Post on 16-Apr-2017
Connected Device Management for Enterprise Mobility and Beyond
Shan Director - Mobile Architecture
Agenda
Enterprise Mobility Connected Device Management Framework Architecture WSO2 Internal Mobility Strategy
Enterprise Mobility
SmartPhone Penetration2 billion in 2016
1/4 of global population - 2015 1/3 of global population - 2018
Computer
EmployeesManagers
ProductivityRisk
Owners
Customers Suppliers
Shareholders
Enterprise mobility
Enterprise mobility is no longer about managing executive devices’ email or providing a few enterprise business apps!
Enterprise
Data
EmployeesDevices
AndroidiOS Windows 8Blackberry
COPECompany Owned, Personally Enabled
BYODBring your own device
Enterprise Mobility
Tablets Laptops
IoT
Many device types
PublicStore
Data
1
32
4
Enterprise Mobility Challenge
Data Security
Remote Device Management
Enterprise Store
Enterprise Application Development & Management
Resource Management
How the data can be compromised ? • Device being lost or stolen • Malicious App stealing the data • Data Leak
What is the data ? • Email message or the attachment • Documents like pdf,word,excel,ppt,text • Browser accessing HTML pages,cookies • Contact,Calendar,Notes • Application with Database
Why the data is sensitive ? • It can be highly confidential like
quotation value, salary details • It can have a high impact if it goes
to the wrong person
Who can compromise ? • External • Internal
Data Security
Real Challenge • development of a platform which can easily plug any device • provide an interface to 3rd party application for extension
Enabling Device Management Support
MDM Server
Agent
Android
Develop an Application (called as an Agent) Either use a standard protocol (OMA DM) or use your own one Security has to be handled
MDM Server
Agent
APNS
iOS
• No need to develop any application, if you want additional functionality (Location,Alert,Ring) • Device Management is supported in the OS layer through profiles • Depend on Apple • Need to have Enterprise Developer Account (299$/per year) • Apply for MDM vendor approval • Use Safari to download the profile • Security is handled - Certificate based • MDM push notification happens through APNS (Apple push notification service) • Apple protocol
MDM ServerWNS
Windows
• No need to develop any application, • Device Management is supported in the OS layer through a built-in App • Security is handled - Certificate based • Default can work with polling model • 8.1 supports push through WNS - Needs a developer account • OMA-DM
EMM 1.0 EMM 2.0
Architecture of EMM 2.0
Evolution WSO2 EMM
Version 1.0 - February 2014 Version 1.1 - June 2014 Version 2.0 - November 2015
User, device, policy, operation, configuration and license management. Self service enrollment for user. BYOD & COPE seperation. Identity management. API everywhere. Multi-tenancy. Dashboards. MDM platform features.
Core Features
WSO2 EMM - iOS Features๏ Lock.
๏ Install/uninstall store and enterprise applications.
๏ Fetch location.
๏ Cellular.
๏ Get device information.
๏ Restrictions (nearly 70 supported).
๏ Alarm.
๏ WIFI
๏ Send Message
๏ Airplay.
๏ APN.
๏ LDAP.
๏ Email.
๏ CalDav.
๏ Calendar subscription.
๏ Passcode policy.
๏ Install web clips.
๏ Enterprise Wipe
๏ Get application list.
๏ Clear passcode.
๏ Get profile list.
๏ Remove proffiles.
๏ App lock.
๏ Get installed restrictions.
๏ VPN (L2TP, PPTP, and IPSec)
๏ Per app VPN.
3
WSO2 EMM - Android Features๏Clear passcode.
๏ Enterprise WIPE.
๏Master reset.
๏Application list.
๏Ring device.
๏Mute.
๏Send messages.
๏Change lock code.
๏ Install web clips.
๏ Passcode policy.
๏ Restriction on camera.
๏ Encryption settings.
๏ WIFI.
๏ Location.
๏ Device info.
๏ Install/uninstall store and enterprise applications.
๏ Device lock.
3
WSO2 EMM - Windows Features๏Passcode policy
๏Restriction on camera
๏ Encryption settings
๏Device info
๏ Lock reset
๏Device lock
๏Ring device
๏Un-enroll device
๏Data wipe
Enterprise App Store
3
App Publisher
๏ Android Enterprise Apps (APK).
๏ Android Public Apps (Apps from Google Play).
๏ iOS Enterprise Apps (IPA).
๏ iOS Public Apps (Apps From iTunes).
๏ Web Apps (Responsive mobile web apps).
Supported Mobile App Types
Connected Device Manager for a Connected Business
WSO2 internal mobile strategy ?
Allow secure Wi-Fi connection to all mobile devices Secure Corporate Data Mobile Application Development Lifecycle Management
Framed our Policy Allow Android,iOS, Windows devices Block any rooted device or jailbroken device Allow maximum of 5 devices per device Allow BYOD and COPE devices with different policy No control to the privacy of BYOD device
Testing Store
HR wants to create a HR Mobile AppProject Repository
Created
Project Manager Subscribes to APIs
IDEProduction Store
Invitation to Developer
mBaaS API, MAM API, System API
MAM
MDM
ThankYou