Upload
wso2
View
526
Download
3
Tags:
Embed Size (px)
Citation preview
Achieving Safe BYOD and Productive Apps with WSO2 Mobile Device Management and Mobile Application Management
Sinnathamby Shanmugarajah (Shan)WSO2Mobile
Director, Architecture
Achieving Safe BYOD using WSO2Mobile MDM
“Work is no longer seen as a place rather seen as an activity independent of location and specific technology”
Achieving Safe BYOD using WSO2Mobile MDM
Employees have started bringing their own device to work • working even after work hours from home • working even on the move
Achieving Safe BYOD using WSO2Mobile MDM
Some organizations openly give access to their corporate network for email and content sharing without any restrictions.
Achieving Safe BYOD using WSO2Mobile MDM
NOW ?
Achieving Safe BYOD using WSO2Mobile MDM
Biggest Challenge
1. Security Risk2. Remote Device Management
Achieving Safe BYOD using WSO2Mobile MDM
How to achieve safety using WSO2Mobile MDM ?
Achieving Safe BYOD using WSO2Mobile MDM
1.Device restrictions (OS Version)2.Authentication 3.Block compromised device 4.BYOD Policy 5.Compliance Monitoring
WSO2Mobile MDM
Achieving Safe BYOD using WSO2Mobile MDM
1. Device restrictions (OS and Version) > Android 4.0.4 > iOS 5.0
Achieving Safe BYOD using WSO2Mobile MDM
2. Authentication
Authentication against enterprise user store.
Achieving Safe BYOD using WSO2Mobile MDM
3. Block compromised Devices
• Before Enrolling - Blocking • After Enrolling - Block and Enterprise WIPE
Achieving Safe BYOD using WSO2Mobile MDM
Why ?
Jailbreaking iOS device or Rooting Android is the process of getting privileged access.
If allowed, all sensitive corporate information can be exposed.
Achieving Safe BYOD using WSO2Mobile MDM
4. Policy Enforcing
WSO2Mobile MDM allows you to define BYOD policy and make necessary action.
Based on• Roles • Specific User • Platform
Achieving Safe BYOD using WSO2Mobile MDM
Achieving Safe BYOD using WSO2Mobile MDM
Password Policy
Achieving Safe BYOD using WSO2Mobile MDM
4a. BYOD Policy - Password Policy
Password Policy enforced device
4b. BYOD Policy - Encrypt phone (in iOS this is automatic when passcode policy is applied)Encrypts all your data (Both personal and Corporate)
Achieving Safe BYOD using WSO2Mobile MDM
5c. Data leaks
iCloud data backup WSO2Mobile MDM disables this feature when an enterprise application is pushed or installed from the
Achieving Safe BYOD using WSO2Mobile MDM
5. Compliance Monitoring
• Monitors the status based on policy• Take necessary action if violated Warn Block Access Enterprise WIPE
Achieving Safe BYOD using WSO2Mobile MDM
Achieving Safe BYOD using WSO2Mobile MDM
Achieving Safe BYOD using WSO2Mobile MDM
Productive Apps with Mobile Application Management
Productive Apps with WSO2Mobile MAM
Current situation
• Develop apps and host it in the respective platform Public Market Place (Apple Store , Android Google Play)
• App is exposed to public (Restrictions through authentication)
• Discovering the application is not easy
Productive Apps with WSO2Mobile MAM
Achieve productive apps • Own enterprise store• Unified store• Easy app discovery and provisioning• App policy
Productive Apps with WSO2 Mobile Application Management
WSO2Mobile MAM
• Store • Publisher• Application Management Console
Productive Apps with WSO2 Mobile Application Management
WSO2Mobile Store
• User subscription• Advanced search options• Mobile App sorting• Support for existing user stores• Single-Sign on
Productive Apps with WSO2 Mobile Application Management
Productive Apps with WSO2Mobile MAM
WSO2Mobile Publisher
• Allows publishing application
Created In-Review Published
Unpublished
Rejected
Productive Apps with WSO2Mobile MAM
WSO2Mobile Publisher
Productive Apps with WSO2Mobile MAM
Applications Supported Android Native, Hybrid Application (apk) Web Application Market Place Application (Google Play) (Free) iOS (iPhone, iPad) Native, Hybrid Application (ipa) (Need to have enterprise developer account) Web Application Apple Store Applications (Free) VPP Application
Productive Apps with WSO2Mobile MAM
VPP Application• Apple supports VPP program to buy applications in
bulk• Enterprise enrolls • Buys app in bulk• Receives the redemption code• Uploads to MAM• Employees download applications, MAM provisions
the redemption code through MDM
Productive Apps with WSO2Mobile MAM
How application is installed ?
• Employee logs to the store • Discovers the application • Installs the app to the device
Productive Apps with WSO2Mobile MAM
• Role Based Application Installation & Uninstallation• User Based Application Installation & Uninstallation
• Policy Install Application Policy (Role, User , Platform) Black-List Application
Application Management Console
Productive Apps with WSO2Mobile MAM
Productive Apps with WSO2Mobile MAM
Productive Apps with WSO2Mobile MAM
MDMDB
Adapter
iOS APNS Android GCM
MDM Console
Notification
iOS Android
App Mgmt Device Mgmt
MAMMAM Console
PublisherG-Reg
Store
User Store
MAM is tightly integrated with MDM
Productive Apps with WSO2Mobile MAM
Thank You