Connected Device Management for Enterprise Mobility and Beyond

Shan Director - Mobile Architecture

Agenda

Enterprise Mobility Connected Device Management Framework Architecture WSO2 Internal Mobility Strategy

Enterprise Mobility

SmartPhone Penetration2 billion in 2016

1/4 of global population - 2015 1/3 of global population - 2018

Computer

EmployeesManagers

ProductivityRisk

Owners

Customers Suppliers

Shareholders

Enterprise mobility

Enterprise mobility is no longer about managing executive devices’ email or providing a few enterprise business apps!

Enterprise

Data

EmployeesDevices

AndroidiOS Windows 8Blackberry

COPECompany Owned, Personally Enabled

BYODBring your own device

Enterprise Mobility

Tablets Laptops

IoT

Many device types

PublicStore

Data

1

32

4

Enterprise Mobility Challenge

Data Security

Remote Device Management

Enterprise Store

Enterprise Application Development & Management

Resource Management

How the data can be compromised ? • Device being lost or stolen • Malicious App stealing the data • Data Leak

What is the data ? • Email message or the attachment • Documents like pdf,word,excel,ppt,text • Browser accessing HTML pages,cookies • Contact,Calendar,Notes • Application with Database

Why the data is sensitive ? • It can be highly confidential like

quotation value, salary details • It can have a high impact if it goes

to the wrong person

Who can compromise ? • External • Internal

Data Security

Real Challenge • development of a platform which can easily plug any device • provide an interface to 3rd party application for extension

Enabling Device Management Support

MDM Server

Agent

Android

Develop an Application (called as an Agent) Either use a standard protocol (OMA DM) or use your own one Security has to be handled

MDM Server

Agent

APNS

iOS

• No need to develop any application, if you want additional functionality (Location,Alert,Ring) • Device Management is supported in the OS layer through profiles • Depend on Apple • Need to have Enterprise Developer Account (299$/per year) • Apply for MDM vendor approval • Use Safari to download the profile • Security is handled - Certificate based • MDM push notification happens through APNS (Apple push notification service) • Apple protocol

MDM ServerWNS

Windows

• No need to develop any application, • Device Management is supported in the OS layer through a built-in App • Security is handled - Certificate based • Default can work with polling model • 8.1 supports push through WNS - Needs a developer account • OMA-DM

EMM 1.0 EMM 2.0

Architecture of EMM 2.0

Evolution WSO2 EMM

Version 1.0 - February 2014 Version 1.1 - June 2014 Version 2.0 - November 2015

User, device, policy, operation, configuration and license management. Self service enrollment for user. BYOD & COPE seperation. Identity management. API everywhere. Multi-tenancy. Dashboards. MDM platform features.

Core Features

WSO2 EMM - iOS Features๏ Lock.

๏ Install/uninstall store and enterprise applications.

๏ Fetch location.

๏ Cellular.

๏ Get device information.

๏ Restrictions (nearly 70 supported).

๏ Alarm.

๏ WIFI

๏ Send Message

๏ Airplay.

๏ APN.

๏ LDAP.

๏ Email.

๏ CalDav.

๏ Calendar subscription.

๏ Passcode policy.

๏ Install web clips.

๏ Enterprise Wipe

๏ Get application list.

๏ Clear passcode.

๏ Get profile list.

๏ Remove proffiles.

๏ App lock.

๏ Get installed restrictions.

๏ VPN (L2TP, PPTP, and IPSec)

๏ Per app VPN.

3

WSO2 EMM - Android Features๏Clear passcode.

๏ Enterprise WIPE.

๏Master reset.

๏Application list.

๏Ring device.

๏Mute.

๏Send messages.

๏Change lock code.

๏ Install web clips.

๏ Passcode policy.

๏ Restriction on camera.

๏ Encryption settings.

๏ WIFI.

๏ Location.

๏ Device info.

๏ Install/uninstall store and enterprise applications.

๏ Device lock.

3

WSO2 EMM - Windows Features๏Passcode policy

๏Restriction on camera

๏ Encryption settings

๏Device info

๏ Lock reset

๏Device lock

๏Ring device

๏Un-enroll device

๏Data wipe

Enterprise App Store

3

App Publisher

๏ Android Enterprise Apps (APK).

๏ Android Public Apps (Apps from Google Play).

๏ iOS Enterprise Apps (IPA).

๏ iOS Public Apps (Apps From iTunes).

๏ Web Apps (Responsive mobile web apps).

Supported Mobile App Types

Connected Device Manager for a Connected Business

WSO2 internal mobile strategy ?

Allow secure Wi-Fi connection to all mobile devices Secure Corporate Data Mobile Application Development Lifecycle Management

Framed our Policy Allow Android,iOS, Windows devices Block any rooted device or jailbroken device Allow maximum of 5 devices per device Allow BYOD and COPE devices with different policy No control to the privacy of BYOD device

Testing Store

HR wants to create a HR Mobile AppProject Repository

Created

Project Manager Subscribes to APIs

IDEProduction Store

Invitation to Developer

mBaaS API, MAM API, System API

MAM

MDM

ThankYou