• No results found

Bell Mobile Device Management (MDM)

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "Bell Mobile Device Management (MDM)"

Copied!
5
0
0

Loading.... (view fulltext now)

Download now ( 5 Page )

Full text

(1)

Bell Mobile Device Management (MDM)

Frequently Asked Questions

INTRODUCTION

Bell Mobile Device Management provides business customers an all in one device administration tool to manage multi-platform devices through the entire device lifecycle on a cloud based platform. Bell Mobile Device Management includes Remote Device Manager which is a Help Desk tool to remotely control, support and troubleshoot mobile devices regardless of user location; this service is exclusive to Bell. Bell Mobile Device Management allows IT Administrators to centrally manage mobile device assets, deliver high quality mobile experience, provide data security, while simultaneously maximizing employee productivity and monitoring the cost of mobile use. The IT Administrator will have insight into applicable mobile devices; have the ability to deploy enterprises policies and simplify technical support via remote access.

BUSINESS QUESTIONS

What is Bell Mobile Device Management used for?

Smartphones and mobile devices are becoming more instrumental than ever in execution of daily tasks. As these devices become more crucial to the enterprise, they create a dual challenge:

(1) How to best control security exposure;

(2) How to maximize device capabilities across the business realities.

Bell Mobile Device Management resolves those challenges posed by mobile device by executing on the following directives:

 Protect the connected employee and organization by managing risk situations

 Monitor mobile assets utilization and control outlays

The following significant capabilities can be performed with Bell Mobile Device Management:

Assets Management: Provides a centralized comprehensive view of the enterprise and BYOD mobile

assets. One can see all of the devices, their assigned applications and their on-device hardware, software and connectivity parameters that are of importance to ensure enterprise mobile use compliance.

Policies Management: Allows the enforcement of on-device password policy, on-device data backup /

restore policy, access control policy, including configuration for Exchange ActiveSync, WI-FI, VPN and APNs.

Mobile Applications Management: Allows enterprise IT Administrators to define which on-device

applications are mandatory and which are prohibited. The system constantly monitors the overall deployed applications across the enterprise's devices and provides a mechanism to define applications' status. It implements the chosen policy through automated procedures of alerting, installing and uninstalling applications.

Mass Deployments: Facilitates mass deployment campaigns on pre-defined devices groups. Device

groups are managed through organizational hierarchies as used by the system for assets management and Mobile Applications Management. Defining on-device content for a group generates an

automated distribution process.

(2)

Use Control: The use control provides business views of the device use. It analyses call, messaging, data and roaming usage. It presents the implied enterprise expense and the heavy users along with

indications to usage by threshold.

Remote Device Manager: Enables IT Administrators to assume complete control over the enterprise

mobile devices from afar. The ability to see the device screen and operate it in real time allows quick understanding of the issue and resolving it in a fraction of the time.

How can I benefit from Bell Mobile Device Management? Bell MDM introduces benefits in several dimensions:

Shifting to new mobile devices: Provides an end user a simple and way to swap to new devices easily

by using an automated enlisting and policy definition processes. It saves operating cost and streamlines the change.

Implementing business policies: There is a delicate balance between enforcing the business security

and use policies and the fact that most of the devices are owned by the end users. Bell MDM allows the business to set and define security; data protection and applications use policies across the end user’s devices with provisioning and monitoring mechanisms but without imposing harsh reality on the end users. These operations reduce data security breach and increase employees' productivity.

Increase efficiency, reduce costs: Advanced support capabilities reduce idle work time and increase

employees' productivity. The expense control module restraints the use cost and the roaming expenses.

How can Bell Mobile Device Management improve enterprise mobility?

Bell MDM ensures always connected professionals; higher productivity; reduced idle work time searching for support or using non-work applications; mitigating mobile work force malfunction risks via remote guidance by a back office expert; reduced use and roaming expenses; aligning price plans to users by their actual use; resolving stolen / lost devices scenarios; allowing 24/7 support while reducing the dependency on an external support; reducing security breaches.

How can an enterprise sign up for Bell Mobile Device Management?

Registration to the service is done via the enterprise’s Bell account manager. The account manager will fill and order form and submit the request. Your request will be streamlined through Bell’s system, defining that the business is entitled to this service. The IT Administrator will receive a welcome letter, with links on how to activate the service with their owned defined password. Once defined, the IT Administrator will have access to both the Bell Mobile Device Management and Remote Device Manager business solutions. The IT Administrator will have a dedicated portal through which they can get more information and training material or access to the support team. The service will be billed through the Bell monthly charges.

Is the solution delivered in SaaS? On-premise installation?

The solution is currently available via the cloud based deployment. On-premise deployment is in consideration for future.

Which data is kept and where?

(3)

In addition, the system keeps the following: the policies parameters as defined by the IT Administrator such as prohibited applications and mandatory applications; end users as defined by the IT Administrator for self service operations; device contacts and messages based on the backup policy and its related activities; use data (calls minutes; messages; data) based on devices internal counters.

The data is stored on the Mobile Device Management server that is located in Europe. All private data stored in the system is fully encrypted.

Is there a limit to kept data size? There is no limit to the data size.

Can Bell Mobile Device Management be used for private devices?

Yes, the limitation is as the number of licenses your organization has purchased.

Can Device Manager be used for devices that were not purchased via my telecom provider? Yes, the limitation is as the number of licenses your organization has purchased.

Should the IT Administrator use Bell Mobile Device Management for all devices in the organization? The IT Administrator should exercise judgment regarding the risks. The IT Administrator is to activate the Bell MDM for all the devices for which they wish to control data security, activate data protection capabilities, provision application use or provide better support.

Who in my enterprise should operate Bell Mobile Device Management?

Bell MDM is usually managed by an IT Administrator with data security awareness. This person should take a proactive role in monitoring the policies fulfillment. This person should exercise decisiveness and assertiveness. How can the IT Administrator gain end user cooperation on device policies?

The system is aimed at friendly end users. It assumes that the end users are known and have a willingness to participate in the organizational effort for better enterprise mobility. There is a need to share with the employees the policies and the drivers for them. Continuous and open communication with the employees will build their confidence and desire to be part of the effort. When a deviation takes place, it is better to offer the employee to take a corrective action by himself and not take potentially severe, one-sided corrective measures. Should all end users have the same mobile policies?

No, these can differ by the managerial level or by their professional department, pending their daily tasks. How can the IT Administrator best use the management by groups function?

Groups allow an IT Administrator to define the logical audiences that require different device management approaches. It is best to utilize these groups based on the organizational logic and differences in the members’ daily lives. It is best to define groups that represent different needs for applications use (such as marketing) or security risks (such as top executives). An inferior practice will be to define groups of device types. Devices are handled by the policy based on its OS capability so there is no need to define stand-alone groups such as Android devices, iPhone devices, etc. A specific device can be part of only one group and as such, it should be allocated to the best structure that reflects the needs of the organization. Most of the system’s policies and configurations can be inherited from the parent group allowing you to maintain higher group granularity but with the same policies.

What are the recommended policies for security, apps and backup?

(4)

Security: Deploy a password for every device. Data protection capabilities are there once the client is installed.

Applications: Consumer applications serve the professional lives of the employees. Ensure to only

prohibit applications that generate real threat of data sharing or leakage without really contributing to the business. BYOD device should have more freedom in compare to enterprise liable devices.

Backup: Define backups across the device. In a stolen / lost device scenario, the IT Administrator might

be required to wipe the on-device data however sufficient time to backup prior to wipe will be needed.

Self-service: Grant self service capabilities to end users. It will allow them better control over their data

protection hazards while encouraging more cooperation. Can the IT Administrator operate the policies equally over all the devices?

No, mobile operating systems differ regarding elements such as password complexity, the ability to remove applications and the ability the remotely takeover a device for support. The system is built in such a manner that all the IT Administrator needs to do is to define the end user’s policy once, the system will then publish the request to the device and it will be fulfilled according to the capabilities of the operating system.

Can the IT Administrator remotely operate and manage a device without the awareness of the end us? Bell Mobile Device Management regarding policies management can be done without the awareness of the device holder. A Remote Device Manager takeover for support purposes requires proactive consent of the end user.

What self-service operation can the end users operate via Bell Mobile Device Management?

End Users can perform the following: locate a device; activate device's alarm; lock a device; wipe a device directly or after a successful backup; selectively wipe a device or perform a total factory reset; activate backup policy; backup the device; view device diagnostics; deploy recommended applications from an enterprise apps portal. How can the IT Administrator grant end user access to the self-service operations?

When adding a device to the system, the IT Administrator is to fill in the end user’s email in the 'Add new device' box. This will send a welcome letter to the end user, allowing them to activate the self-service capabilities. Currently the IT Administrator cannot add this option after they have enlisted a device in the system. If the IT Administrator wishes to allow this for the end user, they are to make sure to add the user in the enlisting process.

Which mobile operating systems and versions are supported by Bell Mobile Device Management?

Criteria Mobile Device Management Remote Device Manager

Supported OS/Device

 BlackBerry (5.0 and above)

 iPhone (4.0 and above)

 Android (2.2 and above)

 Symbian: S60, Symbian 3; MeeGo

 BlackBerry (4.3 and above)

 iPhone (4.0 and above; remote configuration only)

 Android (2.3 and above)

 Symbian: S60, Symbian 3; MeeGo

(5)

Not Supported Devices

 Windows Mobile

 Windows Phone

 BlackBerry Play and QNX

 Windows Phone

How can the IT Administrator know which devices are supported by Bell Mobile Device Management? Device coverage is by the list of the supported operating systems as described above. For Remote Device Manager capabilities, there is a separate device list in the device number key-in screen.

Can an IT Administrator get access to an end user’s private data?

Bell Mobile Device Management does not enable the IT Administrator access to on-device private data. Once the device is remotely taken over, the IT Administrator who took over, can access the device's private data. However, this cannot happen without the end user viewing all the actions of the supporting person and the end user can stop the session at any point in time.

Can an end user remove the Bell Mobile Device Management application from the device?

Yes, but this will generate 'last seen' indicator in the system and the IT Administrator will understand that there is an issue with this device.

How does and end user uninstall the Remote Device Manager?

Removing the Remote Device Manager application from the device is done by using the device's applications / downloads manager.

 In BlackBerry, select “Menu” and then “Downloads” menu. Look for application called "Bell MDM”, select “Options” and then select “Remove”. Alternatively, select “Menu” then select “Options” then select “Advanced Options” then select “Applications”. Look for an application named “Bell MDM” and select “Options” to remove it.

 In Symbian, select “Menu” then select “Applications”. Look for an application called “RDM". Select “Options” and then select “Remove”.

What about iOS remote support?

iOS does not enable complete remote takeover similar to BlackBerry and Android. What about Windows PC support?

Windows remote PC takeover is supported by the system. The IT Administrator needs to fill out the target device email instead of the phone number. This will send an email with a link to run the application for the takeover, without a need to install it. The GUI is the same as taking over a mobile device with the possibility to enlarge the screen for better support experience. Remote Device Support for mobile devices is activated via a dedicated link. It cannot be done from inside the Bell Mobile Device Management system (this capability will be added in a near term release).

What about Blackberry Play and QNX devices?

These are not currently supported. Currently Bell is working with RIM to allow remote support for these devices. What about Windows Phone support?

These are not currently supported. Currently Bell is working with Microsoft to allow remote support for these devices.

References

Download now ( PDF - 5 Page - 287.10 KB )

Related documents

IT Resource Management vs. User Empowerment

An MDM solution is intended to provide centralized security and management of mobile devices in order to protect corporate data stored on the devices, and data that these devices

DUBEX CUSTOMER MEETING

 Cannot support tier-1 MDM solutions Add MDM features to Mobile Security  MDM solution can push mobile security VPN profile to device  Leverage full. capabilities of tier-1

Centralized management and automated audit and access control are becoming requirements to meet government and industry compliance regulations.

As the company has now entered the mobile security/managed access control market, we anticipate Centrify will be competing with mobile device management

Mobile Device Management:

Mobile Device Management (MDM) software provides IT organizations with security-relevant capabilities that support the integration of mobile devices into enterprise

SECURING ENTERPRISE NETWORK 3 LAYER APPROACH FOR BYOD

A Mobile Device Management (MDM) solution is an application suite that allows entry of BYOD devices in a corporate network by simple management and authorization based on

Security Considerations for the Adoption of Mobile Devices in the Public Sector

• Investigate Mobile Device Management (MDM) Solutions: MDM solutions can help organizations to establish and maintain configuration control over mobile devices, allow or

Addressing NIST and DOD Requirements for Mobile Device Management (MDM) Essential Capabilities for Secure Mobility.

The two documents we have been discussing, the NIST Guidelines for Managing and Securing Mobile Devices in the Enterprise and the DOD Mobile Device Management (MDM) Server Security

SysAid MDM User Guide for Android

 Wipe device: in the event that your mobile device is lost or stolen, your administrator can delete all data and restore the device to factory default settings.. SysAid MDM can