Implement Mobile Device
Management to Deploy HCSS
Mobile Apps
A guide to MDM & EMM product selection
Femi Ariyo
Our Goal
• Understand mobile device management and its benefits • Examine different concepts that drive mobile device
management (Platform support, feature set, ease of use)
• Choose the right solution for your company
• Provision HCSS apps with Mobile Device Management • Hear Mobile Device Management success stories among
HCSS customers
• See a demo of the Apple Device Enrollment Program and Cisco Meraki Mobile Device Management
What is MDM and its Benefits
•
Mobile Device Management (MDM) solution allows
you to manage and secure mobile devices deployed
in your organization
•
MDM allows you to configure devices, perform
remote lock and wipe
Platform Wars
• Each Android distribution is unique. Samsung, LG, HTC, Motorola, Google – all did things differently. This is
good and bad.
• Apple iOS is a closed system. Developers only had
access to features exposed by Apple. Effective quality control process.
• Naturally, MDM offerings became selective. Features were not leveled across all platforms.
MDM Evolving to EMM
•
Today, MDM has gone beyond configuration and
remote wipe
Enterprise Mobility Management
•
Hardware & Application inventory
•
OS Configuration Management
•
Mobile App deployment, update, and removal
•
Mobile app configuration and policy
management
•
Remote view and control for troubleshooting
•
Execute remote actions
Enterprise Mobility Management
Mobile Application Management
Mobile Content Management
Mobile Application Management
Applies management and policy controls functionality
to individual applications.
•
Preconfigured Applications: Secure personal
information manager (PIM) for email, calendaring
and contact management, and browser provided by
EMM provider or 3
rdparty.
•
Application Extensions: Apply policies to
Mobile Content Management
Allows users to access content from their mobile devices • Secure Container: Client-side app that enables users to
store content securely. EMM can enforce authentication, file sharing and copy/paste restriction, email attachment • Content Push: Push-based document delivery.
Management: content expiration, versioning
• Content Access: Back-end repository access to so users
can pull down new content.
Customer story: American Industries
AirWatch
• Acquired by VMware in Feb 2014. AirWatch provides
broad and deep EMM functionality. AirWatch is available as on-premises deployment or SaaS model, BYOD ready. • MDM: Strong iOS, Android, and Windows Phone support
• MAM: Proprietary software development kit (SDK) and
app wrapper
• PIM: Proprietary tool - AirWatch Inbox. Supports iOS and
Android, no support for Windows Phone 8.
Supports Microsoft Exchange, no Lotus Notes support • Multiuser Support: Strong capabilities to support
AirWatch
• Extensive Android handset API support from Samsung, LG, HTC, Motorola, Panasonic, Intel, Sony, Kindle Fire and Nook HD
Provides Android remote support. No remote screen sharing or support on iOS.
• Content Access: Support for back-end file stores:
SharePoint, Office 365, WebDAV, GoogleDrive, etc on iOS, Android, Windows Phone 8
MobileIron
• Extremely capable EMM solution. Aims to manage whatever mobile application the organization uses.
• MDM: Strong configuration and policy management for
iOS, Android and Windows Phone
• MAM: Proprietary – MobileIron AppConnect application
wrapper. Great policy support for iOS, Android but not Windows Phone.
• PIM: Uses 3rd party tool – Divide PIM (now a Google
MobileIron
• Multiuser Support: Supports multiuser configuration
management on iOS and Android. Supports geofencing. Supports silent app installation on iOS and Android.
Can lock device down to a single app on iOS and Android • Content Access: Mobile content container
(Docs@Work). Supports SharePoint, WebDAV, Windows shares.
Content push is available for iOS only. Does not support Windows Phone.
IBM
• IBM acquired Fiberlink in Dec 2013 and has positioned MaaS360 as a major component of its enterprise
mobility solution. MaaS360 brought IBM a much needed cloud solution as well as on-premises.
• MaaS360 is a good fit for organizations looking for SaaS-based product and those who use IBM collaboration, productivity and security technologies
• MDM: Supports iOS, Android, Windows Phone 8. MDM
APIs from Samsung, LG, Amazon Kindle Fire, Toshiba, Asus and Lenovo
• MAM: Proprietary app wrapper and SDK. iOS, Android
IBM
• PIM: Proprietary – Secure Productivity Suite. Supports
iOS, Android and Windows Phone 8.
• Multiuser Support: Supports multiuser device
configurations on iOS and Android. Supports silent application installation.
• Can lock the device down to a single app on iOS and Android (Kiosk Mode). Remote control of Android devices, not iOS
• Content Access: Good back-end content repository
Citrix
• Citrix acquired Zenprise in Jan 2013. Zenprise added to Citrix’s mobile app management and mobile app technologies, as well as Citrix ShareFile and Citrix NetScaler
• In May 2014, Citrix announced Workspace Suite, which combines virtualization and EMM to deliver apps and content to any device
• XenMobile is available via an on-premises option or through SaaS model.
Citrix
• Citrix is a good fit if you are combining EMM with other Citrix technologies such as XenApp, XenDesktop and Netscaler
• While the solution isn’t fully integrated yet, Worx Apps suite, MDX Toolkit and ShareFile are robust tools
• MDM: Strong policy support across iOS and Android
• MAM: Proprietary app wrapping and SDK through Worx MDX
Toolkit. *Rely heavily on NetScaler.
• PIM: Proprietary secure PIM – WorxMail. Calendar
integration with Microsoft Lync, Cisco WebEx and Cisco Jabber
• Content Access: Supports SharePoint, Office 365, WebDAV,
Good Technology
• Good is focused on secure productivity and collaboration applications. Good acquired BoxTone in March 2014.
BoxTone brings stronger MDM and the potential for comprehensive performance management capabilities • Good is known for its containerized PIM functionality
through Good for the Enterprise product (GFE). • MDM: Supports iOS and Android. Stronger on iOS.
• MAM: Proprietary app wrapping and SDK. Good
Dynamics – Supports iOS, Android. Encrypts data as it
Good Technology
• PIM: Good for Enterprise (GFE) is a rich and robust email,
calendaring and contact app. Supports iOS, Android and Windows Phone.
• Multiuser Support: Does not support multiuser device
configuration. Supports geofencing. Supports silent app installation on iOS and Android.
Good does not provide remote-control capabilities. • Content Access: Supports SharePoint and Windows
SOTI
• Offers strong, general-purpose EMM solution suitable for mainstream use cases. MobiControl is available as on-premises or SaaS model. Supports iOS, Android, Windows Phone, Windows 8 and Mac OS X.
• Strong configuration management capability on Android • MDM: Best Android management. Great iOS MDM policy
• MAM: 3rd party app wrapping via Mobile App Protection
from Mocana. MAM SDK adds remote screen capture on iOS devices
SOTI
• Multiuser Support: Supports multiuser configuration on
Android. Slightly involved process for iOS.
Supports geo-fencing, supports silent app installation on iOS and Android.
Can lock down device to a single app on both iOS and Android.
• Content Access: Supports SharePoint, Office 365,
WebDAV and Windows network file share.
Demo – Device Enrollment and Device
Management
•
Demo: Cisco Meraki Systems Manager
•
Device registration
Recommendations
• Create your requirement list
• Evaluate the security and management capabilities
provided by the mobile OS and hardware platforms
• Evaluate end-user experiences and functions closely
when considering secure personal information managers, because organizations have the most challenges dealing with user experiences in the area of secure PIM products
• Identify the use cases in your organization, and emphasize
