating ios Adoption in the Enterprise

Deploying iphone and ipad Apple Configurator

Streamline Mobile Telecom Management with DATALERT! And MobileIron

Cloud Services MDM. ios User Guide

eschoolpad for ipad INSTALLATION GUIDE v3.0 Prepared by: Avrio Solutions Company Limited

ios Education Deployment Overview

Mobile Iron User Guide

Kony Mobile Application Management (MAM)

ipad Classroom Installation & Deployment Important information

Feature Matrix MOZO CLOUDBASED MOBILE DEVICE MANAGEMENT

District 211 Technology. ipad Setup Instructions

ios Enterprise Deployment Overview

{ipad Security} for K-12. Understanding & Mitigating Risk. plantemoran.com

Mobility Manager 9.5. Users Guide

AppConnect FAQ for MobileIron Technology Partners! AppConnect Overview

McAfee Enterprise Mobility Management Versus Microsoft Exchange ActiveSync

Mobile First Government

Managing and Supporting ipads in the Classroom Clint Stephens Southwest Educational Development Center

Sophos Mobile Control User guide for Apple ios. Product version: 4

Mobile Device Management AirWatch Enrolment ios Devices (ipad, iphone, ipod) Documentation - End User

Setting up your 32GB District ipad

GO!Enterprise MDM Device Application User Guide Installation and Configuration for ios with TouchDown

MDM User Guide June 2012

6th Grade ipad Setup. APS Personalized Learning Devices

Enterprise Mobility Management Migration Migrating from Legacy EMM to an epo Managed EMM Environment. Paul Luetje Enterprise Solutions Architect

GO!Enterprise MDM Device Application User Guide Installation and Configuration for ios Devices

When enterprise mobility strategies are discussed, security is usually one of the first topics

Dell Mobile Management. Apple Device Enrollment Program

Quick Start Guide. Version R9. English

Samsung KNOX EMM Authentication Services. SDK Quick Start Guide

Ensuring the security of your mobile business intelligence

Administering Jive Mobile Apps

How To Use A Microsoft Mobile Security Software For A Corporate Account On A Mobile Device

TLC 3 Student Mobile Device Configuration Specifications

Introduction to the AirWatch Browser Guide

The Use of the Simple Certificate Enrollment Protocol (SCEP) and Untrusted Devices

GETS AIRWATCH MDM HANDBOOK

SUMMARY. e-soft s.r.l.

Quick Start and Trial Guide (Mail) Version 3 For ios Devices

Secure, Centralized, Simple

Mobile Device Management Version 8. Last updated:

Mobile Device Management Version 8. Last updated:

How To Protect Your Mobile Device From Attack

Introduction to AirWatch and Configurator

MDM: Enabling Productivity in the world of mobility. Sudhakar S Peddibhotla Director of Engineering, Good Technology

Guide for Setting Up Your Multi-Factor Authentication Account and Using Multi-Factor Authentication

Building Apps for iphone and ipad. Presented by Ryan Hope, Sumeet Singh

ios How to Back Up from icloud

Introduction to Mobile Application Management (MAM)

Deploying Apple ios in Education

Mobile Device Management

Student BYOD - Olathe Public Schools

Copyright 2013, 3CX Ltd.

curbi for Schools Technical Overview October 2014

Data Loss Prevention & Mobile Device Management

Cloud Services MDM. Application Management Admin Guide

Colligo Briefcase Enterprise. Administrator s Guide

Feature List for Kaspersky Security for Mobile

Cloud Services MDM. Management Admin Guide

BlackShield Authentication Service

The Future of Mobile Device Management

GO!Enterprise MDM Device Application User Guide Installation and Configuration for Android with TouchDown

End User Devices Security Guidance: Apple ios 8

Mobile Device Management Fleet manager s guide. Philippe CAJET Admin Guide MDM R1.6_2013 August 1 st _V 1

Synergy SIS AdminVUE Administrator & User Guide

1. What are the System Requirements for using the MaaS360 for Exchange ActiveSync solution?

Flexible Identity. OTP software tokens guide. Multi-Factor Authentication. version 1.0

PARK UNIVERSITY. Information Technology Services. VDI In-A-Box Virtual Desktop. Version 1.1

Kaseya 2. User Guide. Version 7.0. English

UP L18 Enhanced MDM and Updated Protection Hands-On Lab

Vodafone Global Enterprise Deploy the Apple iphone across your Enterprise with confidence

1. Introduction Activation of Mobile Device Management How Endpoint Protector MDM Works... 5

Copyright 2013, 3CX Ltd.

Company Facts. 1,800 employees. 150 countries. 12,000 customers and growing. 17 languages. 11 global offices

HIGH-SECURITY MOBILITY MANAGEMENT FROM BLACKBERRY

Cloud Services MDM. Telecom Management Admin Guide

CA Mobile Device Management 2014 Q1 Getting Started

Ensuring Enterprise Data Security with Secure Mobile File Sharing.

Cloud Services MDM. Overview & Setup Admin Guide

USING MERAKI FOR IOS DEVICES USER S GUIDE

Top. Reasons Legal Firms Select kiteworks by Accellion

ipad Deployment Guide

Absolute Manage MDM. John Wu Systems Engineer

OWA vs. MDM. Once important area to consider is the impact on security and compliance policies by users bringing their own devices (BYOD) to work.

Secure File Sync & Share with Acronis Access Advanced Date: July 2015 Author: Kerry Dolan, Lab Analyst

Top. Reasons Federal Government Agencies Select kiteworks by Accellion

Compliance Rule Sets in MaaS360

Sophos Mobile Control Startup guide. Product version: 3

Health Science Center AirWatch Installation and Enrollment Instructions For Apple ios 8 Devices

Product Manual. Mobile Device Managment Version 8.1. Last Updated: 06/07/15

Student ipad User and Setup Guide

Real-World Scale for Mobile IT: Nine Core Performance Requirements

Transcription:

ios 9.3 Enterprise Solution Brief v3 MobileIron and ios 9.3 With the introduction of ios 9.3, Apple continues to make strides in simplifying management and deployment of ios devices in Enterprises by including important new features and controls targeted at organizational use cases. For the first time, Apple is announcing and delivering this Enterprise-centric content in a point release, instead of embedding the new content within a major release announcement. New Enterprise-centric features include: Home Screen Layout controls Blacklist and Whitelist restrictions Notifications controls MDM initiated activation lock MDM Lost Mode 415 East Middlefield Road Mountain View, CA 94043 USA Tel. +1.650.919.8100 Fax +1.650.919.8006 info@mobileiron.com

Most of these new features require device supervision. Device supervision is a process that places an ios device into Supervised mode which enables additional controls and restrictions with an Enterprise Mobility Management solution such as MobileIron. The additional controls and restrictions enabled by device supervision address use cases for institutionally owned and issued devices. The device supervision process is accomplished manually via the Apple Configurator 2 tool or dynamically via the Apple Device Enrollment Program (DEP). MobileIron endorses the Apple DEP approach as a best practice for supervising devices. The ios 9.3 release also includes exciting new solutions for educational institutions. These capabilities include: Apple School Manager Classroom app Shared ipad Managed Apple IDs These new scholastic focused features open up a world of exciting new possibilities for educators. Greater Controls for Institutionally Owned Devices The ios 9.3 release includes new features that address special use cases for institutionally owned devices. These new features require Enterprise Mobility Management, so MobileIron customers will be empowered with these new capabilities. Home Screen Layout (Supervised Mode Only) With ios 9.3, Mobile IT administrators can create custom home screens on supervised devices by controlling the apps, icons and web-clips on the home screen. Additionally, folders can be created and used to group apps. Furthermore, applications can be placed persistently in the dock via EMM control. Apple has long offered the ability to restrict a device to a single, or a few corporate apps on supervised devices. Typical use cases include display kiosk type devices in retail, trade shows, hospitality, and other single or limited use scenarios. The new Home Screen Layout feature refines the experience by giving organizations power over the look and feel of these kiosk devices. When combined with the powerful new application whitelist restriction in ios 9.3, administrators can effectively deploy rich, multiapp ios kiosk devices. A custom message can also be displayed on the lock screen, which IT administrators will be able to modify using their EMM. A common use case might be when a device is lost. In such circumstances, the information shown on the lock screen can be used to retrieve the device. 2

Blacklist and Whitelist Restriction (Supervised Mode Only) The concept of whitelisting and blacklisting of apps is not new to the MobileIron EMM solution. For example, with all current ios releases, MobileIron can detect the presence of any undesired ios application after it has already been installed. Using App Control policies and Compliance Actions, the MobileIron admin can initiate remediation, such as blocking access to corporate content and email. With the new ios 9.3 blacklisting feature, rather than reactively taking a compliance action when detecting the presence of blacklisted apps, MobileIron can proactively prevent users of supervised devices from using blacklisted apps at all. So, while the user may download a blacklisted app, EMM controls block the app from being used. This new blacklisting capability in ios 9.3 could be used to disable personal use of corporate issued devices if that is in line with Mobile IT policy. For example, an organization may leverage this feature to block use of social media apps like Facebook on supervised, work devices. If the user has installed the Facebook app he or she cannot use it. The blacklisted app is hidden from the user s home screen and cannot be opened. Under Settings, the user will see the blacklisted app listed, but will not be able to modify the settings. Additionally, ios 9.3 allows MobileIron administrators to create stringent app distribution policies for supervised devices through the new whitelisted app feature. Devices can be locked down to only trusted apps in the whitelist. Apps that are not enumerated on the whitelist will not be available to the device user. The new ios 9.3 whitelist and blacklist capabilities target any organizational use cases where stringent controls over the apps on organizationally-owned devices are required. For example, there may be compliance and regulatory concerns that obviate any personal enablement on ios devices. These features are also a good fit for kiosk type device applications. Notifications Control (Supervised and Unsupervised Devices) With ios 9.3, Mobile IT administrators will have more granular control over the notifications received by apps. Administrators will be able to customize how notifications for different apps are delivered based on the app bundled. Mobile IT administrators will be able to turn off notifications for mission critical apps, which may carry sensitive data, or restrict notifications to a certain level for selected apps. Additionally, on supervised devices, end users can be prevented from changing the notification settings via these new ios 9.3 features. MobileIron administrators may consider how they will use these new controls to restrict how messages to instant messaging client and collaboration apps such as Slack and Cisco Spark are displayed since these apps may contain sensitive, proprietary, or confidential information. MDM Initiated Activation Lock Mobile IT administrators have long clamored for more powerful tools to manage and enforce ios Find My Friends Activation Lock on institutionally issued devices. The Find My Friends Activation Lock feature makes it harder to use or resell lost or stolen ios devices. Prior to ios 9.3, Apple provided limited capabilities for bypassing activation lock on Supervised devices only, so Mobile IT administrators faces some basic challenges securing their full fleet of organizationally owned devices. The ios 9.3 release has addressed some of these 3

challenges for Apple DEP enrolled devices. For DEP enrolled devices, EMM solution providers such as MobileIron, will be able to work with Apple s DEP servers to enforce activation lock on the device and override the activation lock if necessary. A system involving key escrow by Apple DEP and an activation bypass lock on the EMM server ensures that the device is protected from unauthorized activation lock bypass, while providing Mobile IT administrators with the power they need to secure their devices. While these capabilities require enrollment with Apple DEP, device supervision is not required. MDM Lost Mode (Supervised Only) Until the advent of ios 9.3, tracking an ios devices required an end user to enable Location Services on their device. Location coordinates could be shared with MobileIron by granting the ios application access to location data, or an employee could personally track their device using Apple s Find My iphone service. With the new MDM Lost Mode feature in ios 9.3, an IT Administrator can designate a supervised device as Lost, as long as the device is enrolled in Apple DEP. When lost mode is invoked, devices will report their geolocation to their EMM even when location services are disabled on the device. The Mobile IT admin will be able to push a message that will appear on the device s lock screen with instructions on how to return it. Other Relevant New EMM Features The ios 9.3 release also enables Mobile IT administrators with the power to disallow end users of supervised devices from saving passwords locally for URLs matching configured patterns. This feature can be used to prevent storing passwords for protected and secured web services. Disallowing iradio is another new restriction in ios 9.3, which might be used, for example, to prevent streaming on carrier connected devices to control data costs. ios 9.3 in Education Much of the excitement with ios 9.3 centers on new developments for education. How students and teachers use ipads in the classroom will undergo a metamorphic change with Apple s new Shared ipad for Education model. Although these new capabilities may pique the interest of many enterprise organizations, where shared device uses are highly desired, Apple has only targeted them for scholastic institutions at this time. Apple approaches education use cases for ipads with a comprehensive three tiered methodology focusing on students, teachers, and administrators. The Student By leveraging ios 9.3 education features, students can share a single ipad while preserving an individualized, native experience for each student. By selecting their account from the ipad lock screen or by entering a simple four digit personal PIN code, the student logs into the shared ipad and enjoys his or her own environment. Additionally, Apple has added an intelligent caching feature that makes all of the student s educational content immediately available instead of waiting for any bloated content to re-download. Teachers and students will appreciate the valuable classroom time saved with ipads put into shared mode via Apple DEP. Student accounts are provisioned for the device by authorized instructors using Apple provided management tools. 4

The Classroom App Apple s new cloud-based Classroom App gives teachers the controls they need to deliver a superior ipad educational experience to students. With the Classroom App, teachers may instantly view any student s ipad screen with a single tap. An educator can launch or lock apps on all of the classroom ipads and point web browsers to common web resources. Instructors can also reset student passwords instantly. Apple School Manager The Apple School Manager is a cloud-based application that allows a school IT administrator to roll out shared ipads across a classroom, school, or even an entire school district. Schools and districts can use the Apple School Manager to purchase content and apps for efficient and targeted distribution. Student and teacher users can be associated to curriculum content created using existing tools like itunes University. Summary The ios 9.3 release is the most exciting point release since the inception of the iphone. The features and tools that make up the shared ipad for Education experience could have a very big impact on the way students learn and teachers teach for a generation to come. In the Enterprise, many long desired capabilities are coming to supervised devices. Apple is providing a more immersive administrative experience on devices that are designated for corporate use. We can only expect this trend to continue as programs like the Device Enrollment Program continue to make inroads and expand in popularity. MobileIron is excited about these new features and looks forward to working closely with our customers and partners in enabling new business and IT process and use cases for ios devices. Managed Apple ID Managed Apple ID s are brand new and intended for Education only. For the first time, Apple is delegating the capability to create Apple IDs to third party institutions. School administrators can create accounts in bulk, reset passwords, audit accounts, and create customized roles for the accounts. Managed Apple ID s can be created for students, teachers, and even administrators when the Apple School Manager is connected to a Student Information System (SIS). 5

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information