preparing for mobile device management & bring your own device

33
Mobile Device Management and BYOD Charlie Hales and Nigel Robson 28 th February 2014

Upload: waterstons-ltd

Post on 14-May-2015

1.529 views

Category:

Devices & Hardware


2 download

DESCRIPTION

Smart phones and tablets are invading the business environment at top speed, with “bring your own device” (BYOD) providing a number of benefits for organisations across all sectors. With the right implementation, and ongoing secure support, performance through technology can be achieved in areas such as employee satisfaction, cost reduction, team work and collaboration and productivity. Charlie Hales and Nigel Robson cover the important considerations a business should make before implementing an MDM/BYOD strategy, and will consider the ongoing implications of allowing corporate data to be accessed on personal devices ensuring the maximum benefit to businesses, customers and the end users.

TRANSCRIPT

Page 1: Preparing for Mobile Device Management & Bring your Own Device

Mobile Device Management and BYOD

Charlie Hales and Nigel Robson

28th February 2014

Page 2: Preparing for Mobile Device Management & Bring your Own Device

Agenda

• What is Mobile Device Management• Strategy• What is a Mobile Device?• Mobile Device Management vs Mobile Application

Management • What is BYOD• What can MDM/BYOD do for business?• Where is your Data?• Acceptable usage policy• Defining the right solution• Some solutions available

Page 3: Preparing for Mobile Device Management & Bring your Own Device

What is Mobile Device Management?

• Secures, monitors, manages and supports mobile devices of multiple operating systems, service providers and enterprises

• Covers corporate and end user devices• Includes anything that is mobile (could

include laptops, and non-windows devices). Enabler for users to access internal systems securely from any device and anywhere

• Enables BYOD

Page 4: Preparing for Mobile Device Management & Bring your Own Device

Part of Overall Strategy

• Build upon and integrate with existing policies– Desktop– Flexible and remote working – Application

• Do you just use Windows devices?• Need to manage any type of device?• Any data management/classification in

place currently?

Page 5: Preparing for Mobile Device Management & Bring your Own Device

Part of Overall Strategy – Many Devices, one solution?

Client Management MDM

Source Gartner

Virtualisation

Page 6: Preparing for Mobile Device Management & Bring your Own Device

What are mobile devices?

Page 7: Preparing for Mobile Device Management & Bring your Own Device

What are mobile devices?

This?

Page 8: Preparing for Mobile Device Management & Bring your Own Device

What are mobile devices?

This?

Page 9: Preparing for Mobile Device Management & Bring your Own Device

What are mobile devices?

This?

Page 10: Preparing for Mobile Device Management & Bring your Own Device

What are mobile devices?

Or this?

Page 11: Preparing for Mobile Device Management & Bring your Own Device

What are mobile devices?

It can be any of these!

Page 12: Preparing for Mobile Device Management & Bring your Own Device

What are mobile devices?

But also these!

Page 13: Preparing for Mobile Device Management & Bring your Own Device

Mobile Device Management vs Mobile Application ManagementMAM

• App delivery• App security• App updating• User authentication• User authorization• Version checking• Push services• Reporting and tracking

MDM• All previous plus…• Remote Configuration• Security –including identifying

compromised devices• Backup/Restore• Network Usage and Support• Mobile asset tracking and

management• Remote Lock and Wipe• Device Provisioning• Software Installation• Troubleshooting and Diagnostic Tools• Policy Application• Logging and Reporting• Remote Control and Administration

Page 14: Preparing for Mobile Device Management & Bring your Own Device

What is BYOD?

Page 15: Preparing for Mobile Device Management & Bring your Own Device

• Save money– Reduce costs – Enable Flexible working – Increase Productivity– Increase Job satisfaction

• Reduces risk and increase Security– Where is your data?– Consider this also for existing laptops

What can MDM/BYOD do for business?

Page 16: Preparing for Mobile Device Management & Bring your Own Device

Survey

• Who doesn’t have a smartphone?• Who has a BlackBerry?• Who uses their own smartphone for work

purposes?• Is it managed by work? • Are you sure?

Page 17: Preparing for Mobile Device Management & Bring your Own Device

BYOD Business Survey

Fully embrace and support12%

Embrace, but user self support

39%

Limited BYOD Strategy

21%

Trialing BYOD18%

Do not support BYOD 10%

Source: zkresearch.com

Page 18: Preparing for Mobile Device Management & Bring your Own Device

Where is your Data?

Page 19: Preparing for Mobile Device Management & Bring your Own Device

ICO Website

Page 20: Preparing for Mobile Device Management & Bring your Own Device

ICO Website

Page 21: Preparing for Mobile Device Management & Bring your Own Device

ICO Website

Page 22: Preparing for Mobile Device Management & Bring your Own Device

Data ClassificationsInformation Category

Description Example Information Assets

Public Information which is or can be made public. AdvertisementsPublic web content

Proprietary Information which is restricted to internal access and protected from external access. Unauthorised access could cause a drop in customer confidence, could influence operational effectiveness, cause financial loss or provide gain for competitors.

Internal presentationsPerformance dataSource codeProprietary knowledge

Confidential Information received from Customers, or sensitive information about Customers and Staff.

Customer DataCustomer intellectual propertyCustomer documentsCustomer backupsInternal reports

Restricted Highly sensitive informationLimited access to specific individuals

PasswordsHR & PayrollBackups Card DataDPA Information

Page 23: Preparing for Mobile Device Management & Bring your Own Device

Data ClassificationsCategory Public Proprietary Confidential RestrictedDescription: Prevent easy access without prolonged or

determined access to the devicePrevent access even with prolonged and

determined access to deviceAs per confidential and access is restricted to specific individuals

Physical Media or Device

Printed Media ok In possession of staff or customer In possession of staff or customer, within property

Held in the safe or secure ICT Server room

Mobile Phone ok PIN Coded PIN Coded & Remote Wipe not normally acceptable

Laptop / Tablet ok User authentication Authentication & Encryption not normally acceptable

Portable Storage ok Encryption Encryption Held in a safe

PC ok User authentication Physically Secured within property or Encrypted

Physically secured within property

Cloud Storage ok Encrypted Encrypted not normally acceptable

Page 24: Preparing for Mobile Device Management & Bring your Own Device

Encryption

• Device Encryption– Technology and Device dependant– The latest Windows devices will work with internal

PKI or external Certs– IOS devices will work with Apple provided Certs

which can be imported into most MDM solutions– Android has limitations

• Application encryption– Managed through application development and

provisioning

Page 25: Preparing for Mobile Device Management & Bring your Own Device

Design your BYOD Acceptable Use Policy

• Privacy• Who pays for what• Third Parties• Work vs Play

– Out of hours– During hours

• Company responsibilities for personal data• Licencing• HR • Device Disposal• Litigation

Page 26: Preparing for Mobile Device Management & Bring your Own Device

Defining the right solution

• What do you want to manage on the device?– Types of devices– PIN– Remote Wipe/Selective Wipe– Apps– Device/App Encryption

Page 27: Preparing for Mobile Device Management & Bring your Own Device

Defining the right solution

• What do you want to manage on the device?– Integration with enterprise applications– Multi user profiles– Separation of personal and work data– Internet access– Advanced features

• Data usage• GPS tracking

Page 28: Preparing for Mobile Device Management & Bring your Own Device

Example of device functionality

Content removed when retiring a device

Windows 8.1 Windows Phone 8 iOS Android

Company apps and associated data installed by using Configuration Manager and Windows Intune

Uninstalled and sideloading keys are removed. In addition any apps using Windows Selective Wipe will have the encryption key revoked and data will no longer be accessible.

Uninstalled and data removed.

Uninstalled and data removed.

Apps and data remain installed.

VPN and Wi-Fi profiles Removed. Not applicable. Removed.VPN: Not applicable.Wi-Fi: Not removed.

Certificates Removed and revoked. Not applicable. Removed and revoked. Revoked.

Settings Requirements removed. Requirements removed. Requirements removed. Requirements removed.

Management ClientNot applicable. Management agent is built-in.

Not applicable. Management agent is built-in.

Management profile is removed.

Device Administrator privilege is revoked.

Example for SCCM and Intune

Page 29: Preparing for Mobile Device Management & Bring your Own Device

Lots of solutions available

• Dependant on requirements• Leverage what you already have if possible• Exchange Active Sync• SCCM with Intune • Other MDM providers

– Apple device manager (IOS 7.1 still will have limitations though)

– SaaS or on-premise– Some examples. Good Technology, Citrix, MobileIron,

AirWatch (VMWare recent purchase)

Page 30: Preparing for Mobile Device Management & Bring your Own Device

Summary

• Develop the right strategy• Define the requirements• What can MDM/BYOD do for your

business?• Data Classification Policy• Acceptable usage policy• Defining the right solution• Choose the solution

Page 31: Preparing for Mobile Device Management & Bring your Own Device

Future Seminars

• Use what you already have to enable MDM and BYOD on 25th April

• MDM and BYOD technology providers and solutions on 23rd May

• ‘Joining the dots’ of your applications and systems – The benefits of system integration on 14th March

Page 32: Preparing for Mobile Device Management & Bring your Own Device

Questions?

Page 33: Preparing for Mobile Device Management & Bring your Own Device

Keep in Touch….

[email protected]@waterstons.com

http://www.waterstons.com

@WaterstonsLtd