This document discusses enabling BYOD (bring your own device) programs in businesses using WSO2 Enterprise Mobility Manager (EMM). It begins with an introduction of the presenter and WSO2. It then discusses how businesses have evolved from employees working solely from the office to increasing mobility. This brings benefits like increased productivity but also risks around data security if devices are lost or apps are malicious. EMM tools like mobile device management (MDM) and mobile application management (MAM) can help secure devices and control apps/data. WSO2 EMM is highlighted as an open source solution that provides MDM, an enterprise app store, and MAM features to securely enable BYOD programs while balancing usability

1. Director , Enterprise Mobility
Shanmugarajah
BYOD for your business with WSO2 Enterprise Mobility
Manager
09 April 2014

2. 2
About the Presenter
Shan specializes in mobile technology with over 16 years
experience in that field.
He has a strong background in telecommunication
software development and is a hardcore coder in Android
and iOS platforms.
Prior to joining WSO2Mobile, he was working as the CTO/
Director of Microimage Mobile Media for almost 16 years.
He played a key role in engineering products where
Microimage has won many local & international awards
which includes winning the Inaugural GSMA Asia Mobile
Innovation Award, Commendation from GSMA at the
Barcelona World Awards in 2007, Asia Pacific ICT Awards
(APICTA), National Science & Technology Awards (Sri
Lanka).

3. 4
About
WSO2
๏ Global enterprise, founded in 2005 by
acknowledged leaders in XML, web services
technologies, standards and open source
๏ Provides only open source platform-as-a-
service for private, public and hybrid cloud
deployments
๏ All WSO2 products are 100% open source and
released under the Apache License Version 2.0.
๏ Is an Active Member of OASIS, Cloud Security
Alliance, OSGi Alliance, AMQP Working Group,
OpenID Foundation and W3C.
๏ Driven by Innovation
๏ Launched first open source API
Management solution in 2012
๏ Launched App Factory in 2Q 2013
๏ Launched Enterprise Store and first
open source Mobile solution in 4Q 2013

4. 5
What WSO2 delivers

5. Agenda
1. Your Business
2. Extending you business
3. Allow Mobility in your Business
4. BYOD Benefits
5. Risks & Challenge
6. Tool to solve the challenge
7. WSO2 EMM for your BYOD business
3

6. Your Business
Few years back
6

7. Employees
Enterprise
Data
Device
Work
• Happens inside a place
• Dependent on specific Technology
• Resources
Within the premise
Owned by enterprise
Device
Your Business
7

8. Now
8

9. Enterprise
Data
Employees
Device
Data
Work
• Independent of place
• Independent of Technology
• Resources
Within the premise and outside
Owned by enterprise and employees
Your Business Now
9

10. Enterprise Mobility ?
10

11. Enterprise
Data
Employees
Device
Data
Enterprise Mobility
Employees working out of the office with Mobile devices and cloud services to perform business tasks.
11

12. Enterprise Mobility is to employees
of the enterprise
!
Extended Enterprise is to business
partners, distributors etc
Extended Enterprise
12

13. Decision
1.Whether to allow mobility in your business ?
2.Allow Employees to use their device in Enterprise Mobility ?
3.Allow business partners,distributors to use their device in Enterprise Mobility ?
13

14. Benefits of BYOD
14
• Increased Productivity
• Employee satisfaction
• Enterprise Cost saving

15. Risks
16

16. Enterprise
Data
Employees
Devices
COPE BYOD
AndroidiOS Windows 8Blackberry
1 2 3
Company Owned, Personally Enabled Bring your own device
Business Parters
17

17. Data
BYOD
PublicStore
App
1
3
4 Data
2
Employees
Business Par
18

18. Challenges
1.Data Security (Most Important)
2.Remote Device Management
3.Enterprise Store
4.Enterprise Application Development & Management
19

19. Benefit always outweighs the risks
benefits
risks
20

20. How the data can be compromised ?
Device being lost or stolen
Malicious App stealing the data
Data Leak
What is the data ?
Email message or the attachment
Documents like pdf,word,excel,ppt,text
Browser accessing HTML pages,cookies
Contact,Calendar,Notes
Application with Database
Why the data is sensitive ?
It can be highly confidential
like quotation value, salary details
It can have a high impact if it goes to
the wrong person
Who can compromise ?
External
Internal
Data Security
21

21. EMM Tools
!
Device Based
Application Based
22

22. Mobile Device Management (MDM)
Data Security
Enforce Password Policy
Encrypt Device Data
!
Remote Device Management
Monitor Device (location,battery)
Configure device(Email,VPN)
Control Device (Enable/Disable Camera)
Update OS, Install & Uninstall App
Data Security
No granular control of the sensitive data
Remote Device Management
Privacy issue
User Experience
23

23. 23
Vendor Apps
Enterprise Apps
Apps from Public Store
Apps in the Device

24. 24
Data Security - Approach 2 - Separate Apps and Data
Within Device Away from Device
1. Desktop Virtualization
2. Web Apps
1. Mobile Virtualization

25. Dual persona, two separate and independent end user environments in a single device.
Mobile Virtualization
Virtualized OS’s on mobile (Hypervisor 1 and 2)
25

26. Dual Persona
Blackberry Z10Samsung Note 3
KNOX Container
26

27. MAM gets you a step closer to managing what you care about
MAM brings the perimeter closer to the corporate resources
Mobile App Management
27

28. Mobile App Management (MAM)
1. MAM (Controlling App behavior)
1a. SDK Approach
1b. App wrapping
2. OS MAM - iOS MAM through MDM
3. App Store and Managing apps with MDM
28

29. Data security features
1. Encrypt the data at transmit use app VPN tunnel or app tunnel
2. Encrypt the data at rest & decrypt only when viewing
3. Two factor authentication
4. Data Loss prevention (Disable Cut,Copy and Paste)
5. Data at rest should be controlled (Delete)
6. Policy based Data control , where policy can be pushed and updated
Additional Features
1. Enterprise Apps in the mobile should be able to use SSO
2. Data can be shared between application
3. DLP (cut,copy,paste) should be enabled between enterprise applications
MAM controlling apps behavior
29

30. Techniques for Creating Apps That Work With MAM
• Use a MAM SDK
• App wrapping
30

31. MAM SDK Approach
SDK contains all the necessary API to implement the MAM features
Provides enterprise-grade security with user authentication, single sign on, copy/
paste prevention, data encryption, app-level policies, compliance monitoring and
management.
31

32. App Wrapping
• For apps already built
• Need unsigned app binary.
• Not to apps from public app stores.
• Can do basics of encryption, authentication, or app-level VPNs.
• Can intercept, block, or spoof API calls made
• Can change the app icon
App Wrapper Tool
32

33. WSO2 Enterprise Mobility Manager
How it can solve the challenge
33

34. WSO2 EMM Features
• MDM
• Enterprise Store with
Publisher
• Mobile App Management
34

35. Mobile Device Management
• Employee / Corporate Owned
• Supports Android, iOS
• Identity integration
• Policy Management
• Containerization (Email)
• Self Service Provisioning
• Role Based Permission
• End-User MDM Console
• Enterprise Wipe
• Reports & Analytics
35

36. Configuration
Android Features
• Device Lock
• User password protected WIPE
• Clear Password
• Send Message
• Wi-Fi
• Camera
• Encrypt Storage
• Mute
• Password Policy
• Change Lock Code
• App Blacklisting
• Location
• Battery Information
• Memory Information
• Operator Information
• Root Detection
• Application Information
Information
36

37. iOS Features
• Device Lock
• Clear Passcode
• Wi-Fi
• Camera
• VPN
• APN
• Email
• Calendar
• LDAP
• Black - Listing Apps
• Enterprise WIPE
• Password Policy
• Battery Information
• Memory Information
• Application Information
Configuration Information
37

38. WSO2 EMM Screens
38

39. WSO2 EMM Screens
39

40. • Supports multiple platforms
• Android
• Native, Hybrid Application (.apk)
• Web Application
• Market Place Application (Google Play) [Free]
• iOS (iPhone, iPad)
• Native, Hybrid Application (.ipa) - Need to have enterprise developer account
• Web Application
• Apple Store Application [Free]
• VPP Application (Next Release)
Publisher
40

41. Store
Supports multiple platforms
User subscription
Advanced search options
App sorting
Support for existing user stores (Widgets, Gadgets, Books,
Magazines , APIs).
Single-Sign on
41

42. WSO2 EMM – Store
42

43. Application Management Console
• Mobile app policy enforcement
• Compliance monitoring
• Bulk app push
• User App Management
• Tracking app Installation
43

44. WSO2 EMM – App Management
44

45. Roadmap
• App Containerization (SDK Approach)
• Samsung KNOX Integration
• Dynamic Policy
• mBaaS
• MEAP
45

46. 47
Benefits
• Open Source
• Built on top of award winning Carbon platform
• Integrates with WSO2 Identity Server for robust authentication and
authorization
• Integrates with WSO2’s big data analytics framework, including WSO2 Complex
Event Processor (WSO2 CEP) for real-time analysis and WSO2 Business
Activity Monitor (BAM) for batch analysis.
• Multi-tenant and cloud-ready; same software can be deployed directly on
servers or in the cloud.
• Highly performant, available, stable, and scalable
• Lightweight and easy to deploy
• Unified Store (Mobile Apps,Widgets,Gadgets,Books,Magazines,API’s etc)

47. Summary
WSO2 EMM allows your business to embrace BYOD
without compromising End-User Experience and
privacy.

48. Consumerization is a two-way street.
You need to make sure your users understand
the need to keep resources safe, but you also
need to make corporate resources accessible.
IT Consumerization

49. 48
Business Model

50. 49
Links
Download EMM
http://wso2.com/products/enterprise-mobility-manager/
EMM Documentation
https://docs.wso2.org/display/EMM100/Introducing+EMM
!

51. Contact
us
!