20130506 cdm cio event presentation · title: 20130506 cdm cio event presentation.pptx author:...
TRANSCRIPT
Mobility Management Challenges with Government and Public Sector
Copyright © 2013 AirWatch, LLC. All rights reserved. Proprietary & ConfidenGal.
6,500 customers
150 countries
18 languages
1,200 employees
Largest Mobility SoluGons Provider
2
Largest EMM provider with 1,200+ employees, 400+ focused on R&D
Provides mobility soluGons to 6,500+ global customers
Leaders in mobile security, device, applica=on and content management across mulGple plaMorms
First funding in 2013, $200 million with $1+ billion implied valuaGon
Our Mission: Simplify Enterprise MobilityTM
Copyright © 2013 AirWatch, LLC. All rights reserved. Proprietary & ConfidenGal.
3
Current and Future Mobile Landscape • Smartphone vendors shipped approximately 477 million smart phones in 2011, up 56.4%
from 2010
• Currently, there are roughly 5.3 billion mobile subscribers = 77% of the world populaGon
• The number of mobile workers accessing enterprise systems worldwide will top 1.2 billion by 2013
• By the end of 2014, the number of global mobile users accessing the Internet is expected to surpass the number of desktop Internet users
• Total smartphone shipments worldwide are expected to reach 1.03 billion by 2015
Source: IDC
Copyright © 2013 AirWatch, LLC. All rights reserved. Proprietary & ConfidenGal.
Key Trends in the EvoluGon of Mobility
4
Past Present Future
82% using personal smartphones/tablets for business purposes
56% businesses are looking at mobility to improve producGvity
Security infrastructure Compromised detecGon Device lock and wipe Passcode policy App distribuGon Email management IT influence
App SDK App Wrapping Content management BYOD IT infrastructure integraGon Granular privacy policies Legal influence
Systems consolidaGon Business system integraGon Device, laptop, peripherals Content filtering Web gateways Law and regulaGon influence
“For 25 years a one-‐size-‐fits-‐all approach to workforce technology worked just fine, but those days are fading fast”
Copyright © 2013 AirWatch, LLC. All rights reserved. Proprietary & ConfidenGal.
Current Market in Government • Center for Digital Government Sept 2012 study:
o 72% of state and local agencies allow employees to use personal device for work-‐related tasks
o 64% of respondents list an increase in producGvity as greatest benefit o 25% said policy creaGon was the most significant challenge to BYOD program
Recent Breaches • Florida Department of Juvenile JusGce – Jan. 2013
o Unencrypted device lost containing data of 100k ciGzens • NASA Security Breach – Nov. 2012
o Unencrypted laptop stolen out of vehicle
Copyright © 2013 AirWatch, LLC. All rights reserved. Proprietary & ConfidenGal.
Comprehensive Mobility SoluGons
6
Secure Content LockerTM
AES-‐256 bit encrypGon SharePoint integraGon
Personal content Desktop sync
Content collaboraGon AdministraGve control
Enterprise App Catalog App Wrapping
Sohware Development Kit Volume Purchase
Program App raGngs
Development workflow
OrganizaGon groups Simple enrollment User authenGcaGon Profile configuraGon
AirWatch Hub Telecom management Advanced reporGng
End-‐to-‐end Security
Same Mobility SoluGons in the Cloud or On-‐premise
NaGve client support Email infrastructure
integraGon Advanced configuraGon Email access control
Separate email container Secure akachments
Bring Your Own Device (BYOD) Support
Devices Apps Content Email
Copyright © 2013 AirWatch, LLC. All rights reserved. Proprietary & ConfidenGal.
State and Local Government DifferenGators Focus team on Government
Enhanced Security
CJIS Security Policy and FIPS-‐140 Compliance
MulG-‐tenancy and Role-‐based Access
Mobile Employee Enablement
Audit and Compliance Monitoring System InformaGon and Event Management (SIEM)
Mobile Applica=on Management
Secure Content LockerTM
Mobile Email Management
AirWatch Browser™ Bring Your Own Device (BYOD)
Global Support and Services
8
Copyright © 2013 AirWatch, LLC. All rights reserved. Proprietary & ConfidenGal.
RepresentaGve Public Safety Customers
• South Metro Fire is using iPads on engines to drive a paperless environment • SMF is replacing 40 different paper systems with the iPad and AirWatch is
enabling the deployment • Paper based forms for incident tracking are being replaced with electronic
forms with workflow rouOng to the proper individuals • AddiOonal applicaOons will include: medical applicaOons for reports, preplans,
routes, etc.
Copyright © 2013 AirWatch, LLC. All rights reserved. Proprietary & ConfidenGal.
AirWatch Secures New Zealand Police Force • Deploying over 10,000 devices for frontline staff
• Seamless over-‐the-‐air distribuGon of approved applicaGons
• Enforcing compliance rules such as unauthorized applicaGons and websites
• Time savings of 520,000 hours over 1 year
• ProducGvity benefits of $304.8 million over 10 years
10
"Our long term vision is for frontline officers to be empowered, informed, tech-‐savvy, visible and safe in the community prevenOng crime, and not in staOons filling in forms. The use of mobile
devices goes a long way toward achieving this vision.”
Copyright © 2013 AirWatch, LLC. All rights reserved. Proprietary & ConfidenGal.
AirWatch is the Top Choice for Government
12
The Broadest Choice of Devices 1 The Most Comprehensive Solu=ons 2
Simplest Experience for You and Users 3
Seamless Integra=on with Enterprise Systems 4
Fastest and Most Flexible Deployment Op=ons 5
Copyright © 2013 AirWatch, LLC. All rights reserved. Proprietary & ConfidenGal.
The FoundaGon for Your Mobility Strategy Now and in the Future
Integrated Mobility PlaMorm
13
Simplified user enrollment Dashboards and wizards
Device ownership flexibility Policy management Device configuraGon
Corporate email, Wi-‐Fi, VPN networks Enterprise App Catalog
AirWatch Cloud Connector Mobile Content Management
Self-‐service Portal
Telecom policies
MulG-‐user management Sohware Development Kit (SDK)
App Wrapping AirWatch Browser
Content collaboraGon Mobile Access Gateway (MAG)
Secure email container Enterprise integraGon
CerGficate and PKI integraGon API integraGon
Core Advanced
Copyright © 2013 AirWatch, LLC. All rights reserved. Proprietary & ConfidenGal.
Managed by County Police Department
Departments
Users & Devices
Business Units
MulG-‐tenancy for Government
14
EnGre County County
County Police Dept
County Water Dept
Criminal InvesGgaGons
Parking Enforcement
Government-‐owned Devices
BYOD Users
Managed by County Water Department
Maintain control at a county level
Water Department enterprise systems and applicaGons
County Police enterprise systems, content and apps
User 1 User 2 LOB 1 User 3 LOB 2
Global policies deployed to all departments
Copyright © 2013 AirWatch, LLC. All rights reserved. Proprietary & ConfidenGal.
Most Advanced BYOD Support
15
Enable Device Choice Support all operaGng systems and latest models to allow users to choose the most producGve device
Customize Privacy Policies Configure policies and seqngs based on device ownership to isolate personal info
Enforce Custom Terms of Use Require users to accept a customized Terms of Use agreement that specifies info collected and acGons IT is allowed to take
Enable Self-‐service Management Allow users to perform device acGons and view details from self-‐service portal
Copyright © 2013 AirWatch, LLC. All rights reserved. Proprietary & ConfidenGal.
Simple User Experience for Employees
16
Agent-‐based QR Code
Self-‐service Device Management
Flexible Enrollment Op=ons
Empower end users to manage their own devices
Copyright © 2013 AirWatch, LLC. All rights reserved. Proprietary & ConfidenGal.
• GPS locaGon • User info
• Name • Phone number • Email account
• Public apps • Telecom data
• Calls • Messages • Data usage
Protect Employee Privacy
17
Ensure privacy of personal data • Set privacy policies that do not
collect personal data • Set custom policies for employee-‐
owned devices
Define granular privacy policies
Copyright © 2013 AirWatch, LLC. All rights reserved. Proprietary & ConfidenGal.
MiGgate Business Risks • Require users to accept Terms of Use to access corporate services
• Enforce agreements when users enroll their device with AirWatch
• Inform users about data captured and acGons allowed on the device
• Track, report on compliance and update agreements over Gme
• Assign and enforce different agreements based on: o User role – End users vs. administrators
o Ownership – Corporate vs. employee
o PlaMorm – iOS vs. Android
o Department, business unit or country
• Support mulG-‐lingual agreements across the company
18
Copyright © 2013 AirWatch, LLC. All rights reserved. Proprietary & ConfidenGal.
Automated Tools to Do More With Less
19
Setup Wizards Automated Compliance Engine
Customizable AirWatch HubTM Pre-‐defined Templates
Minimize burden on IT resources and drive efficiency
Copyright © 2013 AirWatch, LLC. All rights reserved. Proprietary & ConfidenGal.
Enhanced Security
20
Enable mulG-‐factor user authenGcaGon Encrypt sensiGve organizaGon informaGon Manage user access to corporate resources Establish network access controls
Features
Protect organizaGon data through advanced security capabiliGes Monitor compliance in accordance with CJIS, NIST and DISA regulaGons Secure access to government resources, including Email, Wi-‐Fi and VPN networks Ad
vantages
Copyright © 2013 AirWatch, LLC. All rights reserved. Proprietary & ConfidenGal.
FIPS-‐140-‐2 and CJIS Security Policy Compliance FIPS-‐140 Compliance Devices • Leverage naGve device encrypGon • Support plaMorms which offer addiGonal APIs for
security and have received FIPS-‐140 approval
Servers • Configure servers with necessary cryptographic modules • Use encrypGon and hashing for three purposes • Configure servers to uGlize only FIPS-‐140 approved
cryptographic modules o Store hashes of passwords associated
with AirWatch user accounts (SHA-‐ 512) o Encrypt of documents for AirWatch
Secure Content LockerTM on mobile devices (AES-‐ 256) o Transmit encrypted data between AirWatch and
mobile devices (TLSv1)
CJIS Security Policy Compliance Manage all devices in real-‐Gme, over-‐the-‐air
Remotely wipe data, uGlize secondary authenGcaGon, encrypt data and content
Automate escalaGon of acGons for non-‐compliant devices
Prevent installaGon of malicious apps with whitelists/blacklists
Detect rooted and jailbroken devices
21
Copyright © 2013 AirWatch, LLC. All rights reserved. Proprietary & ConfidenGal.
Compliance Engine
22
Build Policies ApplicaGon list Compromised status EncrypGon Model, OS version Passcode Roaming
Define Escala=on Time based: • Minutes • Hours • Days Tiered acGons Repeat acGons
Specify Ac=ons Send SMS, email, push noGficaGon Request device check-‐in Remove or block specific profiles Install compliance profile Remove all profiles Remove or block apps Enterprise wipe
1 2 3
Copyright © 2013 AirWatch, LLC. All rights reserved. Proprietary & ConfidenGal.
Seamless IntegraGon with Enterprise Systems
23
Directory Services
Email Infrastructure
Cer=ficates and PKI
Corporate Networks
Content Repositories
SIEM
Copyright © 2013 AirWatch, LLC. All rights reserved. Proprietary & ConfidenGal.
Seamless IntegraGon with Enterprise Systems AirWatch Cloud Connector Secure communicaGon between AirWatch and enterprise systems
Mobile Access Gateway Secure communicaGon between mobile devices and enterprise systems
24
Content Repositories Corporate Networks AirWatch App Wrapping AirWatch SDK
Corporate Email
CerGficates and PKI
System InformaGon and Event Management
Business Systems AirWatch
Mobile Devices Mobile Access Gateway (MAG)
Cloud Connector (ACC)
Copyright © 2013 AirWatch, LLC. All rights reserved. Proprietary & ConfidenGal.
Mobile Access Gateway (MAG) • Enable and secure communicaGon
between mobile devices and enterprise systems
• Configure access to enterprise systems automaGcally by user, device and applicaGon
• Allow access to only approved and authenGcated apps with App Wrapping and AppTunnel
• UGlize with AirWatch BrowserTM, Secure Content LockerTM and other enterprise applicaGons
• View devices accessing enterprise systems from the AirWatch console
25
Copyright © 2013 AirWatch, LLC. All rights reserved. Proprietary & ConfidenGal.
AirWatch Browser • Block naGve browsers and public browser apps • Enable browsing through AirWatch Browser™ • AuthenGcate users before granGng web access • Enforce whitelists for approved websites • Enforce blacklists for restricted websites
• Bookmark websites for easy browsing • Define cookie acceptance, copy, paste or print • Navigate websites with gestures • App tunneling provides a secure connecGon without VPN
26
Restricted Mode Limit browsing via site blacklists and whitelists
Kiosk Mode Restrict browsing to a specific page and remove navigaGon
Proxy Mode Proxy browsing through a corporate server
Copyright © 2013 AirWatch, LLC. All rights reserved. Proprietary & ConfidenGal.
Advanced Mobile ApplicaGon Management So`ware Development Kit (SDK) • Development and code change required • Integrate AirWatch features into custom-‐
built applicaGons o User authenGcaGon o Compromised status detecGon o CerGficates o Geofencing o Branding o AnalyGcs o Logging o App restricGons o ReporGng o Custom seqngs
App Wrapping • Development and code change not required • Wrap exisGng applicaGons with AirWatch
features from the console o User authenGcaGon
o Compromised status
o Access control
o App restricGons
o AppTunnel o EncrypGon
o ContainerizaGon
27
Copyright © 2013 AirWatch, LLC. All rights reserved. Proprietary & ConfidenGal.
AirWatch Mobile Content Management Secure Content LockerTM
Protect sensiGve content in a corporate container
Secure document distribuGon and mobile access
Ensure end users have the latest materials
Anywhere, anyGme access to criGcal content
28
Copyright © 2013 AirWatch, LLC. All rights reserved. Proprietary & ConfidenGal.
Personal Sync and Storage Personal content storage
Back-‐up to cloud; sync across devices
Flexible folder creaGon and administraGon
Define storage limits by group or user
Sync integraGon to self-‐service portal
Desktop sync folder for Mac & Windows
29
Copyright © 2013 AirWatch, LLC. All rights reserved. Proprietary & ConfidenGal.
AirWatch Email ContainerTM for Android Benefits • Secure, sandboxed email client • BYOD soluGon • Only allow AirWatch provisioned EAS
and POP email accounts • Silently configure and update email
profiles over-‐the-‐air User Experience • Support naGve Android user experience • AddiGonal usability enhancements
30
Copyright © 2013 AirWatch, LLC. All rights reserved. Proprietary & ConfidenGal.
MulG-‐OS support
MulG-‐tenant
MulG-‐lingual
Highly scalable
Role-‐based access
Enterprise integraGon
31
Enterprise Mobility Checklist
31
SDK library
Intelligent noGficaGons
Robust reporGng
Compliance Engine
Custom branding
Flexible delivery
Copyright © 2013 AirWatch, LLC. All rights reserved. Proprietary & ConfidenGal.
Join the AirWatch Community
32
ASK forums to discuss mobile iniGaGves with other AirWatch users
ASK AirWatch is a complete knowledge base with product documentaGon and FAQs,
Dedicated account managers and industry experts
Request AirWatch product features
AirWatch Connect AirWatch Connect represents a global community of business innovators and is the leading user
group for enterprise mobility
Connect Local AirWatch Connect Local events are one day
conferences in ciGes around the world packed with insight on key industries and markets to
address challenges specific to you