1) The document discusses how organizations can achieve safe BYOD (Bring Your Own Device) programs and productive mobile apps using WSO2Mobile MDM and MAM.
2) It explains that WSO2Mobile MDM allows enforcing policies like device restrictions, authentication, blocking compromised devices, and BYOD policies to ensure security.
3) It also discusses how WSO2Mobile MAM provides an enterprise app store, publisher, and management console to easily provision apps to employees' devices and apply policies.
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
WSO2Con US 2013 - Achieving Safe BYOD and Productive Apps with WSO2 Mobile Device Management and Mobile Application Management
1. Achieving Safe BYOD and
Productive Apps with WSO2
Mobile Device Management and
Mobile Application Management
Sinnathamby Shanmugarajah (Shan)
WSO2Mobile
Director, Architecture
2. Achieving Safe BYOD using WSO2Mobile MDM
“Work is no longer seen as a place
rather seen as an activity independent
of location and specific technology”
3. Achieving Safe BYOD using WSO2Mobile MDM
Employees have started bringing their own device to work
• working even after work hours from home
• working even on the move
4. Achieving Safe BYOD using WSO2Mobile MDM
Some organizations openly give access to
their corporate network for email and
content sharing without any restrictions.
7. Achieving Safe BYOD using WSO2Mobile MDM
How to achieve safety using WSO2Mobile MDM ?
8. Achieving Safe BYOD using WSO2Mobile MDM
WSO2Mobile MDM
1. evice restrictions (OS Version)
D
2. uthentication
A
3. lock compromised device
B
4. YOD Policy
B
5. ompliance Monitoring
C
9. Achieving Safe BYOD using WSO2Mobile MDM
1. Device restrictions (OS and Version)
> Android 4.0.4
> iOS 5.0
10. Achieving Safe BYOD using WSO2Mobile MDM
2. Authentication
Authentication against enterprise user
store.
11. Achieving Safe BYOD using WSO2Mobile MDM
3. Block compromised Devices
• Before Enrolling - Blocking
• After Enrolling - Block and Enterprise WIPE
12. Achieving Safe BYOD using WSO2Mobile MDM
Why ?
Jailbreaking iOS device or Rooting Android is
the process of getting privileged access.
If allowed, all sensitive corporate information
can be exposed.
13. Achieving Safe BYOD using WSO2Mobile MDM
4. Policy Enforcing
WSO2Mobile MDM allows you to define BYOD policy
and make necessary action.
Based on
• Roles
• Specific User
• Platform
17. Achieving Safe BYOD using WSO2Mobile MDM
4b. BYOD Policy - Encrypt phone
(in iOS this is automatic when passcode policy is
applied)
Encrypts all your data (Both personal and Corporate)
18. Achieving Safe BYOD using WSO2Mobile MDM
5c. Data leaks
iCloud data backup
WSO2Mobile MDM disables this feature when an
enterprise application is pushed or installed from
the
19. Achieving Safe BYOD using WSO2Mobile MDM
5. Compliance Monitoring
• Monitors the status based on policy
• Take necessary action if violated
Warn
Block Access
Enterprise WIPE
23. Productive Apps with
WSO2Mobile MAM
Current situation
• Develop apps and host it in the respective platform
Public Market Place (Apple Store , Android Google
Play)
• App is exposed to public (Restrictions through
authentication)
• Discovering the application is not easy
24. Productive Apps with
WSO2Mobile MAM
Achieve productive apps
•
•
•
•
Own enterprise store
Unified store
Easy app discovery and provisioning
App policy
25. Productive Apps with WSO2 Mobile
Application Management
WSO2Mobile MAM
• Store
• Publisher
• Application Management Console
26. Productive Apps with WSO2 Mobile
Application Management
WSO2Mobile Store
•
•
•
•
•
User subscription
Advanced search options
Mobile App sorting
Support for existing user stores
Single-Sign on
30. Productive Apps with WSO2Mobile
MAM
Applications Supported
Android
Native, Hybrid Application (apk)
Web Application
Market Place Application (Google Play) (Free)
iOS (iPhone, iPad)
Native, Hybrid Application (ipa)
(Need to have enterprise developer account)
Web Application
Apple Store Applications (Free)
VPP Application
31. Productive Apps with
WSO2Mobile MAM
VPP Application
• Apple supports VPP program to buy applications in
bulk
• Enterprise enrolls
• Buys app in bulk
• Receives the redemption code
• Uploads to MAM
• Employees download applications, MAM provisions
the redemption code through MDM
32. Productive Apps with
WSO2Mobile MAM
How application is installed ?
• Employee logs to the store
• Discovers the application
• Installs the app to the device
33. Productive Apps with
WSO2Mobile MAM
Application Management Console
• Role Based Application Installation & Uninstallation
• User Based Application Installation & Uninstallation
• Policy
Install Application Policy (Role, User , Platform)
Black-List Application
36. Productive Apps with
WSO2Mobile MAM
MAM is tightly integrated with
MDM
Publisher
G-Reg
Store
MAM
User
Store
DB
MAM Console
iOS APNS
Android GCM
Notification
App Mgmt
iOS
MDM
Device Mgmt
Adapter
Android
MDM
Console