WSO2Con US 2013 - Achieving Safe BYOD and Productive Apps with WSO2 Mobile Device Management and Mobile Application Management

Achieving Safe BYOD and Productive Apps with WSO2 Mobile Device Management and Mobile Application Management

Sinnathamby Shanmugarajah (Shan)WSO2Mobile

Director, Architecture

Achieving Safe BYOD using WSO2Mobile MDM

“Work is no longer seen as a place rather seen as an activity independent of location and specific technology”


Employees have started bringing their own device to work • working even after work hours from home • working even on the move


Some organizations openly give access to their corporate network for email and content sharing without any restrictions.


NOW ?


Biggest Challenge

1. Security Risk2. Remote Device Management


How to achieve safety using WSO2Mobile MDM ?


1.Device restrictions (OS Version)2.Authentication 3.Block compromised device 4.BYOD Policy 5.Compliance Monitoring

WSO2Mobile MDM


1. Device restrictions (OS and Version) > Android 4.0.4 > iOS 5.0


2. Authentication

Authentication against enterprise user store.


3. Block compromised Devices

• Before Enrolling - Blocking • After Enrolling - Block and Enterprise WIPE


Why ?

Jailbreaking iOS device or Rooting Android is the process of getting privileged access.

If allowed, all sensitive corporate information can be exposed.


4. Policy Enforcing

WSO2Mobile MDM allows you to define BYOD policy and make necessary action.

Based on• Roles • Specific User • Platform



Password Policy


4a. BYOD Policy - Password Policy

Password Policy enforced device

4b. BYOD Policy - Encrypt phone (in iOS this is automatic when passcode policy is applied)Encrypts all your data (Both personal and Corporate)


5c. Data leaks

iCloud data backup WSO2Mobile MDM disables this feature when an enterprise application is pushed or installed from the


5. Compliance Monitoring

• Monitors the status based on policy• Take necessary action if violated Warn Block Access Enterprise WIPE




Productive Apps with Mobile Application Management

Productive Apps with WSO2Mobile MAM

Current situation

• Develop apps and host it in the respective platform Public Market Place (Apple Store , Android Google Play)

• App is exposed to public (Restrictions through authentication)

• Discovering the application is not easy


Achieve productive apps • Own enterprise store• Unified store• Easy app discovery and provisioning• App policy

Productive Apps with WSO2 Mobile Application Management

WSO2Mobile MAM

• Store • Publisher• Application Management Console


WSO2Mobile Store

• User subscription• Advanced search options• Mobile App sorting• Support for existing user stores• Single-Sign on



WSO2Mobile Publisher

• Allows publishing application

Created In-Review Published

Unpublished

Rejected


WSO2Mobile Publisher


Applications Supported Android Native, Hybrid Application (apk) Web Application Market Place Application (Google Play) (Free) iOS (iPhone, iPad) Native, Hybrid Application (ipa) (Need to have enterprise developer account) Web Application Apple Store Applications (Free) VPP Application


VPP Application• Apple supports VPP program to buy applications in

bulk• Enterprise enrolls • Buys app in bulk• Receives the redemption code• Uploads to MAM• Employees download applications, MAM provisions

the redemption code through MDM


How application is installed ?

• Employee logs to the store • Discovers the application • Installs the app to the device


• Role Based Application Installation & Uninstallation• User Based Application Installation & Uninstallation

• Policy Install Application Policy (Role, User , Platform) Black-List Application

Application Management Console




MDMDB

Adapter

iOS APNS Android GCM

MDM Console

Notification

iOS Android

App Mgmt Device Mgmt

MAMMAM Console

PublisherG-Reg

Store

User Store

MAM is tightly integrated with MDM


Thank You

Technology

WSO2Con US 2013 - Achieving Safe BYOD and Productive Apps with WSO2 Mobile Device Management and Mobile Application Management