Microsoft have finally got this right in SharePoint 2013 (in my opinion). The number of users that want to view SharePoint ‘on the go’ on mobile devices such as iPods and Smart Phones is obvious. Views are now available in SharePoint 2013 which have been built using HTML5.This should ensure that this will work on practically any device and will be optimised for most Mobile Browsers (Mobile IE9, Windows Phone 7.5, Safari, and Android. Office Web Apps also mean that documents and files should open on all of these, with no requirement to have Office installed on the device.
Notification Hubs is now backed by an updated Service Bus service level agreement (SLA) and fully supports push notifications for Windows Store (WNS), Windows Phone (MPNS), iOS (APNS), and Android (GCM) applicationsThis I about ensuring end users on the move are informed real timeUsing the Microsoft Push Notification Service (MPNS), Windows Phone apps can receive notifications through the Internet of events triggered on Microsoft SharePoint Server. The phone app doesn't have to poll the server for changes to, for example, the items in a list on which the phone app is based. The app can be registered to receive notifications from the server, and an event receiver can initiate a notification and send it to the receiving app for handling. The push notification is relayed to Windows Phone devices by MPNS.Windows Phone 7 doesn't support running multiple apps simultaneously. Other than the components of the Windows Phone operating system (OS) itself, only one app can be running on the phone at a time. An event relevant to a given phone app might occur (such as, for example, a list item being added to a list) when the app isn't running in the foreground on the phone (that is, when the app is tombstoned or closed). You could develop a background service on the phone with a periodic task that might check for changes to the list on the server, but this approach would consume resources (such as network bandwidth and battery power) on the phone. With MPNS and the components that support notifications built into the Windows Phone 7 OS, the phone itself can receive a notification relevant to the context of a given app—even when that app isn't runningRemember – SMS is not a free service – everything adds to the cost
If security permits itIf you need to access your files on the go, SkyDrive offers a wide range of mobile apps, including iOS, Android, and Windows Phone. While the mobile apps will allow you to view and upload files, you will not be able to edit or create new documentsSkyDrive is free online storage that provides you with a personal library where you can upload and access files from any of your devices. Download one of the SkyDrive apps and you can easily save your documents, photos, and other files in this library, share them with friends, and even collaborate on content. For more information about using SkyDrive, see Work together on Office documents in SkyDrive. SkyDrive Pro is also online storage that provides a personal library where you can upload and access documents, photos, and other files on your computer. But your SkyDrive Pro library is managed by your organization and is available with either Office 365 or SharePoint. This means you can share content in the library only with colleagues in your organization and with invited guests outside of your organization if you're logged into Office 3Here’s some basic information you’ll want to have if you want to support SkyDrive Pro libraries and Sync services in your organization. If you just want to get your bearings around SkyDrive Pro, you can start here: http://office.microsoft.com/en-us/sharepoint-server-help/what-is-skydrive-pro-HA102822076.aspx Regarding SkyDrive Pro prerequisite software and services: To support SkyDrive Pro libraries in your organization, the latest SharePoint or Office 365 personal sites (also known as My Sites) need to be deployed in your organization, and the user profile service needs to be running. This is because social features, such as sharing documents, depend on personal sites and user profiles. To support Sync in SkyDrive Pro (the ability to synchronize SkyDrive Pro documents with local desktops), make sure that either Office 2013 (Standard or Professional) or an Office 365 subscription that includes the Office 2013 applications is running on Windows 7 or Windows 8 client devices. Regarding security concerns: SkyDrive Pro client exchanges with SharePoint sites rely on synchronization protocol and external mechanisms for security, such as those provided by VPNs or Secure Socket Layer (SSL) technology. SkyDrive Pro data is not encrypted over the network when the SkyDrive Pro client talks to SharePoint (which is required to support SkyDrive Pro), unless the transport protocol is being used for server communication is through https (which uses SSL or Transport Layer Security – TLS). Server administrators can configure SSL encryption for data sent over the network between the SkyDrive Pro and the SharePoint servers. On-disk data can be encrypted using the Windows BitLocker Drive Encryption. For more information see ‘BitLocker Drive Encryption’ at http://go.microsoft.com/fwlink/p/?LinkId=163122 . Note: SSL is recommended for SharePoint connections from outside a corporate domain. If you’re using Active Directory, you can configure the following Group Policy setting: Sync Only On Domain Network: Requires a Secure Socket Layer (SSL) connection for SkyDrive Pro clients trying connect to SharePoint Server 2013 (or SharePoint 2010) from outside the organization’s intranet. In addition, you can secure the SharePoint site from unauthorized access by setting access control lists appropriately. For guidance about how to set access control for users to synchronize with SharePoint libraries and lists, see ‘Overview of site permissions in SharePoint 2013′ at http://technet.microsoft.com/en-us/library/jj219771.aspx
Understand your landscape
The table shows where mobile views can be applied.We need Team sites and publishing sites – to A USER POPULATION with lots of legacy smartphones - Classic View does not support publishing sites
Which sites do you plan to have mobile views on for SharePoint Server 2013? it is important to identify which sites will require a mobile rendering in your organization.
SPCA2013 - Getting to grips with a SharePoint 2013 BYOD Strategy
• Microsoft SharePoint MVP & 2010 & 2013 TAP member
• 25 years+ in IT
• Primarily worked in large organisations, on large projects
• IT Services Agency, Syntegra, BT PLC
• Capgemini PLC
• Specialise in large scale SharePoint
Strategy, Architecture, Assurance and Governance
• Co- authored a few books on various SharePoint, JAVA
and .NET subjects
• North East Administrator for the SharePoint UK User
Busy on Assurance for a 170,000 seat
SharePoint 2013 and 0365 Hybrid Build.
I’m from Up-North UK– I speak QUICKLY!
• The confusion of BYOD Terminology
• The Changing BYOD Landscape
• An overview of SharePoint 2013 Mobile Capability
• Planning for Mobile views
• Supported Devices
Understanding your own Landscape
Tooling – Can it help?
Licencing – EEK!
Scary Thoughts - OOH!
More Questions than Answers!
• SMM = Social Media Monitoring
• ORM = Online Reputation Management
• MDM = is that master data management or mobile device
• MAM (EAM)= Mobile/Enterprise Application Management
• BYOD = Bring your Own Device – you own it the
enterprise permits you to use it
• BYOT = Bring your Own technology – you own it the
enterprise permits you to use it
• COPE = corporate-owned, personally enabled-- the
enterprise purchases a device and service plan that the
• BYOL – Bring your own License
• BAAD = Bring an Agreeable Device
• Something we use to connect to something we need
• As a user, I don’t care who owns it - I want the choice
• As a corporate I have may concerns like security
• I may have concerns about ownership
• I may have concerns about supporting sporadic
• I may have concerns about licencing
• I may be looking to drive down IT spend
• I want my users to be more social, anytime, anywhere!
• The Middle East has one of the highest adoption rates of
the practice worldwide in 2012.
• According to research by Logicalis, high-growth markets
(including Brazil, Russia, India, UAE, and Malaysia)
demonstrate a much higher propensity to use their own
device at work. Almost 75% of users in these
countries did so, compared to 44% in the more mature
• International research reveals that only 20% of
employees have signed a BYOD policy
( Cisco’s “Visual Networking Index (VNI) Global Mobile Data Traffic
Cisco Measuring Data consumption per device type
• By 2016, mobile-connected tablets alone will generate
almost as much traffic as the entire global mobile network
does in 2012, 1.1 exabytes per month
• 4G phones, only 0.2% of mobile connections, are already
accounting for 6% of mobile data traffic
• By 2016, 4G will account for 36% of total mobile traffic
• By 2016, video will be over 70% of traffic
• So, we have a surging demand
• 15 billion network connected devices by 2015 – 2 per
• We understand the landscape – it’s growing out of control
• Contemporary view This view offers an optimized mobile
browser experience to users and renders in HTML5. This view
is available to Mobile Internet Explorer version 9.0 or later
versions for Windows Phone 7.5, Safari version 4.0 or later
versions for iPhone iOS 5.0, and the Android browser for
Android 4.0 or later versions
• Full-screen UI There is also the ability to have a full desktop
view of a SharePoint site on a mobile device.
• Classic view This view renders in HTML format, or similar
markup languages (CHTML, WML, and so on), and provides
backward compatibility for mobile browsers that cannot render
in the new contemporary view. The classic experience in
SharePoint Server 2013 is identical to the mobile browser
experience of SharePoint Server 2010.
Research here: http://technet.microsoft.com/enus/library/jj673030.aspx
• Mobile browser redirection
• To access a site by using the optimized mobile browser
experience, a new feature named Mobile Browser View must be
activated on the site. When activated and a mobile browser is
accessing the site, this feature checks the mobile browser to
determine whether it can handle HTML5. If the mobile browser
supports HTML5, the contemporary view is rendered. Otherwise, the
classic view is rendered.
• By default, this feature is activated when any of the following
site templates are used:
• Team Site
• Blank Site
• Document Workspace
• Document Center
• Project Site
• You must explicitly activate the feature on sites created with other
templates. You can activate or deactivate the Mobile Browser View
feature at the site level.
• In SharePoint Server 2013, you can render a single
publishing site in multiple ways by using different designs
that target different devices based on their user agent string
using Device Channels.
• You create a single site and author the content in it a single
time. Then, that site and content can be mapped to use
different master pages and style sheets for a specific device
or group of devices. Also, you can easily show different
content to different device channels using same page and
• 10 MAX boundary per site collection – Info Arch!
• Don’t underestimate the workload in customising for each
• You can configure and manage a mobile account in
SharePoint Server 2013 to enable users to subscribe to
alerts that are sent by using Short Message Service
• SMS alerts are sent to the mobile device when changes
are made to a SharePoint list or item
• Without SMS – you can use Push Notifications for apps
on windows phones so then device is informed even if
the app is not the active app – no IOS integration (yet) –
• A standard alert over email usually requires the email
client to be active – you can still do this
• For mixed environments consider the complexity of any
notification services -
• There is now a Geolocation field you can use in
• There is an investment in time to get this working – work
out your benefits upfront
• Not indexable via Search
Jury is out on this one for
• SharePoint Server 2013 enables a user to view certain
kinds of dashboard content.
• This includes PerformancePoint reports and
scorecards, and Excel Services reports in iOS 5.0+ Safari
browsers on iPad devices. OOTB
• Office Web Apps Server is a new stand-alone server product
that still provides mobile browser-based viewers for these
applications. These viewers called Word Mobile Viewer, Excel
Mobile Viewer, and PowerPoint Mobile Viewer are optimized to
render documents for phones. When integrated with
SharePoint Server 2013, a user can enjoy enhanced viewing
experiences when interacting with documents on the phone.
• Together, SharePoint Server 2013 and Office Web Apps
Server offer a better user experience when interacting with
documents on a mobile device. For example, when both
products are used together, a user opens a server-based
version of the document in the mobile browser. Without Office
Web Apps Server, the user would first have to download the
file and then open it in Office Mobile or in an Office document
viewer. IOS file locking issues – 60 minute locks
• SkyDrive is free online storage that provides you with
a personal library where you can upload and access
files from any of your devices
• SkyDrive Pro library is managed by your organization
and is available with either Office 365 or SharePoint
• Needs an app per device – including windows client
• You can of course just use your browser for basic
• There are other services (Google Drive, Box, LiveDrive
and SugarSync for example)
• SkyDrive Offline is a now a real world planning
consideration for supporting BYOD
• SkyDrive is not, and has never claimed to be, HIPAAcompliant. Or IL3 If you have a level of security
requirement that involves the phrase "security auditors"
SkyDrive will never pass. There aren't any audit logs,
for one thing.
• Office 365 (SP online) can provide IL2 – soon
• Skydrive Pro can be enforced to use SSL for transport –
it isn’t stored encrypted, only transmitted
• Subject to Patriot Act – EEEK!
Serial Number/Asset Tag
Is the browser supported in
Android (3000 devices)
• For smartphone devices only.
Activated by default on select site
templates (Team Site, Blank
Site, Document Workspace, Document
Center, and Project Site).
• Some of the views are unavailable to
certain phones and tablets – support call
• For apps - Don’t expect device affinty
across devices – the reason the BBC
in the UK has not released iPlayer for
all devices is they all appear to work
differently – now on ICS 4.3, but limited
The browser-based mobile views in SharePoint Server 2013 can be used on
a number of different SharePoint site templates.
Full screen UI
Team Site #1 (HR) -Mobile view required
Team Site #2 (Finance) – Mobile view required
Public Facing Site -Mobile view required
Phone 7.5 or
iOS 5.0 or
• Any BYOD strategy will increase your Data
• Access points/network segments might need scaling
• Skydrive synch can quickly get out of control if you
synch quickly changing directories
• Think about monitoring – how do you do it, is it suitable
During 2011 to 2016 Cisco anticipates that global mobile
data traffic will outgrow global fixed data traffic by
• Authorized software
• Managed mobile
Manage and suppot mobile
applications, content and operating
systems – Support Control
Procure and provision service
Reporting and Statistics on usage
Help desk/support – details to help problem
• Usage – patterns and service evolution
• Service and contract – SLA/OLA consideration
For Device control look to Windows In-Tune
For Content control look to Azure AD Rights
Management (for SharePoint/Exchange
• Remote wipe If a mobile phone is lost, stolen, or otherwise compromised, you
can issue a remote wipe command from the Exchange Server computer or from
any Web browser by using Outlook Web App. This command erases all data from
the mobile phone. ·
• Device policies Exchange ActiveSync lets you configure several options for
device policies. These options include the following:
• Minimum password length (characters) This option specifies the length of the
password for the mobile phone. The default length is 4 characters, but as many as
18 can be included. · Inactivity time (seconds) This option determines how long
the mobile phone must be inactive before the user is prompted for a password to
unlock the mobile phone. · Enforce password history Select this check box to
force the mobile phone to prevent the user from reusing their previous passwords.
The number that you set determines the number of past passwords that the user
won't be allowed to reuse.
• Wipe device after failed (attempts) This option lets you specify whether you want
the phone's memory to be wiped after multiple failed password attempts.
• Allow simple password. This setting enables or disables the ability to use a
simple password such as 1234.
• Allow storage card. This setting specifies whether the mobile phone can access
information that’s stored on a storage card.
• Password enabled. This setting enables the mobile phone password.
• Password expiration. This setting enables the administrator to configure a length of
time after which a mobile phone password must be changed.
• MEAP integration Layer - SharePoint Composites and
• Security - Unified Access Gateway with deep packet
inspection, Exchange policy Enforcement
• Provisioning - System Center Configuration Manager
(SCCM), Windows Intune, Exchange Server, Windows
• Software - Visual Studio allow development of crossplatform thick and thin apps - HTML5
• Multi-channel transports like
HTTP/SOAP/REST/EAS/XML/JSON, OData, and the
Sync Framework support communication with any mobile
We need to look beyond the SharePoint
• You cannot segregate SharePoint 2013 from BYOD – by
• 1 - Mobile Device Policy is KEY
• Base it on user satisfaction if possible
a risk assessment;
appropriate policies and procedures;
appropriate guidance to staff;
good governance and/or audit arrangements in place to establish clear
lines of responsibility for preventing contraventions;
• robust monitoring mechanisms; and
• adherence to relevant guidance or codes of practice.
• 2 - Understand Expenses – who pays for what
• 15 billion/2 per person = 24,000 BILLS
• If you are in the Healthcare industry, you’ll need to
comply with the requirements of the Health Insurance
Portability and Accountability Act of 1996 (HIPAA) and
the Health Information Technology for Economic and
Clinical Health Act (HITECH Act).
• The HIPAA Security Rule complements the Privacy Rule.
While the Privacy Rule pertains to all Protected Health
Information (PHI) including paper and electronic, the
Security Rule deals specifically with Electronic Protected
Health Information (EPHI)
• Information management is critical
US - Walgreens Fined $1.44 Million for exposing confidential data
One US hospital lost a single netbook and are facing a $1.5 million
£50,000 Prudential - the first monetary penalty notice not related to a
FSA imposed a fine of £3m on HSBC for various failures in respect of
the personal data it held
Zurich Insurance - £2.3m fine for mislaying an unencrypted tape
backup with 46,000 sensitive customer records on it
Spain - 1.08 million Euro fine imposed on Zeppelin TV, made
information about Big brother applicants available online
Gemany - Deutsche Bahn was fined 1.1 million Euros for breaches of
data protection laws
HaSpa (the savings bank of Hamburg) was fined 200,000 Euros for
transferring customer data to external service providers.
• • Information security is the most important aspect of
• “Appropriate technical and organisational measures shall
be taken against unauthorised or unlawful processing of
personal data and against accidental loss or
destruction of or damage to personal data”
• Loss or unauthorised access can result in harm and
could result in regulatory action
• Sections 55A and 55B of the Data Protection Act 1998
• NL – Article 26/4
• contravention of Section 4(4) of the Act (the duty to comply
with the data protection principles
• – serious breach of data protection principles likely to cause
substantial damage or distress – deliberate or reckless
• Other enforcement powers:• – enforcement notice
• – powers of access and inspection
• Criminal offences
• Civil offences
• Passwords should not be an option – IOS
automatically encrypts when it is enabled
• Encryption should be mandatory – earlier Android
devices do not support encryption
• Restrict Device Features as Necessary – disable
bluetooth/cameras – can you disable by geolocation?
• Restrict, allow and require apps you need to
• Block non-corporate email like GMail
• Push your wireless network, VPN and passcode settings
to your users OTA (over the air) – remove them same
• Do you allow temporary non-compliances?
All Pointless without Testing and
All affect BYOD licensing costs = strategy
• Virtual Desktop Access (VDA) license is $100 per
year, per device. If you have Software Assurance, VDA
rights are included
• If you buy a device with WinRT installed, it has built-in
• Without VDA you need a CDL per device
• Access SharePoint via a browser only – you only need a
• The default Office Web Apps mode is view-only, and it
is provided free. The other mode enables both viewing
and editing, and this mode must be additionally
• If a personal device gets stolen from inside an employees
car, with confidential data on it – who gets Sued? What
are the insurance or personal implications?
• If your personal insured device gets lost with the only
source of information on it, and a project delivery fails –
who pays the penalties?
• Why would you ever choose and pay for a device – to
save the business money, and then permit your employer
to dictate how you can use it?
• Who pays if a device is found to have pirated software on
it – my iPad is jailbroken – should you permit rooted or
jailbroken devices – what are the consequences?
• If you end up using non-corporate software for company
business – who covers the licence costs?
• Swipe and Wipe is fine – what if the device cannot be
wiped and the hard drive ends up in India being recycled
• Many of us share devices with spouses and children –
consequences of leaving a VPN open to SharePoint
• What about device emulation and virtualisation – device
spoofing via virtualisation – policy on that VM but not on
• I can afford a better device that makes me more
productive, how is that measured and fairly balanced by
HR for pay evaluations?
• Research has shown that we are affecting sleep patterns
with tablets/smartphones & Bluelight, how will your
company control this potential for productivity drop we
never had with laptops?
BYOD strategies – better start that journey no