20130506 cdm cio event presentation · title: 20130506 cdm cio event presentation.pptx author:...

Mobility Management Challenges with Government and Public Sector

Copyright © 2013 AirWatch, LLC. All rights reserved. Proprietary & ConfidenGal.

6,500 customers

150 countries

18 languages

1,200 employees

Largest Mobility SoluGons Provider

2

Largest EMM provider with 1,200+ employees, 400+ focused on R&D

Provides mobility soluGons to 6,500+ global customers

Leaders in mobile security, device, applica=on and content management across mulGple plaMorms

First funding in 2013, $200 million with $1+ billion implied valuaGon

Our Mission: Simplify Enterprise MobilityTM


3

Current and Future Mobile Landscape •  Smartphone vendors shipped approximately 477 million smart phones in 2011, up 56.4%

from 2010

•  Currently, there are roughly 5.3 billion mobile subscribers = 77% of the world populaGon

•  The number of mobile workers accessing enterprise systems worldwide will top 1.2 billion by 2013

•  By the end of 2014, the number of global mobile users accessing the Internet is expected to surpass the number of desktop Internet users

•  Total smartphone shipments worldwide are expected to reach 1.03 billion by 2015

Source: IDC


Key Trends in the EvoluGon of Mobility

4

Past Present Future

82% using personal smartphones/tablets for business purposes

56% businesses are looking at mobility to improve producGvity

Security infrastructure Compromised detecGon Device lock and wipe Passcode policy App distribuGon Email management IT influence

App SDK App Wrapping Content management BYOD IT infrastructure integraGon Granular privacy policies Legal influence

Systems consolidaGon Business system integraGon Device, laptop, peripherals Content filtering Web gateways Law and regulaGon influence

“For 25 years a one-‐size-‐fits-‐all approach to workforce technology worked just fine, but those days are fading fast”


Current Market in Government •  Center for Digital Government Sept 2012 study:

o  72% of state and local agencies allow employees to use personal device for work-‐related tasks

o  64% of respondents list an increase in producGvity as greatest benefit o  25% said policy creaGon was the most significant challenge to BYOD program

Recent Breaches •  Florida Department of Juvenile JusGce – Jan. 2013

o  Unencrypted device lost containing data of 100k ciGzens •  NASA Security Breach – Nov. 2012

o  Unencrypted laptop stolen out of vehicle


Comprehensive Mobility SoluGons

6

Secure Content LockerTM

AES-‐256 bit encrypGon SharePoint integraGon

Personal content Desktop sync

Content collaboraGon AdministraGve control

Enterprise App Catalog App Wrapping

Sohware Development Kit Volume Purchase

Program App raGngs

Development workflow

OrganizaGon groups Simple enrollment User authenGcaGon Profile configuraGon

AirWatch Hub Telecom management Advanced reporGng

End-‐to-‐end Security

Same Mobility SoluGons in the Cloud or On-‐premise

NaGve client support Email infrastructure

integraGon Advanced configuraGon Email access control

Separate email container Secure akachments

Bring Your Own Device (BYOD) Support

Devices Apps Content Email


State and Local Government DifferenGators Focus team on Government

Enhanced Security

CJIS Security Policy and FIPS-‐140 Compliance

MulG-‐tenancy and Role-‐based Access

Mobile Employee Enablement

Audit and Compliance Monitoring System InformaGon and Event Management (SIEM)

Mobile Applica=on Management

Secure Content LockerTM

Mobile Email Management

AirWatch Browser™ Bring Your Own Device (BYOD)

Global Support and Services

8


RepresentaGve Public Safety Customers

•  South Metro Fire is using iPads on engines to drive a paperless environment •  SMF is replacing 40 different paper systems with the iPad and AirWatch is

enabling the deployment •  Paper based forms for incident tracking are being replaced with electronic

forms with workflow rouOng to the proper individuals •  AddiOonal applicaOons will include: medical applicaOons for reports, preplans,

routes, etc.


AirWatch Secures New Zealand Police Force •  Deploying over 10,000 devices for frontline staff

•  Seamless over-‐the-‐air distribuGon of approved applicaGons

•  Enforcing compliance rules such as unauthorized applicaGons and websites

•  Time savings of 520,000 hours over 1 year

•  ProducGvity benefits of $304.8 million over 10 years

10

"Our long term vision is for frontline officers to be empowered, informed, tech-‐savvy, visible and safe in the community prevenOng crime, and not in staOons filling in forms. The use of mobile

devices goes a long way toward achieving this vision.”


AirWatch is the Top Choice for Government

12

The Broadest Choice of Devices 1 The Most Comprehensive Solu=ons 2

Simplest Experience for You and Users 3

Seamless Integra=on with Enterprise Systems 4

Fastest and Most Flexible Deployment Op=ons 5


The FoundaGon for Your Mobility Strategy Now and in the Future

Integrated Mobility PlaMorm

13

Simplified user enrollment Dashboards and wizards

Device ownership flexibility Policy management Device configuraGon

Corporate email, Wi-‐Fi, VPN networks Enterprise App Catalog

AirWatch Cloud Connector Mobile Content Management

Self-‐service Portal

Telecom policies

MulG-‐user management Sohware Development Kit (SDK)

App Wrapping AirWatch Browser

Content collaboraGon Mobile Access Gateway (MAG)

Secure email container Enterprise integraGon

CerGficate and PKI integraGon API integraGon

Core Advanced


Managed by County Police Department

Departments

Users & Devices

Business Units

MulG-‐tenancy for Government

14

EnGre County County

County Police Dept

County Water Dept

Criminal InvesGgaGons

Parking Enforcement

Government-‐owned Devices

BYOD Users

Managed by County Water Department

Maintain control at a county level

Water Department enterprise systems and applicaGons

County Police enterprise systems, content and apps

User 1 User 2 LOB 1 User 3 LOB 2

Global policies deployed to all departments


Most Advanced BYOD Support

15

Enable Device Choice Support all operaGng systems and latest models to allow users to choose the most producGve device

Customize Privacy Policies Configure policies and seqngs based on device ownership to isolate personal info

Enforce Custom Terms of Use Require users to accept a customized Terms of Use agreement that specifies info collected and acGons IT is allowed to take

Enable Self-‐service Management Allow users to perform device acGons and view details from self-‐service portal


Simple User Experience for Employees

16

Agent-‐based QR Code

Self-‐service Device Management

Flexible Enrollment Op=ons

Empower end users to manage their own devices


•  GPS locaGon •  User info

•  Name •  Phone number •  Email account

•  Public apps •  Telecom data

•  Calls •  Messages •  Data usage

Protect Employee Privacy

17

Ensure privacy of personal data •  Set privacy policies that do not

collect personal data •  Set custom policies for employee-‐

owned devices

Define granular privacy policies


MiGgate Business Risks •  Require users to accept Terms of Use to access corporate services

•  Enforce agreements when users enroll their device with AirWatch

•  Inform users about data captured and acGons allowed on the device

•  Track, report on compliance and update agreements over Gme

•  Assign and enforce different agreements based on: o  User role – End users vs. administrators

o  Ownership – Corporate vs. employee

o  PlaMorm – iOS vs. Android

o  Department, business unit or country

•  Support mulG-‐lingual agreements across the company

18


Automated Tools to Do More With Less

19

Setup Wizards Automated Compliance Engine

Customizable AirWatch HubTM Pre-‐defined Templates

Minimize burden on IT resources and drive efficiency


Enhanced Security

20

Enable mulG-‐factor user authenGcaGon Encrypt sensiGve organizaGon informaGon Manage user access to corporate resources Establish network access controls

Features

Protect organizaGon data through advanced security capabiliGes Monitor compliance in accordance with CJIS, NIST and DISA regulaGons Secure access to government resources, including Email, Wi-‐Fi and VPN networks Ad

vantages


FIPS-‐140-‐2 and CJIS Security Policy Compliance FIPS-‐140 Compliance Devices •  Leverage naGve device encrypGon •  Support plaMorms which offer addiGonal APIs for

security and have received FIPS-‐140 approval

Servers •  Configure servers with necessary cryptographic modules •  Use encrypGon and hashing for three purposes •  Configure servers to uGlize only FIPS-‐140 approved

cryptographic modules o  Store hashes of passwords associated

with AirWatch user accounts (SHA-‐ 512) o  Encrypt of documents for AirWatch

Secure Content LockerTM on mobile devices (AES-‐ 256) o  Transmit encrypted data between AirWatch and

mobile devices (TLSv1)

CJIS Security Policy Compliance Manage all devices in real-‐Gme, over-‐the-‐air

Remotely wipe data, uGlize secondary authenGcaGon, encrypt data and content

Automate escalaGon of acGons for non-‐compliant devices

Prevent installaGon of malicious apps with whitelists/blacklists

Detect rooted and jailbroken devices

21


Compliance Engine

22

Build Policies ApplicaGon list Compromised status EncrypGon Model, OS version Passcode Roaming

Define Escala=on Time based: •  Minutes •  Hours •  Days Tiered acGons Repeat acGons

Specify Ac=ons Send SMS, email, push noGficaGon Request device check-‐in Remove or block specific profiles Install compliance profile Remove all profiles Remove or block apps Enterprise wipe

1 2 3


Seamless IntegraGon with Enterprise Systems

23

Directory Services

Email Infrastructure

Cer=ficates and PKI

Corporate Networks

Content Repositories

SIEM


Seamless IntegraGon with Enterprise Systems AirWatch Cloud Connector Secure communicaGon between AirWatch and enterprise systems

Mobile Access Gateway Secure communicaGon between mobile devices and enterprise systems

24

Content Repositories Corporate Networks AirWatch App Wrapping AirWatch SDK

Corporate Email

CerGficates and PKI

System InformaGon and Event Management

Business Systems AirWatch

Mobile Devices Mobile Access Gateway (MAG)

Cloud Connector (ACC)


Mobile Access Gateway (MAG) •  Enable and secure communicaGon

between mobile devices and enterprise systems

•  Configure access to enterprise systems automaGcally by user, device and applicaGon

•  Allow access to only approved and authenGcated apps with App Wrapping and AppTunnel

•  UGlize with AirWatch BrowserTM, Secure Content LockerTM and other enterprise applicaGons

•  View devices accessing enterprise systems from the AirWatch console

25


AirWatch Browser •  Block naGve browsers and public browser apps •  Enable browsing through AirWatch Browser™ •  AuthenGcate users before granGng web access •  Enforce whitelists for approved websites •  Enforce blacklists for restricted websites

•  Bookmark websites for easy browsing •  Define cookie acceptance, copy, paste or print •  Navigate websites with gestures •  App tunneling provides a secure connecGon without VPN

26

Restricted Mode Limit browsing via site blacklists and whitelists

Kiosk Mode Restrict browsing to a specific page and remove navigaGon

Proxy Mode Proxy browsing through a corporate server


Advanced Mobile ApplicaGon Management So`ware Development Kit (SDK) •  Development and code change required •  Integrate AirWatch features into custom-‐

built applicaGons o  User authenGcaGon o  Compromised status detecGon o  CerGficates o  Geofencing o  Branding o  AnalyGcs o  Logging o  App restricGons o  ReporGng o  Custom seqngs

App Wrapping •  Development and code change not required •  Wrap exisGng applicaGons with AirWatch

features from the console o  User authenGcaGon

o  Compromised status

o  Access control

o  App restricGons

o  AppTunnel o  EncrypGon

o  ContainerizaGon

27


AirWatch Mobile Content Management Secure Content LockerTM

Protect sensiGve content in a corporate container

Secure document distribuGon and mobile access

Ensure end users have the latest materials

Anywhere, anyGme access to criGcal content

28


Personal Sync and Storage Personal content storage

Back-‐up to cloud; sync across devices

Flexible folder creaGon and administraGon

Define storage limits by group or user

Sync integraGon to self-‐service portal

Desktop sync folder for Mac & Windows

29


AirWatch Email ContainerTM for Android Benefits •  Secure, sandboxed email client •  BYOD soluGon •  Only allow AirWatch provisioned EAS

and POP email accounts •  Silently configure and update email

profiles over-‐the-‐air User Experience •  Support naGve Android user experience •  AddiGonal usability enhancements

30


MulG-‐OS support

MulG-‐tenant

MulG-‐lingual

Highly scalable

Role-‐based access

Enterprise integraGon

31

Enterprise Mobility Checklist

31

SDK library

Intelligent noGficaGons

Robust reporGng

Compliance Engine

Custom branding

Flexible delivery


Join the AirWatch Community

32

ASK forums to discuss mobile iniGaGves with other AirWatch users

ASK AirWatch is a complete knowledge base with product documentaGon and FAQs,

Dedicated account managers and industry experts

Request AirWatch product features

AirWatch Connect AirWatch Connect represents a global community of business innovators and is the leading user

group for enterprise mobility

Connect Local AirWatch Connect Local events are one day

conferences in ciGes around the world packed with insight on key industries and markets to

address challenges specific to you

20130506 cdm cio event presentation · title: 20130506 cdm cio event presentation.pptx author:...

Documents