roduct Service Description 1 Mobile Device Management Mobile Device Management (MDM) is the process of monitoring, configuring, and securing mobile devices over-the-air (OTA). Hardware and software technologies are needed to enable MDM capabilities to allow companies to create, configure and enforce security policies on mobile devices. The following section outlines the components of Xerox s MDM solution which is a managed software as a service offering delivered on our enterprise cloud. Overview Xerox provides services for the design, installation and configuration of the MDM solution. In addition, Xerox provides technical support and system administration services for all the architecture components of the MDM solution. The MDM offering does not include any functional or help desk support for the devices. Help Desk is an additional service that can be purchased. See the roles & responsibilities matrix section for more details of what is in scope for this service. The following table provides additional detail by identifying the items included in the service. Attributes of the Service Startup Services 1) MDM solution architecture design 2) Cloud infrastructure provisioning and configuration 3) All necessary storage for the MDM solution components 4) Software installation including OS, server, database, MDM, server security, monitoring, etc. 5) Build and configuration of MDM solution components 6) Installation of the Apple certificate for ANS (obtained by client) 7) Directory services configuration of MDM server 8) Sample policy testing for ios and Android devices 9) Account setup for administrators 10) Installation and configuration of monitoring services Support Services 11) Cloud infrastructure and support of the MDM solution 12) System administration support of the MDM components 13) Level-3 roblem Management Support 14) Change Management 15) MDM solution maintenance 2011 Xerox Corporation and Xerox, A Xerox Company. All rights reserved. Xerox and the Xerox design are trademarks of Xerox Marketing L in the United States and/or other countries. Xerox and Xerox and Design are trademarks of Xerox Corporation in the United States and/or other countries. 12/01/12
Capabilities The section below lists the capabilities that are included with this solution. Additional capabilities can be discussed in detail upon request. MDM Capabilities Security Management Centralized configuration & policy management Certificate management & distribution (SCE) Embedded best-practice automation OTA policy deployment Active Directory integration (authentication, authorization, policy mapping) Group-based configuration Role-based access Encryption configuration (device, SD) Feature enable/disable (camera, SD, Bluetooth, WiFi, apps, app store, itunes, cookies) assword enforcement (length, age, failed before wipe, complex, inactivity, expiration, history) Remote lock Data/access quarantine Selective (corporate) and full wipe Configurable employee-liable vs. corporate-liable Completely remote -- no on-device agent or application required Security Enforcement Enterprise-wide auto discovery Continuous monitoring 24x7 OTA auto-detection of violations (rogue, unmanaged, non-compliant, blacklist) OTA auto-enforcement (configurable device lock, email quarantine, selective/full wipe) Group-based and role-based configurable for automated vs. manual Fully integrated audit trail Configuration Management (deployment) OTA automated device self-provisioning OTA automated application self-provisioning Mobile service pre-configuration (ActiveSync, WiFi, VN, MS Exchange) WiFi pre-config (SSID, Hidden Network, Security Type, assword) VN pre-config (Configuration Name, Connection Type, Server, User Account, Authentication Type, Shared Secret, roxy Setup) Xerox Cloud Services roduct Service Description v1.4 12/01/12 2
MDM Capabilities SCE pre-config (Server URL, Name, Subject, Challenge, Key Size, Use Digital Signature, Use Key for Encipherment, Fingerprint) MS Exchange pre-config (Account Name, Host, Use SSL, Domain, Email Address, assword, Authentication Credentials) Fully integrated audit trail Application Management Centralized enterprise app catalog Assign mandatory, optional and recommended applications Group-based policy administration OTA automated application self-provisioning Fully integrated audit trail Asset Management Enterprise-wide device asset inventory Individual device asset detail including configuration & change history Enterprise-wide application asset inventory Application white-list, black-list Detailed deployment & utilization by user, device, carrier, platform Compliance Management Automated compliance tracking & reporting Security violation detail based on specified corporate policy Enterprise-wide device Activate/Deactivate/Wipe/Quarantine Ownership detail based on employee-liable vs. corporate liable Expense Management Detailed device utilization tracking Detailed application utilization tracking Detailed low-use, no-use tracking for cost savings Detailed utilization tracking for productivity gains Enterprise Integration BlackBerry Enterprise Server Microsoft ActiveSync Microsoft ActiveDirectory & LDA Microsoft System Center Operations Manager H Operations Manager Other Systems Management platforms Other Help Desk systems Custom SDK & Services options Xerox Cloud Services roduct Service Description v1.4 12/01/12 3
Additional Services The services described below are additional managed mobility services that can be purchased. These services are not included of the MDM Cloud solution offering, and are priced separately. Help Desk: Xerox Help Desk services for MDM include end user support of mobile devices connected to the MDM solution. It includes incident management, troubleshooting and escalation support for activities such as device enrollment, activations, policy settings, reporting, security actions such as remote wipe, etc. It does not include functional or technical support of applications on the devices. MDM Technical Assessment: MDM Technology Assessment is a remotely delivered consulting engagement. Xerox will analyze the mobility governance policy objectives for mobile device OS and MDM latforms for clients. The analysis is performed for a maximum of 30 policy objectives and 3 mobile OS platforms such as Apple ios, Google Android, and Windows Mobile. Requirements & Assumptions 1. The MDM solution leverages Xerox Cloud infrastructure 2. The MDM software license is owned by Xerox 3. An Apple ush Notification (AN) certificate is required obtained by the client 4. Connectivity from the MDM server to the client s AD or LDA system is required 5. Notification of scheduled downtime will be provided 45 days in advance 6. Minor updates and fixes are included in the service 7. Major upgrades requested by the client are considered project work and must be covered under a separate statement of work 8. The MDM solution supports devices running on all major mobile platforms including ios, Android, Windows Mobile, and RIM. Xerox Cloud Services roduct Service Description v1.4 12/01/12 4
Service Objectives and Commitments erformance Level: Standard Service Application Availability Service Measure System Downtime erformance Target 8 hours per month erformance targets are measured weekly and reported monthly. OLA/SLA erformance % 99.90% Severity Levels The default severity level is 3 for new requests unless the requestor provides the business reason for a higher severity. Severity 1 (Critical) A Severity 1 (Critical) trouble ticket has one or more of the following characteristics: The incident has a major business impact Multiple end-users are affected by the incident The affected end-user is a high profile person The incident cannot be circumvented Severity 2 (High) A Severity 2 (Urgent) trouble ticket has one or more of the following characteristics: The incident has substantial business impact Normal business operations are severely impeded The application/system functions, but usability is severely limited for multiple end-users The application/system has experienced continual or repeated incidents Severity 3 (Medium) A Severity 3 (Standard) trouble ticket has one or more of the following characteristics. The incident has limited business impact Normal business operations are minimally impeded The incident only impacts a few users The incident is not continual or repeated Severity 4 (Low) A Severity 4 (Low) trouble ticket has one or more of the following characteristics The incident has no business impact Normal business operations are not impeded The user can run the application Low/Service Request incident ticket has one or more of the following characteristics: The incident has no business impact Normal business operations are not impeded Xerox Cloud Services roduct Service Description v1.4 12/01/12 5
Severity Level Classification Matrix 1-Critical 2-High 3-Medium 4-Low Response Time Target Resolution or Workaround 1-Extensive/ Widespread Critical High High Low 30 min 1 hour 2-Significant/ Large Critical High Medium Low 60 min 4 hours Impact Severity 3-Moderate/ Limited 4-Minor/ Localized 5-Service Request/Task High High Medium Low 2 Hours 1-3 days Medium Medium Medium Low 4 Hours 1-7 days Low Low Low Low Required-by date Non break-fix requests also known as tasks. The required-by-date is typically selected by customer. The planned-end date is the agreed target resolution between the responsible Service Desk and the requestor if the required-by-date cannot be achieved. Or lanned-end date Xerox Cloud Services roduct Service Description v1.4 12/01/12 6
Roles & Responsibilities Matrix Xerox Solution Scope () = rimary (S) = Secondary Xerox Client Mobile Carrier MDM Startup Services rovide overall MDM Solution design for infrastructure and application: rovide Network and Active Directory connectivity for Xerox Cloud to Customer environment S rovide product roadmap overview for future state direction rovide due diligence response on devices in scope, growth, and policy needs Identify Audit needs and requirements for both security and reporting S Environment olicy and rocedures Document: Customer Mobile Device olicies - Ownership and Updates Document: Customer BYOD Mobile Device olicies - Ownership and Updates Template: MDM olicy Options and Considerations Document: Initial olicy Configuration Settings (in accordance with customer policy) Document: olicy approval workflow and exception process oint of Contact for olicy review and escalations rovide feedback and responses when rovider networks affect policy enforcement Mobile Device rocurement, Service (Mobile rovider), and Billing rocess S Mobile Device rovider network ('airtime') support S Mobile Device Hardware support S Xerox Cloud Services roduct Service Description v1.4 12/01/12 7
Xerox Solution Scope () = rimary (S) = Secondary Xerox Client Mobile Carrier Mobile Device Support Workflow process and escalation paths S Deployment and roject Network port and connectivity requirement changes S Administrative Account creation -Active Directory S rovide customer environment specific test devices S Active device testing and policy validation S Document: Standard Report Templates and samples Document: Administrative and Service Account access definitions S Create initial Admin account groups and roles S Setup console / portal access for Admin groups Obtain and deploy required certificates S rovide vendor training content for steady-state admins (web base training) Operational Support and rocess Review Third level troubleshooting and support for MDM Application rimary troubleshooting and support for end-user issues and administrative request Mobile device handset provisioning S Creation and testing of newly requested policies S MDM System patching, updates, hotfix application and general maintenance Xerox Cloud Services roduct Service Description v1.4 12/01/12 8