BYOD – Strategy,
Objectives and
and Tools
Aptera
Jan 2014
.
http://imagesrv.gartner.com/reprints/249800/249820/249820_1.png
How Microsoft addresses today’s challenges

Users

Devices

Apps

Data

Users expect to be able to
work in any location an...
Empowering People-centric IT
Enable users
Allow users to work on the
devices of their choice and
provide consistent access...
Selecting the Management Platform

Unified Device Management – System Center
2012 R2 Configuration Manager with Windows
In...
Windows Intune – Standalone service

Windows PCs
(x86/64, Intel SoC)

Windows RT,
Windows Phone 8
iOS, Android

Manage up ...
Mobile Device Management with Windows Intune

Direct management (Windows RT,
Windows Phone 8, iOS)

EAS based management
Information Worker Self-service Experience
Connect every user ‘s device to the service
Enable them to discover application...
End User Experience

Consistent self service experience for end user across mobile platforms
Windows RT
Company Portal

Wi...
End User Capabilities for each Platform
Windows 8 &
Windows 8.1

Windows RT &
Windows 8.1 RT

Windows
Phone 8

iOS

Androi...
Mobile Device Inventory

Hardware properties for mobile
devices are collected through the
Device Management Authority as
w...
Settings Management

Security policy on devices
(iOS, Windows RT and WP8)
Direct management and
Exchange ActiveSync.

Repo...
Application Management on Mobile Devices
Platforms

Windows
8/Windows RT

Windows Phone
8

iOS

Android

Sideload to
insta...
Software Distribution Summary
Desktop Apps
(.msi, .exe)

Platform

Modern App Types
Side loading
.appx

.xap

.ipa

.apk

...
Protect your data

Help protect corporate information and manage risk

Lost or Stolen

Retired
Lost or
Enrollment Stolen

...
Recap: MDM Features per Platform
Management
Feature

Windows RT

Windows
Phone 8

iOS

Y

Y

Y

Y

Y

Y

Y

Settings
Manag...
Thank You!

Mark Gordon
markgo@apterainc.com

.
Appendix
Windows Intune integrated with System Center 2012 R2
Configuration Manager
Windows PCs
(x86/64, Intel SoC),
Windows to Go
...
Manage and Secure PCs and Devices Anywhere
Simple web-based Administration Console and a
richer experience for Information...
Non-intrusive Management
Management tasks can work with the Windows 8 maintenance window

Management tasks do not interrup...
Mobile device wipe and retire
Category
Full Wipe

Windows 8.1
(MDM managed)
Not applicable

Windows 8 RT
Not applicable

W...
Mobile Device
Settings

Setting name

EAS

WinRT/ WinPh8

iOS

(Activesync)

Require a password to unlock mobile devices

...
Mobile Device
Inventory

Property

Win RT

WP8

iOS

Android (EAS)

Device name

Y

Y

Y

Y

Unique device ID

Y

Y

Y

Se...
Flexible Licensing that Fits Your Needs
Don’t Have
Configuration
Manager

Windows Intune
(includes Configuration Manager l...
For More Information
System Center 2012 Configuration Manager
http://technet.microsoft.com/enus/evalcenter/hh667640.aspx?w...
What's your BYOD Strategy? Objectives and tips from Microsoft & Aptera
What's your BYOD Strategy? Objectives and tips from Microsoft & Aptera
What's your BYOD Strategy? Objectives and tips from Microsoft & Aptera
What's your BYOD Strategy? Objectives and tips from Microsoft & Aptera
What's your BYOD Strategy? Objectives and tips from Microsoft & Aptera
What's your BYOD Strategy? Objectives and tips from Microsoft & Aptera
What's your BYOD Strategy? Objectives and tips from Microsoft & Aptera
What's your BYOD Strategy? Objectives and tips from Microsoft & Aptera
What's your BYOD Strategy? Objectives and tips from Microsoft & Aptera
What's your BYOD Strategy? Objectives and tips from Microsoft & Aptera
What's your BYOD Strategy? Objectives and tips from Microsoft & Aptera
What's your BYOD Strategy? Objectives and tips from Microsoft & Aptera
What's your BYOD Strategy? Objectives and tips from Microsoft & Aptera
What's your BYOD Strategy? Objectives and tips from Microsoft & Aptera
What's your BYOD Strategy? Objectives and tips from Microsoft & Aptera
What's your BYOD Strategy? Objectives and tips from Microsoft & Aptera
Upcoming SlideShare
Loading in …5
×

What's your BYOD Strategy? Objectives and tips from Microsoft & Aptera

586 views

Published on

It was challenging enough to make sure everyone had access to the software and files they needed back in the days when we all worked on desktops in the office. But with your employees working on their own devices, both in and out of the office, it’s even harder to keep them fully equipped. Plus, you have the added challenge of making sure sensitive or proprietary information stays secure as people come and go with their own laptops, tablets, and smart phones. Fortunately, cloud technologies like Windows Intune are already available to help your business meet these challenges.

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
586
On SlideShare
0
From Embeds
0
Number of Embeds
3
Actions
Shares
0
Downloads
3
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

What's your BYOD Strategy? Objectives and tips from Microsoft & Aptera

  1. 1. BYOD – Strategy, Objectives and and Tools Aptera Jan 2014 .
  2. 2. http://imagesrv.gartner.com/reprints/249800/249820/249820_1.png
  3. 3. How Microsoft addresses today’s challenges Users Devices Apps Data Users expect to be able to work in any location and have access to all their work resources. The explosion of devices is eroding the standards-based approach to corporate IT. Deploying and managing applications across platforms is difficult. Users need to be productive while maintaining compliance and reducing risk.
  4. 4. Empowering People-centric IT Enable users Allow users to work on the devices of their choice and provide consistent access to corporate resources. Unify your environment Users Devices Apps Data Deliver a unified application and device management onpremises and in the cloud. Protect your data Management. Access. Protection. Help protect corporate information and manage risk.
  5. 5. Selecting the Management Platform Unified Device Management – System Center 2012 R2 Configuration Manager with Windows Intune Cloud-based Management - Standalone Windows Intune No existing Configuration Manager deployment Simplified policy control Fewer than 7,000 devices and 4,000 users Simple web-based administration console
  6. 6. Windows Intune – Standalone service Windows PCs (x86/64, Intel SoC) Windows RT, Windows Phone 8 iOS, Android Manage up to 7,000 devices and 4,000 users
  7. 7. Mobile Device Management with Windows Intune Direct management (Windows RT, Windows Phone 8, iOS) EAS based management
  8. 8. Information Worker Self-service Experience Connect every user ‘s device to the service Enable them to discover applications Let users manage their own devices and data Provide a premium end user experience
  9. 9. End User Experience Consistent self service experience for end user across mobile platforms Windows RT Company Portal Windows Phone 8 Company Portal iOS Company Portal Native Windows application Native Windows Phone 8 app (.xap) Native iOS application Available in the Windows Store Side-loaded during enrollment Available in the Apple App store
  10. 10. End User Capabilities for each Platform Windows 8 & Windows 8.1 Windows RT & Windows 8.1 RT Windows Phone 8 iOS Android Enroll (local device) Yes Yes Yes Yes EAS Rename devices Yes Yes Yes Yes No Retire (un-enroll local device) Yes Yes Yes Yes No Remotely wipe other devices Yes Yes No No No Install enterprise LOB applications Yes Yes Yes Yes Yes Install publicly available applications Yes Yes Yes Yes yes Browse to web links Yes Yes Yes Yes Yes Contact IT Yes Yes Yes Yes Yes
  11. 11. Mobile Device Inventory Hardware properties for mobile devices are collected through the Device Management Authority as well as Exchange ActiveSync. No software inventory for mobile devices to respect the Information Worker’s privacy on their own device. IT Pros can track storage on mobile devices which help them anticipate/troubleshoot issues.
  12. 12. Settings Management Security policy on devices (iOS, Windows RT and WP8) Direct management and Exchange ActiveSync. Reporting available on each setting whether it is applicable, conformant or has an error. The same security policy template is used for both Direct Management and EAS to help Admins Android and Windows Phone 7 devices can be managed through EAS
  13. 13. Application Management on Mobile Devices Platforms Windows 8/Windows RT Windows Phone 8 iOS Android Sideload to install *.appx *.xap *.ipa *.apk Deep links to store apps – install from store
  14. 14. Software Distribution Summary Desktop Apps (.msi, .exe) Platform Modern App Types Side loading .appx .xap .ipa .apk Deep Links web apps Windows 8 Pro/Ent √ √ √ √ Windows RT ** √ √ √ √ √ √ √ √ √ √ iOS √ Android √ WP8 Windows 7 and below ** √ Windows 8 SSP on WinRT will show MSI/EXE apps that can remotely install to other PCs linked to the user, but not installable on the local Window RT device √
  15. 15. Protect your data Help protect corporate information and manage risk Lost or Stolen Retired Lost or Enrollment Stolen • Selective wipe removes corporate applications, data, and policies based as supported by each Users can access corporate data regardless of device or location with Work Folders for data sync and desktop virtualization for centralized applications. IT can provide a secure and familiar solution for users to access sensitive corporate data from anywhere with VDI and RemoteApp technologies. platform Personal Apps and Data Personal Apps and Data Company Apps and Data Company Apps • Full wipe if supported by each platform and Data • Can be executed by IT or by user via Company Portal Retired Remote App Centralized Data Remote App • Sensitive data or applications can be kept off Policies Policies device and accessed via Remote Desktop Services
  16. 16. Recap: MDM Features per Platform Management Feature Windows RT Windows Phone 8 iOS Y Y Y Y Y Y Y Settings Management Y Y Y Y Software Distribution Y Y Y Y Y Y Y Over-the-air Enrollment Inventory Remote Wipe Android
  17. 17. Thank You! Mark Gordon markgo@apterainc.com .
  18. 18. Appendix
  19. 19. Windows Intune integrated with System Center 2012 R2 Configuration Manager Windows PCs (x86/64, Intel SoC), Windows to Go Windows Embedded Mac OS X Windows RT, Windows Phone 8 iOS, Android
  20. 20. Manage and Secure PCs and Devices Anywhere Simple web-based Administration Console and a richer experience for Information Workers  Help protect PCs from malware  Manage updates  Distribute software  Proactive monitoring and alerts  Provide remote assistance  Inventory hardware and software  Monitor & track licenses  Increase insight with reporting  Set security policies  Richer Mobile Device Management
  21. 21. Non-intrusive Management Management tasks can work with the Windows 8 maintenance window Management tasks do not interrupt if the end user immersed in a modern application
  22. 22. Mobile device wipe and retire Category Full Wipe Windows 8.1 (MDM managed) Not applicable Windows 8 RT Not applicable Windows Phone  iOS Android (EAS)   Retire (Selective wipe)  (Email through EAS)  (Email through EAS) Company apps and associated data installed by using Configuration Manager and Windows Intune Uninstalled and sideloading keys are removed. In addition any apps using Windows Selective Wipe will have the encryption key revoked and data will no longer be accessible Sideloading keys removed but remain installed Settings Requirements removed Management Client Not applicable. Management agent is built-in Email  (Email through EAS) Uninstalled and data removed Uninstalled and data removed Apps and data remain installed Requirements removed Requirements removed Requirements removed Requirements removed Not applicable. Management agent is built-in Not applicable. Management agent is built-in Management profile is removed Not applicable. Management agent is built-in
  23. 23. Mobile Device Settings Setting name EAS WinRT/ WinPh8 iOS (Activesync) Require a password to unlock mobile devices √ √ Required password type √ √ √ Minimum password length √ √ √ Allow simple passwords √ √ √ Number of repeated sign-in failures before device is wiped √ √ √ Minutes of inactivity before device screen is locked √ √ √ Password expiration (days) √ √ √ Remember password history Password √ √ √ √ √ Allow convenience logon (WindowsRT only) Allow camera √ Allow web browser Device restrictions √ √ √ Allow backup to iCloud (iOS only) √ Allow documents sync to iCloud (iOS only) √ Allow photostream sync to icloud (iOS only) √ Maximum size of e-mail attachments Encryption E-mail synchronization for last (days) √ Allow mobile devices that don’t fully support these settings to synchronize with Exchange Email √ √ Require encryption on mobile device √ Require encryption on storage cards √
  24. 24. Mobile Device Inventory Property Win RT WP8 iOS Android (EAS) Device name Y Y Y Y Unique device ID Y Y Y Serial number Y Email address Y Y OS type Y Y OS version Y Y OS language Y Y Y Y Y Y Y Total storage space (GB) Y Y Free Storage space (GB) Y Y System enclosure Chassis Y System enclosure IMEI Y Manufacturer Y Y Model Y Y Y Y Phone number (masked except last 4 digits) Y Y Subscriber carrier Y Cellular technology(none, GSM, CDMA) Y WiFI MAC Y Enrolled date (local time) Y Y Y Last contact (local time) Y Y Y Y Y Last Exchange status Y Last Policy update status Y Access State Y Access state reason Y Management state Y ActiveSync ID Y
  25. 25. Flexible Licensing that Fits Your Needs Don’t Have Configuration Manager Windows Intune (includes Configuration Manager license) ($6 per user per month) Windows Intune & Windows Enterprise (includes Configuration Manager license) ($11 per user per month) Already have Configuration Manager Windows Intune (Add-On) ($4 per user per month) • Single License: Windows Intune and Configuration Manager • Per User Licensing • Up to 5 devices/user
  26. 26. For More Information System Center 2012 Configuration Manager http://technet.microsoft.com/enus/evalcenter/hh667640.aspx?wt.mc_id=TEC_105_1_33 Windows Intune http://www.microsoft.com/en-us/windows/windowsintune/try-andbuy Windows Server 2012 http://www.microsoft.com/en-us/server-cloud/windowsserver More Resources: http://www.microsoft.com/workstyle http://www.microsoft.com/server-cloud/user-device-management

×