Mobile enabling existing applications. BMIST DD 1380 ReadinessSF 600.
-
Upload
christopher-greene -
Category
Documents
-
view
213 -
download
0
Transcript of Mobile enabling existing applications. BMIST DD 1380 ReadinessSF 600.
Mobile enabling Mobile enabling existing applicationsexisting applications
BMISTBMIST
DD 1380
Readiness SF 600
So Why Not?So Why Not?
Platform choicePlatform choice
Connectivity optionsConnectivity options
ManagementManagement
SecuritySecurity
Mobile Device PlatformsMobile Device Platforms
Increased Functionality
NotebookNotebook
PCPC
Windows MobileWindows Mobile Windows XPWindows XP
TabletTablet
PCPC
Smart Smart Personal Personal ObjectsObjects
.Net.Net
TechnologyTechnology
Media CentricMedia Centric
Data CentricData Centric
Voice CentricVoice Centric
Product UpdateProduct Update
i-mate SP3i-mate SP3
i-mate PDA 2ki-mate PDA 2k
O2 XDA IIsO2 XDA IIs
Motorola MPx220 Motorola MPx220 (Mar)(Mar)
i-mate JAMi-mate JAM
O2 XDA O2 XDA minimini
Motorola MPx (Mar)Motorola MPx (Mar)
i-mate SP3ii-mate SP3i
O2 XPhone2O2 XPhone2
HP iPAQHP iPAQ
63656365
Connectivity OptionsConnectivity Options
1xEV-DO
Bluetooth
GPRS1xRTT 3G/4G
WiMAX
EDGE
Fit for PurposeFit for Purpose
Current using WiFi/GPRS/1xEV-DO Current using WiFi/GPRS/1xEV-DO solutions are ‘good enough’ for most solutions are ‘good enough’ for most PIM and LOB solutionsPIM and LOB solutions
Look for network independence and Look for network independence and future supportfuture support
Intelligent multi-network operation will Intelligent multi-network operation will become importantbecome important
Device ManagementDevice Management
Mobility Management IssuesMobility Management Issues
Devices infrequently connected to an Devices infrequently connected to an organisation’s networkorganisation’s networkLow bandwidth, higher cost Low bandwidth, higher cost connectionsconnectionsUnreliable connectionsUnreliable connectionsPersonal devices, yet managed by their Personal devices, yet managed by their employeremployerDevice loss that leads to work Device loss that leads to work stoppagestoppageMixture of business and personal Mixture of business and personal applicationsapplications
Device Management ApproachDevice Management Approach
Enterprise SupportEnterprise SupportIntegrate into existing or planned PC Systems Management Integrate into existing or planned PC Systems Management solutionssolutions
Mobile Operator SupportMobile Operator SupportMobile Operator provisions device and provides support Mobile Operator provisions device and provides support
Integrates into existing Mobile Operator device provisioning Integrates into existing Mobile Operator device provisioning platformplatform
Typical approach todayTypical approach todayMobile Operator provisions deviceMobile Operator provisions device
Enterprise controls software configurationEnterprise controls software configuration
Mobile Operator provides hardware supportMobile Operator provides hardware support
Enables IT to:Enables IT to:Capture and understand asset Capture and understand asset characteristicscharacteristics
Configure settings and security policiesConfigure settings and security policies
Update and deploy new applicationsUpdate and deploy new applications
Seamless end user experienceSeamless end user experience
Consistent administration experienceConsistent administration experience
Utilizes existing SMS infrastructureUtilizes existing SMS infrastructure
Device Management Feature PackDevice Management Feature Pack
InformationInformationDevice nameDevice name
Hardware IDHardware ID
Device model Device model
Power (battery status)Power (battery status)
Display resolutionDisplay resolution
Generate reports on any hardware Generate reports on any hardware characteristiccharacteristic
Can be extended to capture other Can be extended to capture other hardware inventory informationhardware inventory information
Asset ManagementAsset ManagementHardware InventoryHardware Inventory
File systemFile system
MemoryMemory
NetworkNetwork
Operating Operating systemsystem
Hardware InventoryHardware Inventory
InformationInformationPresence of filesPresence of filesFile detailsFile detailsLast software scanLast software scanProduct detailsProduct detailsSpecify directoriesSpecify directoriesSpecify wildcard file extensionsSpecify wildcard file extensionsList of files or applications in the file List of files or applications in the file systemsystem
Permits collection of log/data filesPermits collection of log/data files
Generate reports on any software or fileGenerate reports on any software or file
Asset ManagementAsset ManagementSoftware Inventory and File CollectionSoftware Inventory and File Collection
Software InventorySoftware Inventory
Configuration ManagementConfiguration ManagementDevice SettingsDevice Settings
SMS provides integrated experience to SMS provides integrated experience to configure and deploy settings configure and deploy settings
Example of configurable settings:Example of configurable settings:NetworkNetwork
GPRS NetworkGPRS Network
PPP NetworkPPP Network
VPNVPN
SecuritySecurityCertificatesCertificates
Registry EntryRegistry Entry
ApplicationsApplicationsActiveSync & Exchange E-ActiveSync & Exchange E-mailmail
Internet E-mailInternet E-mail
ProxyProxy
Browser FavoriteBrowser Favorite
Configuration ManagementConfiguration ManagementPassword PolicyPassword Policy
Centralized control of device password Centralized control of device password policypolicy
Configure mandatory numeric or strong passwordConfigure mandatory numeric or strong password
Force password setting prior to useForce password setting prior to use
Power off timeout maybe definedPower off timeout maybe defined
Administrator defined ‘lockout’ strong password Administrator defined ‘lockout’ strong password applies after certain failed device entry attemptsapplies after certain failed device entry attempts
ImplementationImplementationPassword applet contained in a separate install Password applet contained in a separate install from core SMS clientfrom core SMS client
Password policy configured and deployed as part Password policy configured and deployed as part of settingsof settings
Device Management Device Management Feature PackFeature Pack
Partner Add-onsPartner Add-ons
SMS Managed SystemsSMS Managed Systems
Pocket PC 2003/Pocket PC 2003/Phone EditionPhone EditionPocket PC 2002/Pocket PC 2002/Phone EditionPhone EditionWindows CE 3.0/4.2/5.0Windows CE 3.0/4.2/5.0Smartphone (H1CY05)Smartphone (H1CY05)
Palm Palm RIM RIM SymbianSymbian
Windows Server 2003Windows Server 2003Windows XPWindows XPWindows XPeWindows XPeWindows 2000Windows 2000Windows NT 4.0 ServerWindows NT 4.0 ServerWindows 98Windows 98
More InformationMore Information
Resources: Resources: www.microsoft.com/sms www.microsoft.com/sms
SMS 2003 DM FP DocumentationSMS 2003 DM FP Documentation
Device SecurityDevice Security
Main Security IssuesMain Security Issues
1.1. Device AccessDevice Access
2.2. Protecting data on the DeviceProtecting data on the Device
3.3. Network SecurityNetwork Security
Perimeter protectionPerimeter protectionDevice lock: PIN, Strong, exponential delayDevice lock: PIN, Strong, exponential delay
Authentication protocols: PAP, CHAP, MS-Authentication protocols: PAP, CHAP, MS-CHAP, NTLM, TLSCHAP, NTLM, TLS
Data protectionData protection128-bit Cryptographic services: CAPIv2128-bit Cryptographic services: CAPIv2
Code signing (SmartPhone only)Code signing (SmartPhone only)
Anti-virus APIAnti-virus API
Network protectionNetwork protectionSecure Browsing: HTTP (SSL), WAP (WTLS)Secure Browsing: HTTP (SSL), WAP (WTLS)
Virtual Private Networking (PPTP, L2TP IPSec)Virtual Private Networking (PPTP, L2TP IPSec)
Wireless network protection (WEP, 802.1x, Wireless network protection (WEP, 802.1x, WPA)WPA)
Windows Mobile Security FeaturesWindows Mobile Security Features
Extending Windows Mobile Security Extending Windows Mobile Security Signature authenticationSignature authentication
Certicom CorporationCerticom CorporationCommunication Intelligence CorporationCommunication Intelligence CorporationTSI/Crypto-SignTSI/Crypto-SignVASCOVASCO
Enhanced password protectionEnhanced password protectionHewlett-PackardHewlett-PackardCredant TechnologiesCredant TechnologiesPointsec Mobile TechnologiesPointsec Mobile Technologies
FirewallFirewallBluefire SecurityBluefire SecurityCheckpointCheckpoint
Fingerprint authenticationFingerprint authenticationBiocentric Solutions Inc.Biocentric Solutions Inc.Hewlett-PackardHewlett-Packard
Two factor authenticationTwo factor authenticationRSA SecurityRSA Security
Software Storage EncryptionSoftware Storage EncryptionPointsec Mobile TechnologiesPointsec Mobile TechnologiesTrust Digital LLCTrust Digital LLCCredant TechnologiesCredant TechnologiesBluefire SecurityBluefire SecurityUltimaco Safeware AGUltimaco Safeware AG
Application Data EncryptionApplication Data EncryptionCerticom CorporationCerticom CorporationGlück & Kanja GroupGlück & Kanja GroupNtrū Cryptosystems, Inc.Ntrū Cryptosystems, Inc.
Virtual Private NetworkingVirtual Private NetworkingCerticom CorporationCerticom CorporationCheck Point Software Technologies Ltd.Check Point Software Technologies Ltd.ColumbitechColumbitechEntrust, Inc.Entrust, Inc.Epiphan Consulting Inc.Epiphan Consulting Inc.
Disable ApplicationsDisable ApplicationsOdyssey SoftwareOdyssey SoftwareTrust Digital LLCTrust Digital LLCCredant TechnologiesCredant TechnologiesIntellisyncIntellisync
Device WipeDevice WipeAsynchrony.comAsynchrony.com
Public Key Infrastructure (PKI) Public Key Infrastructure (PKI) enhancementsenhancements
Certicom CorporationCerticom CorporationDiversinet Corp.Diversinet Corp.Dreamsecurity Co., Ltd.Dreamsecurity Co., Ltd.Glück & Kanja GroupGlück & Kanja Group
Antivirus SoftwareAntivirus SoftwareComputer AssociatesComputer Associates
Anti-Virus & FirewallAnti-Virus & Firewall
Mobile Device Security RecommendationsMobile Device Security Recommendations
Risk assessment is keyRisk assessment is keyEvaluate applicability of organisation’s Evaluate applicability of organisation’s standards for laptop computersstandards for laptop computersPasswordsPasswords
Activate power-on, SIM, device lock passwordsActivate power-on, SIM, device lock passwords
Anti-virusAnti-virusFlash-able ROM for security and Flash-able ROM for security and managementmanagementEncryptionEncryption
Encrypting sensitive information in the devices and on Encrypting sensitive information in the devices and on external storage cards external storage cards End-to-end network encryption when using a virtual End-to-end network encryption when using a virtual private network (VPN) connectionprivate network (VPN) connection802.1x authentication/encryption over 802.11b WLANs802.1x authentication/encryption over 802.11b WLANs
SummarySummary
There are real applications being There are real applications being deployeddeployed
Exchange Server 2003 with Windows Exchange Server 2003 with Windows Mobile-based devices works out-of-the-Mobile-based devices works out-of-the-box for mobile PIMbox for mobile PIM
There are a range of new powerful There are a range of new powerful devices currently availabledevices currently available
Security and Management issues are Security and Management issues are addressableaddressable
Try it for yourself!Try it for yourself!
© 2004 Microsoft Corporation. All rights reserved.© 2004 Microsoft Corporation. All rights reserved.This presentation is for informational purposes only. This presentation is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS SUMMARY.MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS SUMMARY.