Director , Enterprise Mobility

Shanmugarajah

BYOD for your business with WSO2 Enterprise Mobility Manager

09 April 2014

2

About the PresenterShan specializes in mobile technology with over 16 years experience in that field.

He has a strong background in telecommunication software development and is a hardcore coder in Android and iOS platforms.

Prior to joining WSO2Mobile, he was working as the CTO/Director of Microimage Mobile Media for almost 16 years.

He played a key role in engineering products where Microimage has won many local & international awards which includes winning the Inaugural GSMA Asia Mobile Innovation Award, Commendation from GSMA at the Barcelona World Awards in 2007, Asia Pacific ICT Awards (APICTA), National Science & Technology Awards (Sri Lanka).

4

About  WSO2๏ Global enterprise, founded in 2005 by

acknowledged leaders in XML, web services technologies, standards and open source

๏ Provides only open source platform-as-a-service for private, public and hybrid cloud deployments

๏ All WSO2 products are 100% open source and released under the Apache License Version 2.0.

๏ Is an Active Member of OASIS, Cloud Security Alliance, OSGi Alliance, AMQP Working Group, OpenID Foundation and W3C.

๏ Driven by Innovation

๏ Launched first open source API Management solution in 2012

๏ Launched App Factory in 2Q 2013

๏ Launched Enterprise Store and first open source Mobile solution in 4Q 2013

5

What WSO2 delivers

Agenda

1. Your Business 2. Extending you business 3. Allow Mobility in your Business 4. BYOD Benefits 5. Risks & Challenge 6. Tool to solve the challenge 7. WSO2 EMM for your BYOD business

3

Your Business Few years back

6

Employees

Enterprise

Data

Device

Work• Happens inside a place • Dependent on specific Technology • Resources Within the premise Owned by enterprise

Device

Your Business

7

Now

8

Enterprise

Data

Employees

Device

Data

Work• Independent of place • Independent of Technology • Resources Within the premise and outside Owned by enterprise and employees

Your Business Now

9

Enterprise Mobility ?

10

Enterprise

Data

Employees

Device

Data

Enterprise Mobility

Employees working out of the office with Mobile devices and cloud services to perform business tasks.

11

Enterprise Mobility is to employees of the enterprise !

Extended Enterprise is to business partners, distributors etc

Extended Enterprise

12

Decision 1.Whether to allow mobility in your business ? 2.Allow Employees to use their device in Enterprise Mobility ? 3.Allow business partners,distributors to use their device in Enterprise Mobility ?

13

Benefits of BYOD

14

• Increased Productivity • Employee satisfaction • Enterprise Cost saving

Risks

16

Enterprise

Data

Employees

Devices

COPE BYOD

AndroidiOS Windows 8Blackberry

1 2 3

Company Owned, Personally Enabled Bring your own device

Business Parters

17

Data

BYOD

PublicStore

App

1

3

4 Data

2

Employees

Business Parters

18

Challenges1.Data Security (Most Important)

2.Remote Device Management

3.Enterprise Store

4.Enterprise Application Development & Management

19

Benefit always outweighs the risks

benefits

risks

20

How the data can be compromised ? Device being lost or stolen Malicious App stealing the data Data Leak

What is the data ? Email message or the attachment Documents like pdf,word,excel,ppt,text Browser accessing HTML pages,cookies Contact,Calendar,Notes Application with Database

Why the data is sensitive ? It can be highly confidential like quotation value, salary details It can have a high impact if it goes to the wrong person

Who can compromise ? External Internal

Data Security

21

EMM Tools !

Device Based Application Based

22

Mobile Device Management (MDM)

Data Security Enforce Password Policy Encrypt Device Data !Remote Device Management Monitor Device (location,battery) Configure device(Email,VPN) Control Device (Enable/Disable Camera) Update OS, Install & Uninstall App

Data Security No granular control of the sensitive data Remote Device Management Privacy issue User Experience

23

23

Vendor Apps

Enterprise Apps

Apps from Public Store

Apps in the Device

24

Data Security - Approach 2 - Separate Apps and DataWithin Device Away from Device

1. Desktop Virtualization 2. Web Apps

1. Mobile Virtualization

Dual persona, two separate and independent end user environments in a single device.

Mobile Virtualization Virtualized OS’s on mobile (Hypervisor 1 and 2)

25

Dual PersonaBlackberry Z10Samsung Note 3

KNOX Container

26

MAM gets you a step closer to managing what you care about MAM brings the perimeter closer to the corporate resources

Mobile App Management

27

Mobile App Management (MAM)

1. MAM (Controlling App behavior) 1a. SDK Approach 1b. App wrapping 2. OS MAM - iOS MAM through MDM 3. App Store and Managing apps with MDM

28

Data security features1. Encrypt the data at transmit use app VPN tunnel or app tunnel 2. Encrypt the data at rest & decrypt only when viewing 3. Two factor authentication 4. Data Loss prevention (Disable Cut,Copy and Paste) 5. Data at rest should be controlled (Delete) 6. Policy based Data control , where policy can be pushed and updated

Additional Features 1. Enterprise Apps in the mobile should be able to use SSO 2. Data can be shared between application 3. DLP (cut,copy,paste) should be enabled between enterprise applications

MAM controlling apps behavior

29

Techniques for Creating Apps That Work With MAM

• Use a MAM SDK • App wrapping

30

MAM SDK Approach

SDK contains all the necessary API to implement the MAM features Provides enterprise-grade security with user authentication, single sign on, copy/paste prevention, data encryption, app-level policies, compliance monitoring and management.

31

App Wrapping

• For apps already built • Need unsigned app binary. • Not to apps from public app stores. • Can do basics of encryption, authentication, or app-level VPNs. • Can intercept, block, or spoof API calls made • Can change the app icon

App Wrapper Tool

32

WSO2 Enterprise Mobility Manager How it can solve the challenge

33

WSO2 EMM Features

• MDM

• Enterprise Store with Publisher

• Mobile App Management

34

Mobile Device Management

• Employee / Corporate Owned • Supports Android, iOS • Identity integration • Policy Management • Containerization (Email) • Self Service Provisioning • Role Based Permission • End-User MDM Console • Enterprise Wipe • Reports & Analytics

35

Configuration

Android Features

• Device Lock • User password protected WIPE • Clear Password • Send Message • Wi-Fi • Camera • Encrypt Storage • Mute • Password Policy • Change Lock Code • App Blacklisting

• Location • Battery Information • Memory Information • Operator Information • Root Detection • Application Information

Information

36

iOS Features

• Device Lock • Clear Passcode • Wi-Fi • Camera • VPN • APN • Email • Calendar • LDAP • Black - Listing Apps • Enterprise WIPE • Password Policy

• Battery Information • Memory Information • Application Information

Configuration Information

37

WSO2 EMM Screens

38

WSO2 EMM Screens

39

• Supports multiple platforms • Android • Native, Hybrid Application (.apk) • Web Application • Market Place Application (Google Play) [Free]

• iOS (iPhone, iPad) • Native, Hybrid Application (.ipa) - Need to have enterprise developer account • Web Application • Apple Store Application [Free] • VPP Application (Next Release)

Publisher  

40

Store  Supports multiple platforms User subscription Advanced search options App sorting Support for existing user stores (Widgets, Gadgets, Books, Magazines , APIs). Single-Sign on

41

WSO2 EMM – Store

42

Application Management Console

• Mobile app policy enforcement • Compliance monitoring • Bulk app push • User App Management • Tracking app Installation

43

WSO2 EMM – App Management

44

Roadmap

• App Containerization (SDK Approach) • Samsung KNOX Integration • Dynamic Policy • mBaaS • MEAP

45

47

Benefits

• Open Source • Built on top of award winning Carbon platform • Integrates with WSO2 Identity Server for robust authentication and

authorization • Integrates with WSO2’s big data analytics framework, including WSO2 Complex

Event Processor (WSO2 CEP) for real-time analysis and WSO2 Business Activity Monitor (BAM) for batch analysis.

• Multi-tenant and cloud-ready; same software can be deployed directly on servers or in the cloud.

• Highly performant, available, stable, and scalable • Lightweight and easy to deploy • Unified Store (Mobile Apps,Widgets,Gadgets,Books,Magazines,API’s etc)

47

Summary

WSO2 EMM allows your business to embrace BYOD without compromising End-User Experience and privacy.

48

Consumerization is a two-way street. You need to make sure your users understand the need to keep resources safe, but you also need to make corporate resources accessible.

IT Consumerization

48

Business Model

49

Links

Download EMM

http://wso2.com/products/enterprise-mobility-manager/

EMM Documentation

https://docs.wso2.org/display/EMM100/Introducing+EMM

!

Contact  us  !