Presentation is loading. Please wait.

Presentation is loading. Please wait.

Apps Users Data Devices Mobile Device Management Unify your environment On-premises and cloud-based management of devices within a single console.

Published byJoanna Bryan Modified over 9 years ago

Similar presentations

Presentation on theme: "Apps Users Data Devices Mobile Device Management Unify your environment On-premises and cloud-based management of devices within a single console."— Presentation transcript:

1

2

3

4 Apps Users Data Devices

5 Mobile Device Management Unify your environment On-premises and cloud-based management of devices within a single console. Simplified, user-centric application management across devices Comprehensive settings management across platforms, including certificates, VPNs, and wireless network profiles Enable users Access to company resources consistently across devices Simplified registration and enrollment of devices Synchronized corporate data Protect your data Protect corporate information by selectively wiping apps and data from retired/lost devices A common identity for accessing resources on-premises and in the cloud Identify which mobile devices have been compromised √

6 PC Security Data protection through device lockdown (Group Policy, app mgmt., OSD, compliance) Hardening devices against attack (patch, anti-malware, etc.) Early Mobile security Device Policies tied to Mailbox PIN Encryption Device restrictions Full wipe of device MDM Mobile Device Management Granular device policy controls Provision access to corp resources (Email, VPN etc) Selective wipe MAM Mobile application management: Corporate data containerization Per application policy restrictions Compliance based access control to corporate resources

7 On Premise SharePoint On Premise File Server

8

9

10

11

12

13

14

15

16

17

18

19

20 Require Password Allow Diagnostic Data Submission (i.e. Google Crash Reports) Allow Removable Storage Minimum Password LengthAllow Google BackupAllow Wi-Fi No. of repeated sign-in failures allowed before device is wiped Allow web browserAllow Geolocation Minutes of inactivity before screen turns off Allow AutofillAllow NFC Password Expiration in daysAllow pop up blockerAllow voice roaming Remember Password HistoryAllow active scripting (i.e. Javascript)Allow Data Roaming Prevent reuse of previous passwords (only if remember password history is on) Allow Fraud WarningAllow voice assistant Password QualityAllow CookiesAllow voice dialing Require EncryptionAllow Application StoreAllow copy/paste Allow CameraAllow video conferencingAllow Bluetooth Allow Screen CaptureRequire encryption on storage cards Allow Clipboard Share between applications

21

22 Screen CaptureDisable Internet Explorer File encryption on mobile deviceDisable USB sync Allow simple passwordDisable WiFi Alphanumeric Password requiredNear field communication (NFC) Idle time before mobile device is locked (minutes) Prevent user initiated un-enrollment/ disable PC settings Minimum complex characters Removable storage (Any external storage device) Minimum password length (characters)Disable Application Store Number of failed logon attempts before device is wiped Disable Internet Sharing over WiFi (Tethering) Number of passwords rememberedDisable Wi-Fi Offloading Password complexityWi-Fi Hotspot reporting Password expiration in days Disable Custom Email Account (all or nothing) Blue ToothAllow Microsoft Account

23

24 PlatformRemote Lock iOSSupported AndroidSupported Windows Phone 8Not Supported Windows RT 8.1 and Windows RTSupported Windows 8.1Supported

25 PlatformPasscode Reset iOSSupported for clearing the passcode from a device. Does not create a new temporary passcode. AndroidSupported and a temporary passcode is created. Windows Phone/WindowsNot Supported

26

27

28

29 Windows 8.1 (x86/RT OMA-DM managed) Windows 8 RTWindows Phone 8iOSAndroidKNOX Full Wipe Selective Wipe Email (Mail App) Company apps and data Apps uninstalled. Sideloading keys removed. Data removed. Sideloading keys removed but apps remain installed. Uninstalled and data removed. Apps and data remain installed. Uninstalled and data removed VPN and Wi-Fi profiles Removed.Not applicable. Removed. VPN: Not applicable. WiFi: Removed VPN: Not applicable. Wi-Fi: Removed CertificatesRemoved and revoked.Not applicable. Removed and revoked. Revoked. SettingsRequirements removed. Requirements Removed. Management Client Not applicable. Management agent is built-in. Management profile is removed. Device Administrator privilege is revoked.

30

31 Protected Corporate Email and Collaboration Secure access to email and corp resources Access email and documents only if device is managed Deny access if device falls out of compliance Deploy certificates to Wi-Fi, VPN & Email profiles Provide access to internal resources via per-app VPN Mobile App & Data Protection Contain corporate data to corporate apps and services Push, publish and uninstall apps centrally Provision iOS managed apps and accounts Wrapper for protected internal LoB apps Protected web browser, PDF, audio, video Selective wipe for managed apps and documents

32

33

34 Azure AD EAS Client Office 365 EAS Service Intune Attempt email connection 1 Is Device Managed & Compliant 2 Quarantine If not compliant, Push device into quarantine 4 Set device management/ compliance status 6 Solution architecture – Secure email in O365 Who does what? Intune: Evaluate policy compliance for device Azure AD: Auth user, provide device compliance status Exchange Online: Enforces access to email based on device state. Return Device state 3 Enrollment / Compliance Remediation 5 Quarantine email with remediation steps Link to enroll device/Compliance Remediation steps 7 If compliant, email access is granted

35 EAS Client On Prem Exchange Server Intune Attempt email connection 2 Quarantine If not managed, Push device into quarantine 3 Solution architecture – Secure email in On Prem Exchange Server Who does what? Intune: Evaluate and manage device state Exchange Server: Provides API and infrastructure for quarantine 5 Allow managed device Block non Managed devices 1 Device Enrollment 4 Quarantine email with remediation steps Link to enroll device 6 If managed, email access is granted

36

37

38

39

40

41

42

43

44 Native E-mail Secure Browser LoB app Windows Intune Azure RMS Azure AD

45

46

47 Mobile Device Management Review Unify your environment On-premises and cloud-based management of devices within a single console. Simplified, user-centric application management across devices Comprehensive settings management across platforms, including certificates, VPNs, and wireless network profiles Enable users Access to company resources consistently across devices Simplified registration and enrollment of devices Synchronized corporate data Protect your data Protect corporate information by selectively wiping apps and data from retired/lost devices A common identity for accessing resources on-premises and in the cloud Identify which mobile devices have been compromised √

48 Hybrid Identity Management Mobile Device Management Data Protection Group management & Self Service Password Reset Security audit reports & MultiFactor Authentication Connection between AD / Azure AD Information protection Connection to on-premises assets Mobile device settings management Mobile app management Selective wipe Enterprise Mobility Suite Enterprise Agreement Prices starting at $4 per user per month* * Limited time EA Level A promo pricing. Requires 250 seat minimum purchase and underlying CAL Suite license (CoreCAL/ECAL/BridgeCAL) EMS will enable customers with:

49 SessionTitleTimeslot FDN02Enabling Enterprise Mobility with Windows Intune, Microsoft Azure, and Windows ServerMonday, May 12 11:00 AM - 12:00 PM PCIT-B212Design Considerations for BYODTuesday, May 13 10:15 AM - 11:30 AM PCIT-B213Access Control in BYOD and Directory Integration in a Hybrid Identity InfrastructureWednesday, May 14 3:15 PM - 4:30 PM PCIT-B310Empowering Your Users and Protecting Your Corporate DataMonday, May 12 1:15 PM - 2:30 PM PCIT-B313Hybrid Identity: Extending Active Directory to the CloudMonday, May 12 4:45 PM - 6:00 PM PCIT-B314Understanding Microsoft’s BYOD Strategy and an Introduction to New Capabilities in Windows Server 2012 R2 Tuesday, May 13 8:30 AM - 9:45 AM PCIT-B321Deploying the New RMS for Cloud-Friendly and Cloud-Reluctant CustomersTuesday, May 13 5:00 PM - 6:15 PM PCIT-B322Deploying and Managing Work FoldersWednesday, May 14 10:15 AM - 11:30 AM PCIT-B324How to Rapidly Design and Deploy an Active Directory Federation Services Farm: The Do's and the Don'ts Wednesday, May 14 8:30 AM - 9:45 AM PCIT-B326Providing SaaS Single Sign-on with Microsoft Azure Active DirectoryThursday, May 15 10:15 AM - 11:30 AM PCIT-B327Introducing Web Application Proxy in Windows Server 2012 R2: Enable Work from Anywhere Wednesday, May 14 3:15 PM - 4:30 PM PCIT-B328Microsoft Identity Manager vNext OverviewWednesday, May 14 5:00 PM - 6:15 PM PCIT-B330Active Directory + BYOD = Peace of MindThursday, May 15 8:30 AM - 9:45 AM

50 CodeTitleTime FDN02Enabling Enterprise Mobility with Windows Intune, Microsoft Azure, and Windows ServerMon, May 12 11:00 AM PCIT-B311What's New in Enterprise Management with Microsoft System Center Configuration Manager and Windows IntuneMon, May 12 1:15 PM PCIT-B215What's New in Microsoft System Center 2012 R2 Configuration Manager InfrastructureMon, May 12 3:00 PM PCIT-B410Microsoft System Center 2012 Configuration Manager: MVP Experts PanelMon, May 12 4:45 PM PCIT-B216Infrastructure Deployment for Mobile Device Management with Microsoft System Center Configuration Manager and Windows Intune Tue, May 13 8:30 AM PCIT-B317Enrollment and Management of Mobile Devices with Microsoft System Center Configuration Manager and Windows IntuneTue, May 13 1:30 PM PCIT-B320Microsoft System Center Configuration Manager Community JewelsTue, May 13 5:00 PM PCIT-B323Application Management with Microsoft System Center Configuration Manager and Windows IntuneWed, May 14 8:30 AM PCIT-B325Protecting Your Corporate Data with Microsoft System Center Configuration Manager and Windows IntuneWed, May 14 10:15 AM PCIT-B340What’s New with OS Deployment in Configuration Manager and the Microsoft Deployment ToolkitWed May 14 5:00 PM PCIT-B336Managing Mac OS X Clients and Linux Servers Using Microsoft System Center Configuration ManagerThu May 15 8:30 AM PCIT-B339How Microsoft IT Manages Their Microsoft System Center Configuration Manager Application Lifecycle with Zero TouchThu, May 15 10:15 AM PCIT-B333How Microsoft IT Solves BYOD Using Microsoft System Center 2012 R2 Configuration Manager and Windows IntuneThu, May 15 1:00 PM

51 CodeTitleTime PCIT-IL200Introduction to Microsoft System Center 2012 R2 Configuration ManagerMon, May 12 3:00 PM Wed, May 14 5:00 PM PCIT-IL201Upgrading from Configuration Manager 2012 SP1 to Microsoft System Center 2012 R2 Configuration ManagerThu, May 15 10:15 AM PCIT-IL300Deploying Windows 8.1 to Bare Metal ClientsWed, May 14 1:30 PM Thu, May 15 1:00 PM PCIT-IL305Basic Software Distribution with Microsoft System Center 2012 R2 Configuration ManagerTue, May 13 5:00 PM Wed, May 14 3:15 PM PCIT-IL306Implementing Endpoint Protection in Microsoft System Center 2012 R2 Configuration ManagerTue, May 13 10:15 AM Thu, May 15 8:30 AM PCIT-IL307Managing Microsoft Software Updates in Microsoft System Center 2012 R2 Configuration ManagerTue, May 13 1:30 PM Wed, May 14 8:30 AM PCIT-IL308Migrating from Configuration Manager 2007 to Microsoft System Center 2012 R2 Configuration ManagerWed, May 14 10:15 AM

52 CodeTitle PCIT-H302Deploying a Microsoft System Center 2012 R2 Configuration Manager Hierarchy PCIT-H303Deploying Microsoft System Center 2012 R2 Configuration Manager PCIT-H304Deploying Windows 8.1 to Bare Metal Clients PCIT-H309Implementing App-V 5.0 in Microsoft System Center 2012 R2 Configuration Manager PCIT-H310Implementing Endpoint Protection in Microsoft System Center 2012 R2 Configuration Manager PCIT-H311Implementing Linux Clients in Microsoft System Center 2012 R2 Configuration Manager PCIT-H312Implementing Role-Based Administration in Microsoft System Center 2012 R2 Configuration Manager PCIT-H314Managing Clients with Microsoft System Center 2012 R2 Configuration Manager PCIT-H315Managing Content in Microsoft System Center 2012 R2 Configuration Manager PCIT-H316Managing Software Updates in Microsoft System Center 2012 R2 Configuration Manager

53 www.microsoft.com/learning http://microsoft.com/msdn http://microsoft.com/technet http://channel9.msdn.com/Events/TechEd

54

55

56

Download ppt "Apps Users Data Devices Mobile Device Management Unify your environment On-premises and cloud-based management of devices within a single console."

Similar presentations

Copyright © 2012 AirWatch, LLC. All rights reserved. Proprietary & Confidential. Mobile Content Strategies and Deployment Best Practices.

Copyright © 2012 AirWatch, LLC. All rights reserved. Proprietary & Confidential. Mobile Content Strategies and Deployment Best Practices.
Identity Manager vNext

Identity Manager vNext
Windows 8.1 Device Management With Windows Intune Mark O’Shea MVP Windows Expert – IT Pro 30 June 2014.

Windows 8.1 Device Management With Windows Intune Mark O’Shea MVP Windows Expert – IT Pro 30 June 2014.
Enterprise Mobility Platform Microsoft Differentiation Managed Mobile Productivity Layered Protection Hybrid Solutions Office 365DynamicsWorkday.

Enterprise Mobility Platform Microsoft Differentiation Managed Mobile Productivity Layered Protection Hybrid Solutions Office 365DynamicsWorkday.
Building and Deploying Safe and Secure Android Apps for Enterprise Presented by Technology Consulting Group at Endeavour Software Technologies.

Building and Deploying Safe and Secure Android Apps for Enterprise Presented by Technology Consulting Group at Endeavour Software Technologies.
Protect your data Enable your users Unify Your Environment DevicesAppsData Help organizations enable their users to be productive on the devices they.

Protect your data Enable your users Unify Your Environment DevicesAppsData Help organizations enable their users to be productive on the devices they.
SharePoint Server Exchange Server CORPORATE NETWORK Mobile devices PCs Browsers INTERNET DMZ Active Directory Policies Filter EAS Filter web access.

SharePoint Server Exchange Server CORPORATE NETWORK Mobile devices PCs Browsers INTERNET DMZ Active Directory Policies Filter EAS Filter web access.
Script Kiddies; CybercrimeCyber-espionage; Cyber-warfare CybercriminalsState sponsored actions; Unlimited resources Attacks on fortune 500All sectors.

Script Kiddies; CybercrimeCyber-espionage; Cyber-warfare CybercriminalsState sponsored actions; Unlimited resources Attacks on fortune 500All sectors.
Data Devices People 6.5B Wireless connections today >42% of global population owns smartphone by end of 2015 >50% User will go to tablet or smartphone.

Data Devices People 6.5B Wireless connections today >42% of global population owns smartphone by end of 2015 >50% User will go to tablet or smartphone.
Sessions about to start – Get your rig on!. Ash de Zylva.

Sessions about to start – Get your rig on!. Ash de Zylva.
Protect your data Enable your users Unify Your Environment DevicesAppsData Help organizations enable their users to be productive on the devices they.

Protect your data Enable your users Unify Your Environment DevicesAppsData Help organizations enable their users to be productive on the devices they.
4/17/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.

4/17/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.
What is Azure Multi-Factor Authentication? An Azure Identity and Access management service that prevents unauthorized access to both on- premises.

What is Azure Multi-Factor Authentication? An Azure Identity and Access management service that prevents unauthorized access to both on- premises.
Desktop virtualization Access & information protection Mobile device & application management Hybrid identity Simplified device enrollment and.

Desktop virtualization Access & information protection Mobile device & application management Hybrid identity Simplified device enrollment and.
4/17/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.

4/17/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.
4/17/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.

4/17/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.
Mobility is the new normal 52% of information workers across 17 countries report using three or more devices for work* 52% 90% of enterprises will have.

Mobility is the new normal 52% of information workers across 17 countries report using three or more devices for work* 52% 90% of enterprises will have.
Overview of Azure Active Directory for app access Integration with third party SaaS apps User provisioning and federation.

Overview of Azure Active Directory for app access Integration with third party SaaS apps User provisioning and federation.
Windows Server 2012 R2 Capabilities for BYOD Scenario Yuri Diogenes Senior Knowledge Engineer Data Center, Devices & Enterprise Client – CSI Team’s Page:

Windows Server 2012 R2 Capabilities for BYOD Scenario Yuri Diogenes Senior Knowledge Engineer Data Center, Devices & Enterprise Client – CSI Team’s Page:
Primary Site User Discovery Network Share Enrollment Point Enrollment Proxy Point Microsoft CA Management Point Distribution Point Domain username.

Primary Site User Discovery Network Share Enrollment Point Enrollment Proxy Point Microsoft CA Management Point Distribution Point Domain username.

Similar presentations

Ads by Google