An Introduction to MobileIron - Eltel Networks

Smart About Smart Devices:
An Introduction to MobileIron

Agenda: Smartphones in the enterprise
r
What are the core challenges?
How does MobileIron address them?
How does MobileIron work? (demo)
Q&A / next steps
MobileIron 2 -
9/21/2012
2

The mobile evolution continues
2007 Today 2013
• Touch wins
• Consumer wins
• Global IT will have
to support 3-5 OS
3

Today, the definition of “MDM” is expanding
MDM evaluation criteria (1)
Multi-OS (3+ OS, native support, common policy)
Viability and track record
Role-based controls
Administration
Configuration management
Security policy
Privacy policy
Enterprise integration
Business app store
Compliance audit
Certificates for application and network access
Policy exceptions
Jailbreak / root detection
Scalability
MDM server security
iOS MDM API access
Selective wipe of corporate data
Reflects evolution from:
Basic management
• Inventory tracking
• Security for lost devices (lock,
wipe, password, encryption)
• Basic configuration
(1) Vendor Evaluation Criteria from “Mobile Device Management 2010: A Crowd of Vendors Pursue Consumer Devices in the
Enterprise” Gartner, Inc. (Dec 17, 2010)
To
Mobile as strategic IT service
• Multi-OS
• Employee ownership
• Security for compromised
devices
• Apps and data explosion
4

Enterprises requirements are maturing …
In the
face of:
Security Lost device
Employee
Ownership
IT Efficiency
Apps
Phase 1:
Secure
User choice and rapid
fragmentation
Liability Data boundary Privacy
Single view
across OS
Compromised
device
Helpdesk cost
containment
Access
control
Phase 2:
Automate
Escalating complexity but
limited IT resource
Top of mind
User selfservice
Identity
Rogue app
protection
Events and
actions
Discovery &
distribution
Phase 3:
Innovate
Business demand and
shift in delivery platform
Variable risk
tolerance
Line-ofbusiness
enablement
Q4 2009 Q4 2010 Today
Q4 2011
Timeline
5

But many core mobile policies are ill-defined
User adoption
� Device choice and ownership – litmus test for acceptance
� Investment and priority of user experience
� Social contract between end-user and IT –
who leads, who follows?
Security and privacy
� Trust model (user, data, device)
� Liability in mixed ownership environments
� Location/activity monitoring – what? when? by whom?
� Variance by region, function, ownership
Application governance
� Role of the center vs. line-of-business
� Funding and development
� Rogue application control
� Support and end-of-life
6

Posture determines risk and consequence (example)
Risk-based security
Posture check Risk
Consequence
Out-of-policy app
Excess usage
Unsupported HW
Obsolete policy
Compromised OS
Encryption disabled
Low
Medium
High
Minor
(alert)
Moderate
(block access)
Major
(destroy data)
7

First role: Source of truth for mobile security
5
ecosystem
Posture detection for
access control
1
2
Data protection
• Archiving connector
• Data loss prevention connector
(future)
4
Baseline security
• Lock/wipe/password policy
• Feature lockdown
• Encryption monitor
• Secure connectivity
• [Anti-malware]
Posture
• Hardware, firmware versioning
• OS integrity, data security
• Application presence and permissions
• Policy status
3
Enterprise data boundary
• Privacy controls (what IT sees)
• Selective actions (what IT does)
• Identity (user, device) for apps
Traditional MDM
New MDM
Access control & remediation
• Notifications
• Email and app access control
• Data destruction
• Automated workflow
Agnostic to:
Anti-malware / AV
VPN
Encryption
Data loss prevention
eDiscovery
8

Control access: Authorize iPhones for corporate usage
�
�
�
�
�
iPhone in
Compliance?
YES
Request Allowed
User Request Attempts Denied, to Access Device Corporate not in
Allowed List E-mail for ActiveSync
ActiveSync
E-mail
9

Flexible deployment options
• Employee
BYOD
• Corporate
• IT
• Partner
• End user
Procur
e
device
Install
apps
Install
client
Registe
r device
• iOS &
Android
• IT
• Partner
• End user
10

MobileIron provides the enterprise back-end for iOS
Back-end management platform
Device-side
APIs and
services
iOS 3
iOS 4
Access control
Notifications
Int’l roaming detection
Service quality (user-driven)
In-house app mgmt
Installed app inventory
Recommendations
Enterprise data boundary
Certificate delivery
Inventory and detection
Zero-touch enforcement
Profile delivery
Profile creation
Cost and
quality
Application
lifecycle
Advanced
security
Policy and
settings
11

MobileIron: Next-generation mobile management
Data-centric platform purpose-built for multi-OS
Enterprise
services
Virtual data
architecture
Focus on
mobile data
Unique architecture enables new enterprise services
Secure and manage mobile
devices, data, apps
Work Personal
360
View of Mobile Data
Reduce wireless bills
Deliver services that
matter to end-users
Five sets of data
Context (location/quality)
Usage and Activity
Content
Applications
Device
MobileIron - Confidential 12

Two approaches to iPhone management
Email / PIM
Browser
Platform
WiFi / VPN
App1
Secure
Configure
Monitor
App2
…
Smartphone viewed by enterprise as
• Computing platform
• Extensible
• Multi-purpose
Preserves experience
Supports expansion of iPhone value
Email / PIM
Walled garden
Browser
WiFi / VPN
App1
App2
Secure
Configure
Monitor
…
Smartphone viewed by enterprise as
• Point device
• Static
• Single-purpose
Limits experience
Closed and unsustainable
13

Two approaches to iPhone management
Email / PIM
Browser
Platform
WiFi / VPN
App1
Secure
Configure
Monitor
App2
…
Smartphone viewed by enterprise as
• Computing platform
• Extensible
• Multi-purpose
Preserves experience
Supports expansion of iPhone value
Email / PIM
Walled garden
Browser
WiFi / VPN
App1
App2
Secure
Configure
Monitor
…
Smartphone viewed by enterprise as
• Point device
• Static
• Single-purpose
Limits experience
Closed and unsustainable
14

MobileIron: Company Overview
Bob Tinker
CEO
Suresh Batchu,
VP Engineering
John Donnelly,
VP, Sales
Experienced team
Mike McCarron
Sr Dir, Customer Success
Jeff Ratzlaff,
Sr Dir, Bus Development
Ojas Rege
VP Products & Marketing
Cisco, Airespace, Vertical Networks
Bus Dev, Sales, Product Mgmt
Nortel /Alteon
Engineering – Security/Data Center
Symantec, Vontu, Kana, Parametric
Sales – Enterprise SW and Security
Symantec, Vontu, Kana
Nokia Enterprise
BD, Channels, and Marketing
Yahoo Mobile, AvantGo/Sybase, ORCL
Product Management, Marketing
Tier 1 investors
Founded 2007
(Ser D $57M raised)
Early recognition
15

MobileIron Architecture – Standalone Sentry

MobileIron Connected Cloud (Hosted)
9/21/20
17

MobileIron Hosted Eval
9/21/20
18

MobileIron Architecture – Standalone Sentry w/ ISA
9/21/20
19

Stage one: Make the phone Enterprise-ready
OTA install:
Cellular or WiFi
Smartphone
Is Enterprise Ready
Policies
Applied
� Encryption /
password
� Lockdown
� Access control
� Privacy
� VPN, WiFi, etc.
MAI
MP@W
Apps Installed
and Config’d
�� Price Exchange Lists
�� Presentations
Internal LOB
apps
� Brochures
� External
� Media files
approved apps
Enterprise
Content
Delivered
� Price lists
� Presentations
� Brochures
� Media files
Mobile Activity Intelligence Activated
MyPhone@Work Activated
20

Full smartphone and data lifecycle with MobileIron
Provisioning
Over-the-Air (OTA)
Self Service
Compliance
Audit/ Logging SMS archiving e-discovery Regulatory
Asset Management
Multi-OS Inventory
System Details
Operational Status
Connection Status
Security and Policy
Connection & Config
Encryption
Cert distribution
Anti-virus and DLP*
Lost Phone
Lock and Wipe
Location Tracking
Selective Wipe
Content Visibility
Applications
Push and Publish
Enterprise App Store
Internal and 3 rd Party
Recommendations*
Content/Files
Push and Publish
Inventory
Mobile Access to PC*
Search and Share*
Help Desk
Activity
Usage Patterns
Service Quality
Location
Enterprise Sociograph
Event / Threshold Alerts
Privacy Settings
Across …
Voice, SMS, Data
Apps*, Files*, Web*
Employee- & Companyowned
Remote Access Recovery/Restore Trouble Spot Detection Broadcast SMS Safety
End of Life
Selective Wipe
Data Migration
* = future
releases of
MobileIron
21

Thank you
www.scanarmor.dk
www.mobileiron.com/info or
info@mobileiron.com
22