Implement Mobile Device Management to Deploy HCSS Mobile Apps A guide to MDM & EMM product selection Femi Ariyo Femi@hcss.com
Our Goal Understand mobile device management and its benefits Examine different concepts that drive mobile device management (Platform support, feature set, ease of use) Choose the right solution for your company Provision HCSS apps with Mobile Device Management Hear Mobile Device Management success stories among HCSS customers See a demo of the Apple Device Enrollment Program and Cisco Meraki Mobile Device Management Q&A session
What is MDM and its Benefits Mobile Device Management (MDM) solution allows you to manage and secure mobile devices deployed in your organization MDM allows you to configure devices, perform remote lock and wipe Provide a mechanism for over-the-air management MDM typically support multiple operating systems
Platform Wars Each Android distribution is unique. Samsung, LG, HTC, Motorola, Google all did things differently. This is good and bad. Apple ios is a closed system. Developers only had access to features exposed by Apple. Effective quality control process. Naturally, MDM offerings became selective. Features were not leveled across all platforms. What do you do if the needed tools aren t present in the OS? (Security and lockdown mechanisms)
MDM Evolving to EMM Today, MDM has gone beyond configuration and remote wipe Enterprise Mobility Management (EMM) suites provide MDM features as well as application and content management
Enterprise Mobility Management Hardware & Application inventory OS Configuration Management Mobile App deployment, update, and removal Mobile app configuration and policy management Remote view and control for troubleshooting Execute remote actions Mobile content management
Enterprise Mobility Management Mobile Application Management Mobile Content Management Mobile Email Management
Mobile Application Management Applies management and policy controls functionality to individual applications. Preconfigured Applications: Secure personal information manager (PIM) for email, calendaring and contact management, and browser provided by EMM provider or 3 rd party. Application Extensions: Apply policies to applications through SDK or by wrapping apps.
Mobile Content Management Allows users to access content from their mobile devices Secure Container: Client-side app that enables users to store content securely. EMM can enforce authentication, file sharing and copy/paste restriction, email attachment Content Push: Push-based document delivery. Management: content expiration, versioning Content Access: Back-end repository access to so users can pull down new content. Management: Audit, restrictions while roaming
Choosing the Right Solution
Customer story: American Industries Presentation
Gartner Magic Quadrant for EMM
AirWatch Acquired by VMware in Feb 2014. AirWatch provides broad and deep EMM functionality. AirWatch is available as on-premises deployment or SaaS model, BYOD ready. MDM: Strong ios, Android, and Windows Phone support MAM: Proprietary software development kit (SDK) and app wrapper PIM: Proprietary tool - AirWatch Inbox. Supports ios and Android, no support for Windows Phone 8. Supports Microsoft Exchange, no Lotus Notes support Multiuser Support: Strong capabilities to support multiuser environment via MDM/MAM.
AirWatch Extensive Android handset API support from Samsung, LG, HTC, Motorola, Panasonic, Intel, Sony, Kindle Fire and Nook HD Provides Android remote support. No remote screen sharing or support on ios. Content Access: Support for back-end file stores: SharePoint, Office 365, WebDAV, GoogleDrive, etc on ios, Android, Windows Phone 8 Supports content push and file share synchronization on ios, Android and Windows Phone 8
MobileIron Extremely capable EMM solution. Aims to manage whatever mobile application the organization uses. MDM: Strong configuration and policy management for ios, Android and Windows Phone MAM: Proprietary MobileIron AppConnect application wrapper. Great policy support for ios, Android but not Windows Phone. PIM: Uses 3 rd party tool Divide PIM (now a Google company). No Windows Phone support.
MobileIron Multiuser Support: Supports multiuser configuration management on ios and Android. Supports geofencing. Supports silent app installation on ios and Android. Can lock device down to a single app on ios and Android Content Access: Mobile content container (Docs@Work). Supports SharePoint, WebDAV, Windows shares. Content push is available for ios only. Does not support Windows Phone. Remote view for ios devices, no remote control on Android.
IBM IBM acquired Fiberlink in Dec 2013 and has positioned MaaS360 as a major component of its enterprise mobility solution. MaaS360 brought IBM a much needed cloud solution as well as on-premises. MaaS360 is a good fit for organizations looking for SaaSbased product and those who use IBM collaboration, productivity and security technologies MDM: Supports ios, Android, Windows Phone 8. MDM APIs from Samsung, LG, Amazon Kindle Fire, Toshiba, Asus and Lenovo MAM: Proprietary app wrapper and SDK. ios, Android and Windows Phone support
IBM PIM: Proprietary Secure Productivity Suite. Supports ios, Android and Windows Phone 8. Multiuser Support: Supports multiuser device configurations on ios and Android. Supports silent application installation. Can lock the device down to a single app on ios and Android (Kiosk Mode). Remote control of Android devices, not ios Content Access: Good back-end content repository support, including IBM Connections and FileNet. Good capabilities for content push and pull.
Citrix Citrix acquired Zenprise in Jan 2013. Zenprise added to Citrix s mobile app management and mobile app technologies, as well as Citrix ShareFile and Citrix NetScaler In May 2014, Citrix announced Workspace Suite, which combines virtualization and EMM to deliver apps and content to any device XenMobile is available via an on-premises option or through SaaS model. XenMobile supports ios, Android, Windows Phone, Blackberry (via BES) and Windows 8.
Citrix Citrix is a good fit if you are combining EMM with other Citrix technologies such as XenApp, XenDesktop and Netscaler While the solution isn t fully integrated yet, Worx Apps suite, MDX Toolkit and ShareFile are robust tools MDM: Strong policy support across ios and Android MAM: Proprietary app wrapping and SDK through Worx MDX Toolkit. *Rely heavily on NetScaler. PIM: Proprietary secure PIM WorxMail. Calendar integration with Microsoft Lync, Cisco WebEx and Cisco Jabber Content Access: Supports SharePoint, Office 365, WebDAV, etc. Content push and pull capabilities.
Good Technology Good is focused on secure productivity and collaboration applications. Good acquired BoxTone in March 2014. BoxTone brings stronger MDM and the potential for comprehensive performance management capabilities Good is known for its containerized PIM functionality through Good for the Enterprise product (GFE). MDM: Supports ios and Android. Stronger on ios. MAM: Proprietary app wrapping and SDK. Good Dynamics Supports ios, Android. Encrypts data as it moves between apps. Does not support Windows Phone.
Good Technology PIM: Good for Enterprise (GFE) is a rich and robust email, calendaring and contact app. Supports ios, Android and Windows Phone. Multiuser Support: Does not support multiuser device configuration. Supports geofencing. Supports silent app installation on ios and Android. Good does not provide remote-control capabilities. Content Access: Supports SharePoint and Windows network file shares. Desktop synchronization is done using Microsoft Folder Redirection.
SOTI Offers strong, general-purpose EMM solution suitable for mainstream use cases. MobiControl is available as on-premises or SaaS model. Supports ios, Android, Windows Phone, Windows 8 and Mac OS X. Strong configuration management capability on Android MDM: Best Android management. Great ios MDM policy MAM: 3 rd party app wrapping via Mobile App Protection from Mocana. MAM SDK adds remote screen capture on ios devices PIM: 3 rd party app by Excitor
SOTI Multiuser Support: Supports multiuser configuration on Android. Slightly involved process for ios. Supports geo-fencing, supports silent app installation on ios and Android. Can lock down device to a single app on both ios and Android. Content Access: Supports SharePoint, Office 365, WebDAV and Windows network file share. Extensive Android content management including content expiration and version control.
Demo Device Enrollment and Device Management Demo: Cisco Meraki Systems Manager Device registration Deploying HCSS Field
Recommendations Create your requirement list Evaluate the security and management capabilities provided by the mobile OS and hardware platforms Evaluate end-user experiences and functions closely when considering secure personal information managers, because organizations have the most challenges dealing with user experiences in the area of secure PIM products Identify the use cases in your organization, and emphasize the functions that are most critical in addressing those use cases
Q&A