Avva Mobile Enterprise Solutions - Corporate Idendity
Zenprise MDM
1. Mobil Cihaz Yönetimi /
Mobile Device
Management Sayısında Mobil İş Optimizasyonu
Cihaz Çeşitliliği Uygulama
Artış
Device Proliferation Mobile Business
App Explosion Optimisation
2010 2011 2012
“Bende de Olmalı!” “Üretkenlik Arttı”
“Gotta Have It!” “That’s Cool!” “That’s Productive”
Mobil Cihazlar PC leri iOS Cihazı başına 60 Sınıfının en iyi
Gölgede Bıraktı Uygulama şirketlerinin mobil
60 Apps Per iOS Device stratejileri olmalı
Devices Eclipse PCs
Best-in-Class Companies
İş süreçlerimizi nasıl
Have Mobility Strategy
Tüm cihazları nasıl
Veriyi ve ağı nasıl korumalı? dönüştürmeli?
yönetmeli?
How to protect data & NW? How to transform
How to manage all devices?
business?
Sources: Asymco and Aberdeen
The mobility space has seen dramatic change in the last few years.Imagine, a year and a half ago the iPad didn’t exist. Last year saw the explosion of apps, and this year we’re seeing businesses really get serious about mobile. With the bring your own device trend well underway, lots of organizations are using mobile to transform their business.
With that opportunity comes risk. The last decade has seen the security and IT world invest billions to get secure and compliant, but with mobile on the scene, all the security and compliance holes we spent the last decade fixing are opened back up. Three use cases we address at Zenprise are around mobile devices connecting to corporate over insecure networks, users exposing the organization to malicious or non-compliant apps by downloading those apps on the devices they use for work and play; and employees accessing confidential data from their mobile devices.
Before we talk to you about our product and our areas of differentiation…it helps to get some context. It’s one thing for us to say that we’re unique and a leader...CLICK. …but it’s another when Gartner says so…CLICK. …Forrester has given us a perfect score across the board for both our on-premise and cloud solutions…CLICK. …and we have thousands of blue-chip customers who run their mobile enterprises on Zenprise.
With that in mind, we have three primary offerings: on premise and cloud-based mobile device management solutions and a host of support and services offerings to help you with your mobile goals.
As a baseline, your MDM solution should support your organization’s mobile devices over their lifecycle. This includes: Configuring devices and setting policies.Provisioning devices by having users self-service enroll, providing an enterprise app store, and delivering policies and apps over the air.Securing devices by configuring native security settings, blacklisting and whitelisting apps, locking apps, and securing data; Providing helpdesk functions, remote support, and troubleshooting; Monitoring and reporting on device, service, infrastructure, security, and compliance; and Decommissioning devices upon employee departure
Using our Mobile Maturity Model as a framework to talk about Zenprise differentiation, a basic requirement is ease of use. A lot of MDM vendors say they’re easy to use, but the devil is in the details…Whether on-premise or in the cloud, Zenprise is so simple that even your boss can manage it!CLICK.Zenprise has a simple, wizard-based deployment. We mix-and-match and re-use components that are visually grouped by device type, deploying “packages” to devices. We also integrate with LDAP directly, so users can be part one or multiple groups, like “Executive”, “Sales”, and “East Coast”. That way, if they need to get their sales apps, their executive policies, and the Wi-Fi configuration for East Coast, they can get all those things in one fell swoop. This is unlike some of our competitors who have one-to-one user-group mappings or who don’t group components by supported device type. This means the admin has to create packages for every component or user-group combination, or manually check to make sure that all of the policies got deployed to the proper devices, which are time-consuming and error-prone.CLICK.Beyond mixing-and-matching components and user groups, making changes is easy. If you change a policy, that change will automatically propagate where it needs to. This is unlike some of our competitors whose components are static once they’re packaged up. So if the admin reuses the same passcode policy in five packages and then makes a change to that passcode policy, he has to go in and manually change it in all five places. Doing it this way…it’s almost impossible to not make mistakes.CLICK.Because our LDAP integration is direct and real-time, personnel changes are automatically reflected in our system. This is mandatory if you have any policies that are based on roles. Some of our competitors are either not integrated with LDAP for groups or not integrated in real-time with LDAP; so admins have to go in and manually keep all personnel changes up to date, and the chances of being out of compliance are far higher. As one of our customers in the electric supply business, Codale, put it: “With Zenprise, I can just ‘set it and forget it’.”
Not only are we simple to manage, but we’re simple and transparentfor users, which means fewer support calls to IT support. Some of our competitors require, for example, the user to have a GMAIL account to register an Android device, which creates a huge headache for IT at enrollment time, and others burden users with things like agreeing to having location services turned on on the device so they can monitor device status like whether the device is jailbroken. But that’s really a burden for users who have to deal with the battery drain of location services just so they can enroll in their company’s BYOD program.As one of our Phoenix-based Transportation customers put it, “users don’t even know it’s there”.
A basic requirement of all of our customers, no matter where they are in their mobile adoption, is great services, support, and training. Our competitors talk about their support offerings, but make sure you push on them to make sure you’re getting the same level of commitment.We’ve made customer success our number one priority. Only Zenprise offers global, 24x7x365 support across all time zones, and with support in key local languages: English, Spanish, German, French, Russian, Mandarin, Hindi, Filipino, Portuguese, Japanese.Our customer success professionals are top-notch in their field, with an average of a technical bachelor of science degree and 10 years of experience.We’ve also shown commitment with lots of product communications choices, clear SLAs, a social presence, and by simply prioritizing the hiring of really talented support folks.
Again going back to our Mobile Maturity Model, as we move from basic requirements into the more advanced territory of tighter security requirements or regulation, we help there too.Most of our competitors’ security story is around configuring thesecurity on the device, and it kind of stops there. This is necessary but not sufficient. Zenprise’s capabilities extend beyond the device to apps, the network, and data. A testimonial to this is that one of our medical device customers in the Southwest chose us because some of their users had mobile access to an application that contained some patient data that they needed to protect and they knew we had their back with our application and network security.Our competitors talk about being secure, but again, the devil is in the details. Do they have “always on” device compliance, and security beyond the device – at the app, network, and data layers?CLICK. Beyond configuring security on the device, we have what we call “always on” device compliance, which includes a pre-deployment compliance check, policy enforcement at the gateway, and the ability to differentiate between individually-liable and corporate-liable devices. This is unlike some of our competitors who can’t check device compliance, so non-compliant or even malware-infected devices can get enrolled onto and infect the network before the first policy is even deployed. Also, some don’t block on really basic things like blacklisted apps. Finally, some allow users to decline location services or even remove a profile from their device, which means that a single infected device can put the whole corporate network at risk. “Always on” device compliance is something we uniquely deliver.CLICK. Beyond some basic things like application blacklisting, whitelisting, and restricting apps or resources like iTunes or the Android Market (yes, we do it on Android too!), we have some really unique app security for Android and Windows Mobile, including app lock and kill, and something we call Mobile App Tunnels. Mobile App Tunnels are like VPNs but for an individual app, and encrypt and compress the app connection and data. One of our customers – a national railway in Europe – uses Mobile App Tunnels not just for security but also for transaction reliability. Mobile App Tunnels and this level of application security is absolutely unique to Zenprise – only we provide it.CLICK. On network security, let’s face it: your users are going to log in from insecure places. So we protect you by letting you either restrict access in certain circumstances or by helping you provision VPNs or Mobile App Tunnels. Something we do that our competitors don’t is provide Mobile Security Intelligence, or information about what mobile users are doing on your network. We integrate that data with your SIEM, so you can see things like mobile compliance violations and insider threats as part of your overall security visibility. Mobile Security Intelligence is absolutely unique to Zenprise – only we provide it.CLICK. Finally, we protect data at rest, in use, and in motion. Our mobile DLP feature is kind of like Dropbox for mobile, but with enterprise controls. We let you securely distribute sensitive files to a secure doc container, synchronizefile changes across all users for version control, and let you block users from doing things like printing, saving, and emailing from the device. We integrate with content repositories starting with SharePoint. Mobile DLP is absolutely unique to Zenprise – only we provide it.Some of these features are basic, some advanced. But together they make for a pretty comprehensive and differentiated security and compliance story.
As we move into the optimized category of our Mobile Maturity Model, where our customers are rolling out some pretty transformative mobile apps, architecture can make or break you. CLICK. We pass muster with your security architects. Unlike some of our appliance based competitors, we don’t hold your data hostage in the DMZ. We also don’t require that you synch or store LDAP data in the DMZ like our competitors do. Finally, the way we’re built doesn’t require you to open a bunch of ports to make the solution work. Some of the appliance based solutions would have you open 3x the number of ports we do. And because we meet security best practices, it’s just a lot easier and more straightforward to get buy-in on the deployment plan from your security and network counterparts.CLICK. Any business-critical mobile environment needs to be highly available. We support active-active clustering at all tiers so there are no points of failure. It’s industry-standard, straightforward, and clearly documented, so there’s no mystery. Some of our competitors say they are highly available, but make you call customer support for any information on how to configure it, and some do it through a series of steps that involve virtual machine snapshots, which is either a manual process or requires you to run scripts to make failover and failback work. Those just don’t scale – when you go down, you need your HA to just work. We also have a scale-out architecture with load balancing built in, so we can scale as your deployment grows.We also don’t require changes to your mail environment. Some of our competitors do, and we’ve learned that this has caused grief for IT because simple things like an upgrade or even a patch can cause downtime for Exchange, your MDM, or both until they can give you a patch to fix the problem.
Our customers have the option of taking advantage of our cloud deployment as well. We run on SAS70 Type II and FISMA Moderate compliant and Federal Cloud Certified infrastructure…CLICK. …that’s highly available, scalable, and globally redundant with four datacenters around the world. CLICK. It’s a truly cloud, multi-tenant solution, but with separate database instances for each of our customers so that their data won’t be co-mingled. This is unlike some of our cloud competitors who do co-mingle customer data in the cloud, and whose customers have experienced data loss, exposure, or corruption. This is also unlike some of our cloud competitors who do not offer secure access to the corporate backend such as LDAP, PKI, Exchange ActiveSync, and even the BES environment.
We also provide a hybrid cloud option – using the best of both the cloud deployment and on-premise gateway. Here’s an example of how it works:CLICK. Normal traffic flow goes from the device through the network and to your private cloud.CLICK. But if the admin sets a bunch of policies in Zencloud and one of them is blacklisting an application…CLICK. And the user downloads that application…CLICK. And then tries to connect again, the on-premise gateway will recognize that the device is out of compliance and block the device
It’s one thing to make a theoretical argument about how our architecture is secure, available, and scalable, but we’ve proven ourselves in large, production deployments with some of the most demanding enterprises and government organizations.
As you plan for BYOD and beyond, consider some of our customers and their stories, from arming healthcare field personnel around the world with secure access to their apps while also making sure they’re compliant with local employee privacy laws.CLICK. Or this large European logistics company who is not only using Zenprise for their field personnel but also our Mobile DLP solution to distribute and time-expire sensitive docs to its board of directors.CLICK. Or this medical devices company that migrated its sales team to iPads, and uses Zenprise to make the latest version of sales collateral and presentations available when and where they’re needed.
