Transcript Standard Mobile Operating Environment

Delivering a Standard Mobile
Operating Environment
Don Kerr : Business Solutions Marketing – Windows Mobile
Rick Anderson : Mobility Solution Sales
Agenda
1.
2.
3.
4.
5.
The Mobile overview – industry, trends, market
Is Exchange Good Enough????
A Standard Mobile Operating Environment
What is the business opportunity for Partners?
Resources
Market Shifting Beyond Messaging
• Fastest growth in rich mobile scenarios beyond e-mail
– Corporate data access and mobile LOB grows 5.4x from
2006–2011
– Messaging-only grows 2.3x in the same time period
– 27% of global workforce mobile by 2009
*IDC
2011
2006
19.8 MM
6.3 MM
0.9 MM
Mobile
Messaging
3.6 MM
Corporate data
access and
mobile LOB
Mobile
Messaging
14.7 MM
Note: Sizing based on support for Microsoft solutions. Source: MED Finance analysis and industry reports
Corporate
data access
and mobile
LOB
4.5 MM
Growth of the mobile client
34.1%
245 Million Converged
Devices by 2010
Converged
Mobile Phones
18.6%
Mobile PCs
3.9%
Desktop PCs
5.8%
Mobile Phones
Source: Gartner Dataquest, and IDC 2006
Shift in “User Type” of Mobile Devices
2006 Segmentation
2008 Segmentation
Minimalists Communicators
Practical
Users
Power Users
Segment Distribution Shifts : 2006 vs. 2008
Note: Comparison only done among countries surveyed in both 2006 and 2008 – US, W. Europe, Japan & China.
Mobile Solution Progress
DRIVE BUSINESS
RESPONSIVENESS
WHILE AWAY FROM THE
DESK THROUGH
MOBILE ACCESS TO:
IMPROVE USER
PRODUCTIVITY AWAY
FROM THE DESK
THROUGH MOBILE
ACCESS TO:
- Mobile Forms &
Portals
- Business Intelligence
& Reporting
- Custom Mobile Apps
- Messaging
- Documents
- Search
Fundamental
Comprehensive
Leading
• Provides the fundamental solution
that empowers mobile workers with
adaptable infrastructure and
departmental applications
• Enables mobile access to data
• Provides efficient data management
and integrated search capabilities to
mobile devices
• Extends mobile access to
communication and collaboration
tools
• Enhances process participation away
from the desk
• Improves mobile access to data
reporting and analysis tools
• Streamlines mobile access to corporate
data
• Enables seamless communication and
collaboration with external partners
from mobile devices
• Enables mobile access to enterprisewide reporting and analysis tools
Exchange is GOOD ENOUGH
Exchange ActiveSync Policies
Exchange Server Standard CAL
Sync
• Configure message formats
(HTML or plain txt)
• Include past email items
• Email body truncation size
• HTML email body truncation size
• Include past calendar items
(Duration)
• Require manual sync while
roaming
• Allow attachment download
• Maximum attachment size
Color Key
Exchange 2007 SP1
Exchange 2007 RTM
Exchange 2003 SP2
Authentication
• Minimum number of complex
characters
• Enable password recovery
• Allow simple password
• Password Expiration (Days)
• Enforce password history
• Windows file share access
• Windows SharePoint access
• Minimum password length
• Timeout without user input
• Require password
• Require alphanumeric password
• Number of failed attempts
• Policy refresh interval
• Allow Non-provisionable devices
Encryption
• Require signed SMIME messages
• Require encrypted SMIME
messages
• Require Signed SMIME algorithm
• Require encrypted SMIME
algorithm
• Allow SMIME encrypted algorithm
negotiation
• Allow SMIME SoftCerts
• Device encryption
• Encrypt storage card
Exchange ActiveSync Policies
Exchange Server Enterprise CAL
Device Control
Network Control
Disable desktop ActiveSync
Disable Wi-Fi
Disable removable storage
Disable Bluetooth
Disable camera
Disable IrDA
Disable SMS and any MMS
Allow internet sharing from
text messaging
device
Allow desktop sharing from
device
Color Key
Exchange 2007 SP1
Exchange 2007 RTM
Exchange 2003 SP2
Application Control
Disable POP3/IMAP4 email
Allow consumer email
Allow browser
Allow unsigned applications
Allow unsigned CABs
Application allow list
Application block list
Who is in control??
It seems that smart phones have too many security risks
and could jeopardize our enterprise
“Who will tell the CEO to
give up their smart phone?”
=
Common Criteria Evaluation for Windows
Mobile
• Windows Mobile has been awarded the Common Criteria
Evaluation Assurance Level 2+ (EAL2+) for:
– Windows Mobile 5.0 with MSFP
– Windows Mobile 6
• Certification lab is Stratsec, Canberra, Australia
• http://www.dsd.gov.au/infosec/evaluation_services/epl/epl
.html
Introducing: System Center Mobile Device
Manager 2008
End User Experience
Corporate
Resources
Gateway/VPN
Server
John
Enrollment & Device
Management Server
Standard Mobile Operating Environment
• Integration with existing Microsoft Technologies
– Active Directory, Group Policy, WSUS, Windows Server, SQL, CA
– Exchange not mandatory
• No duplication of management effort
• No Single Point of Failure (NOC)
• Customer controls end to end security
Business Opportunity for Partners
• Revenue
• Driving alignment with Core IO progress
• Mobile Device Manager SI Certification
Standard Mobile Operating Environment
“SWEET spot” is…
Secure Mobile Messaging Only
Mobile messaging with high security due to regulatory
compliance issues or internal security policies
Key Messages
Applications, Documents, Data
Rich applications for task workers using ruggedized
handhelds with no requirement for mobile messaging
Key Messages
Security management
Integration with AD/GP
Inventory and reporting
Breadth Messaging Only
Mobile messaging/PIM with
lowest TCO and baseline security
and manageability
Key Message
Exchange Standard CAL is “good enough”
Exchange Ent. CAL for device management
Mobile VPN
OTA software distribution
Rich inventory and reporting
App allow/deny
Apps, Docs, Data & Messaging
Rich or lightweight LOB applications.
Could also include high security
requirements mobile messaging
Key Messages
Mobile VPN
Advanced DM features
Security management
Product Offerings
Offering Category
License Offering
Microsoft Systems Center MDM 2008 Server License
Mobile Device Manager
MDM 2008 User Client Access License
2008 (MDM 2008)
(CAL)
MDM 2008 Device Client Access License
(CAL)
Microsoft Systems Center MDM 2008 with SQL Server License
Mobile Device Manager
2008 with Microsoft SQL
MDM 2008 with SQL User Client Access
Server 2005 Technology
License (CAL)
(MDM 2008 with SQL)
Net Price (Select
C level)
$1500
$40
$40
$2122
$40
MDM 2008 with SQL Device Client Access $40
License (CAL)
FUNDAMENTAL
B
S
R/A
D
CORE IO MAPPING
Security & Networking
Secure, remote access, server isolation for directory and e-mail server. Secure wireless
networking.
Identity & Access Mgmt
Directory tools for central administration. Information protection infrastructure.
Desktop, Device & Server
Mgmt
Mobile device provisioning, security policy provisioning for mobile devices, remote wipe, and
policy enforcement for mobile devices.
Data Protection & Recovery
Remotely manage devices and enforce corporate IT policy “over the air,” remote
synchronization.
LEADING
COMPREHENSIVE
IT & Security Process
Security & Networking
Secure, remote access. Server isolation for directory and e-mail server. Secure wireless
networking.
Identity & Access Mgmt
Directory tools for central administration. Information protection infrastructure.
Desktop, Device & Server
Mgmt
Certificate provisioning and authorization for mobile devices and Web apps
Data Protection & Recovery
Remote synchronization. Backup and restore on servers.
IT & Security Process
Security & Networking
Quarantine for desktops and devices. SIP for secure communication through presence.
Identity & Access Mgmt
Federated identity management across organizational and platform boundaries.
Desktop, Device & Server
Mgmt
Standard mobile OS, apps push, access to LOB apps, patch management for devices,
bootstrapping, and asset management for mobile devices.
Data Protection & Recovery
Backup restore on all servers & mobile device data.
IT & Security Process
Streamlined security management, all security processes and policies are in place.
The Business Opportunity for SIs
•
Mobile device management should
be an integral part of any enterprise
IT infrastructure
•
MDM is a complex product for
businesses to deploy
•
Microsoft can help SIs become MDMcertified
Mobile Device Manager SI
Certification Requirements
* If available
Evidence of Mobility
practice
Internal deployment of
Mobile Device Manager
MDM 400-level
training
Creation of Mobile
Device Manager Partner
Solution Plan
Next Steps
• Deploy SCMDM inside your organisation
• MDM evaluation: 120 trial version
– http://technet.microsoft.com/en-au/evalcenter/cc339027.aspx
• Brightpoint
– Device offers @ APC
– Device Customisation service
• Loan/Seed devices
– Trial a Treo
www.palm.com/au/trytreo
• Mobility Competency
– https://partner.microsoft.com/global/productssolutions/mobility
• Significant/strategic opp engagement with MS
– Rick “Batman” Anderson
– Peter “Robin” Brown
Partner Readiness
• SCMDM Tech Center
http://technet.microsoft.com/en-us/scmdm/default.aspx
• MDM Resource Kit Tools
http://technet.microsoft.com/en-au/scmdm/cc304591.aspx
• Partner Sales Resources
– General: https://partner.microsoft.com/partnersaleresources
– MDM Specific: https://partner.microsoft.com/Australia/40050861?PS=95000124
Architecture Guidance & Whitepapers
• Configuring External and Internal Firewalls in Mobile
Device Manager
http://technet.microsoft.com/en-us/library/cc645153(TechNet.10).aspx
• Integrating Mobile Device Manager with Existing Web
Sites or SharePoint Server
http://technet.microsoft.com/en-us/library/cc678152(TechNet.10).aspx
• Integrating Mobile Device Manager with Microsoft
Exchange Server
http://technet.microsoft.com/en-us/library/cc645161(TechNet.10).aspx
• Integrating Mobile Device Manager with Office
Communications Server
http://technet.microsoft.com/en-us/library/cc664624(TechNet.10).aspx