The mobility space has seen dramatic change in the last few years.Imagine, a year and a half ago the iPad didn’t exist. Last year saw the explosion of apps, and this year we’re seeing businesses really get serious about mobile. With the bring your own device trend well underway, lots of organizations are using mobile to transform their business.
With that opportunity comes risk. The last decade has seen the security and IT world invest billions to get secure and compliant, but with mobile on the scene, all the security and compliance holes we spent the last decade fixing are opened back up. Three use cases we address at Zenprise are around mobile devices connecting to corporate over insecure networks, users exposing the organization to malicious or non-compliant apps by downloading those apps on the devices they use for work and play; and employees accessing confidential data from their mobile devices.
Enterprise mobility is changing. For the last couple of years, we’ve been talking about mobile in the context of bring-your-own-device programs and the consumerization of IT. Those conversations and programs, which are “core MDM”, are happening today, but there is another one also emerging: Organizations are using mobile to be more competitive and drive top-line growth.Aberdeen notes that “best in class” organizations are three times as likely to tie business process to users’ mobile devices. In addition to addressing mobility as a security liability, we’re thinking about it as a strategic initiative. This is “MDM 2.0”.
MDM 2.0 is already here. Organizations like these are using mobile to roll out game-changing apps and drive initiatives that change the way they do business.The British Library is using mobile to improve the experience and productivity of their employees by facilitating a BYOD program. Their goal is to take advantage of that installed base of user-owned devices to roll out corporate and productivity apps over time.Red Robin is using iPads across its chain of restaurants in North America to check in guests and let them know when their tables are ready. This leads to more table turns every day in every restaurant, increasing their asset utilization, which is a hard ROI project. Zenprise gives them a platform to roll out the apps, secure communications, and manage the devices across the stores. They’re also using Zenprise Mobile DLP to distribute training videos to store managers and recipes to kitchen staff. You may not think about a recipe as intellectual property, but it’s gold to Red Robin, and they need to make sure that those recipes don’t get out of the company’s control.Atlas Air, a leading global airfreight company, is arming its flight crews around the world with Samsung Galaxy Tablets. From their headquarters in New York, they’re able to manage the global flight crew schedule, wake up crewmembers around the world, and ensure compliance by making sure that crews are where they need to be at exactly the right time for their highly-complex and interdependent logistics business to work. They have onerous mobile and app availability requirements because each flight is not only subject to FAA and other regulations, but because they also have stringent partner SLAs that have hefty fines for non-compliance. The apps they roll out on the devices are absolutely mission critical, and they use Zenprise as their enterprise mobility platform.Finally, The Venetian is an example of a company whose enterprise mobility initiative is changing the way they do business. Among a host of iPad initiatives around the luxury hotel, their valets are equipped with iPods to help them optimize the valet process and improve the customer experience. When customers are ready to leave, the valet at the kiosk in front of the hotel uses an iPod with a barcode scanner attached, scans the customer’s ticket, and uses a third-party valet app to locate the car and alert the closest valet to bring it. They are dramatically cutting customer wait times from 20 minutes during peak times to just a few.The thing that’s common across these examples is that mobile is changing the way the organizations are doing business, they very often involve the roll-out and management of important or even mission-critical mobile apps, and they almost always produce a step-wise improvement in a business process that leads to real ROI.
And MDM 2.0 builds on that foundation, adding:Content security and collaboration. Secure distribution of files, and the ability to set usage policies about what users can and can’t do with them. We’ll be extending this to attachments.Web and intranet security. Secure access to corporate intranets from mobile devices without full-bore VPN.“Business-ready” third-party apps. Taking enterprise apps like Evernote, QuickOffice, and Dropbox, and making them business-ready by adding a wrapper of security, performance, and configuration with little or no involvement from the app developer.“Business-ready” custom apps. Making it easy for custom app developers to write apps that are business-ready by adding security, performance, and configuration with an SDK.
And MDM 2.0 builds on that foundation, adding:Content security and collaboration. Secure distribution of files, and the ability to set usage policies about what users can and can’t do with them. We’ll be extending this to attachments.Web and intranet security. Secure access to corporate intranets from mobile devices without full-bore VPN.“Business-ready” third-party apps. Taking enterprise apps like Evernote, QuickOffice, and Dropbox, and making them business-ready by adding a wrapper of security, performance, and configuration with little or no involvement from the app developer.“Business-ready” custom apps. Making it easy for custom app developers to write apps that are business-ready by adding security, performance, and configuration with an SDK.
Before we talk to you about our product and our areas of differentiation…it helps to get some context. It’s one thing for us to say that we’re unique and a leader. But it’s another when Gartner says so. In its Critical Capabilities report, Gartner ranked Zenprise number one and in the most recent Magic Quadrant, Zenprise is positioned as a Leader. Forrester has also given us a perfect score across the board for both our on-premise and cloud solutions.And we have more than a thousand customers who run their mobile enterprises on Zenprise.
We have four primary offerings: Zenprise MobileManager, our on premise MDM solution; Zencloud, which offers identical functionality in a globally-redundant, SAS-70 Type II, FISMA Moderate and Federal-compliant cloud infrastructure; Zenprise Mobile DLP, our secure content container and distribution capability, and a host of support, professional services, and training offerings to help you with your mobile goals.
As a baseline, your MDM solution should support your organization’s mobile devices over their lifecycle. This includes: Configuring devices and setting policies.Provisioning devices by having users self-service enroll, providing an enterprise app store, and delivering policies and apps over the air.Securing devices by configuring native security settings, blacklisting and whitelisting apps, locking apps, and securing data; Providing helpdesk functions, remote support, and troubleshooting; Monitoring and reporting on device, service, infrastructure, security, and compliance; and Decommissioning devices upon employee departure
Again going back to our Mobile Maturity Model, as we move from basic requirements into the more advanced territory of tighter security requirements or regulation, we help there too.Most of our competitors’ security story is around configuring thesecurity on the device, and it kind of stops there. This is necessary but not sufficient. Zenprise’s capabilities extend beyond the device to apps, the network, and data. A testimonial to this is that one of our medical device customers in the Southwest chose us because some of their users had mobile access to an application that contained some patient data that they needed to protect and they knew we had their back with our application and network security.Our competitors talk about being secure, but again, the devil is in the details. Do they have “always on” device compliance, and security beyond the device – at the app, network, and data layers?CLICK. Beyond configuring security on the device, we have what we call “always on” device compliance, which includes a pre-deployment compliance check, policy enforcement at the gateway, and the ability to differentiate between individually-liable and corporate-liable devices. This is unlike some of our competitors who can’t check device compliance, so non-compliant or even malware-infected devices can get enrolled onto and infect the network before the first policy is even deployed. Also, some don’t block on really basic things like blacklisted apps. Finally, some allow users to decline location services or even remove a profile from their device, which means that a single infected device can put the whole corporate network at risk. “Always on” device compliance is something we uniquely deliver.CLICK. Beyond some basic things like application blacklisting, whitelisting, and restricting apps or resources like iTunes or the Android Market (yes, we do it on Android too!), we have some really unique app security for Android and Windows Mobile, including app lock and kill, and something we call Mobile App Tunnels. Mobile App Tunnels are like VPNs but for an individual app, and encrypt and compress the app connection and data. One of our customers – a national railway in Europe – uses Mobile App Tunnels not just for security but also for transaction reliability. Mobile App Tunnels and this level of application security is absolutely unique to Zenprise – only we provide it.CLICK. On network security, let’s face it: your users are going to log in from insecure places. So we protect you by letting you either restrict access in certain circumstances or by helping you provision VPNs or Mobile App Tunnels. Something we do that our competitors don’t is provide Mobile Security Intelligence, or information about what mobile users are doing on your network. We integrate that data with your SIEM, so you can see things like mobile compliance violations and insider threats as part of your overall security visibility. Mobile Security Intelligence is absolutely unique to Zenprise – only we provide it.CLICK. Finally, we protect data at rest, in use, and in motion. Our mobile DLP feature is kind of like Dropbox for mobile, but with enterprise controls. We let you securely distribute sensitive files to a secure doc container, synchronizefile changes across all users for version control, and let you block users from doing things like printing, saving, and emailing from the device. We integrate with content repositories starting with SharePoint. Mobile DLP is absolutely unique to Zenprise – only we provide it.Some of these features are basic, some advanced. But together they make for a pretty comprehensive and differentiated security and compliance story.