EnterpriseBYOXBestPrac2ces and)Pi4alls:)Any)App,)Any ......Angry Birds Twitter !! App Store Safari...
Transcript of EnterpriseBYOXBestPrac2ces and)Pi4alls:)Any)App,)Any ......Angry Birds Twitter !! App Store Safari...
Enterprise BYO-‐X Best Prac2ces and Pi4alls: Any App, Any Device,
Any Data, Anywhere
Doug Lane Director of Product Marketing
AppSense
Doug Lane - AppSense April 25, 2013
Enterprise BYO-X Best Practices & Pitfalls: Any App, Any Device, Any Data, Anywhere
3
What you should walk away with (or I’ve failed)
§ The *REAL* BYOD “problem” (hint: it’s not about the device)
§ Why current solutions are NOT solutions at all
§ Key Enterprise Mobility Mgmt (EMM) lessons learned (the hard way)
§ 3 Phases to EMM success
§ What to look for in an EMM solution
Mobility
Simultaneously the best & scariest thing to happen to Enterprise IT
You already know you have a problem…
…but do you know just how big it really is?
9
Step back to realize the complexity…
Explosion of Apps
Corporate Data Security and Compliance
Multiple Platforms
10
It’s Not Just BYOD
It’s Actually BYO-X
11
BYO-X
Devices Apps
APP
APP
G APP APP
Data
=
12
The BYOX balancing act…
End Users
§ Apps they want...
§ On the devices they choose…
§ With access to the data they need Enterprise IT
§ Security
§ Compliance
§ Control
13
No Good Solution Options for IT
1st Gen Solutions Were Developed Pre-app
and Tablet Explosion
“No single vendor offers a comprehensive product for management of apps, svcs, policy, devices and security… move towards app-level management is key…”
15
Files Pro
iChat
Weather
Path
Settings
Notes
Twitter Angry Birds
App Store
iPod Safari Photos
Calendar
Office 2 HD
Current Solutions – Just Say “No”
Lockout User Apps Lockdown User Devices
YouTube
Weather
DataNow
Path
Settings
Notes
Dolphin
Box.net
Office 2 HD
Yammer
Mail Photos
App Store
Siri
iTunes Safari
Camera
iCloud
Dolphin Yammer
Box.net Quick Office
§ Architected for Expense and Inventory Management
§ Coarse Device Level Controls Only
§ No Personal/Work Isolation or Data Encryption
§ Proprietary Apps Only
§ No 3rd Party App Support w/o SDK
§ Severely Degraded User Experience
MDM Containers/SDKs
16
➔ No App Security
➔ No Data Encryption
➔ No Privacy
Strong OTA Device Mgmt & Configuration
MDM –
MDM +
Mobile Device Mgmt MobileIron, Zenprise, Airwatch…
Proprietary Containers Good Technologies, Enterproid…
MDM PROPRIETARY CONTAINERS/SDKS
➔ Horrible User Experience
➔ Limited/Proprietary Apps
➔ No MDM
Proprietary App & Data Security
Container –
Container +
17
➔ No App Security
➔ No Data Encryption
➔ No Privacy
Strong OTA Device Mgmt & Configuration
MDM –
MDM +
Mobile Device Mgmt MobileIron, Zenprise, Airwatch…
Proprietary Containers Good Technologies, Enterproid…
MDM PROPRIETARY CONTAINERS/SDKS
➔ Horrible User Experience
➔ Limited/Proprietary Apps
➔ No MDM
Proprietary App & Data Security
Container –
Container +
+ OPTIMAL NATIVE APP/DEVICE EXPERIENCE + REAL DATA ENCRYPTION + REAL PRIVACY + STRATEGIC APP/DEVICE/DATA SOLUTION
FULL APP & DATA SECURITY
STRONG OTA DEVICE MGMT & CONFIGURATION
EMM
18
Delivering Value Demands an EMM Strategy, NOT just BYOD
MAM MDM Data SPOG
Data
Devices
Apps
102
103
Bus
ines
s Va
lue
Building a Strategic IT Platform
101
19
Enterprise IT
The New World of Agile IT – Just Say “Yes”
End Users
§ BYO-X
§ Rich Enterprise App Market
§ Self-Service Apps & Data
§ Strongest BYO-X Security
§ Fine-Grain App and Data Controls
§ No App/OS Customizations
20
That sometimes means knowing what NOT to do
21
The EMM Commandments – Thou Shalt NOT…
§ …think BYO-X can be driven or controlled by the Enterprise
§ …restrict app choice or force use of substandard apps
§ …assume because it works on desktops it will work on mobile
§ …think all mobile devices, platforms and OS’s are created equal
§ …believe users aren’t smart enough to go around IT
22
Key EMM Lessons Learned (to always keep in mind…)
§ Liberate users, don’t lock them down
§ Mobility is Darwinism at its best (and worst)
§ Native experience wins
§ Apply controls only where they are needed
§ One size does not fit all
§ Keep up or fall perilously behind
23
24
3 Phases to Achieving EMM Success
Value MDM
§ Basic, Coarse Device Ctls § Remote Device Configs
APP
APP
G APP
APP
MAM
§ Fine-Grain App & Security Ctls (incl. Email) § Rich, Multi-Sourced Apps § Fully Native App Experience
Mobile File Access & Sharing
§ Single-Pane-of-Glass Access § Simple File Sharing § End-to-End Security Encryption
25
Key EMM Solution Requirements
Mobile Device Management
§ Do NOT Turn Devices into Bricks
§ Apply Device Controls ONLY
When & Where Needed
§ Preserve Native Features
§ Enable 1-Click Configs for Everything
26
Hyper-Targeted Controls
NOT This
– Device
Do This…
– Application
27
Key EMM Solution Requirements
Mobile App Management § Fine-Grain App Security and Controls
– Deep, Meaningful & Targeted
§ Real-Time Policy Enforcement
§ Seamless End-User App Delivery
§ Fully Native App Experience
§ No App/OS Customizations or
Coding to an SDK or API
APP
APP
G APP
APP
28
Mobile OS
Preserve Users Native Experience
Personal Apps
Applications perform normally in their native OS environment. Personal apps can not access business apps.
Business Apps
Fully native apps. No App/OS customizations required. Fin Mktg Sales HR
Biz apps are isolated from personal apps. Enforce app policies and data encryption.
Fully Native Experience
29
Mobile OS (iOS/Android)
Layered App and Data Policies/Controls
Data R/W, App, System/OS
Calls
Personal
Device Security
Data Encryption/Isolation
Authentication
Policy Enforcement
Business
Fin Mktg Sales HR
30
Key EMM Solution Requirements
Secure Email
§ One-Size Does NOT Fit All
§ Provide Multiple Options –
Native Email Clients & 3rd Party
§ Match Users’ Security Posture with
the Right Email Client
31
Status Quo BYOD
Key EMM Solution Requirements
Restrict Corp Email Access
Remote Corp Email Wipe
Email Body & Attachment Encryption
Secure Attachment Launching
URL Re-Direct to Secure Browser
Real-Time Policy Enforcement and DLP
Restrict Offline Email & Attachment Access
Next Gen EMM
Secure Email
32
Key EMM Solution Requirements
Mobile File Access & Sharing
§ Simple, secure access to all data
§ End-to-End encryption
§ Centralized policy & compliance ctrl
§ Aggregate data from multiple sources
33
Key EMM Solution Requirements
Mobile File Access & Sharing
Solve your Dropbox Problem without adding another Box
§ NO new storage
§ NO costly data migrations
§ Beware of wolves in sheep’s clothing
34
H:\ S:\ F:\ SharePoint SharePoint FTP WebDav Cloud Storage
Simplified File Access & Sharing
35
Enable Instant End-User and IT Value
§ Self Service
§ C2B Apps
§ B2B Apps
§ Simple, Secure Data Access
§ IT – Instant Biz Enablement
§ App Pubs – Zero SDK
§ Data – Follow Me Experience
§ Multi-Platform
§ Policy/Compliance Enforcement
§ Data Encryption/Isolation
§ Offline Use
§ Secure Email
VP HR
VP MKT
VP Sales
VP FIN
App Ecosystem
APP
APP
G APP APP EMM Solution
36
Follow-me Mobile Enterprise
End User Choice Centralized Admin
Apps
Data
Policies
Profiles
EMM
Doug Lane - AppSense April 25, 2013
Enterprise BYO-X Best Practices & Pitfalls: Any App, Any Device, Any Data, Anywhere
Ajay Arora
CTO – Mobile December 2012