Empowering people-centric IT Douglas Griffin Senior Consultant,
32 Slides8.26 MB
Empowering people-centric IT Douglas Griffin Senior Consultant, Steeves and Associates 28 May 2014
My First “Mobile” Device - 1985 Mobility has changed since 1985 29 pounds No battery – required power source Zilog Z80 microprocessor 64 kilobytes of RAM (why would anyone need more?) Two 5¼-inch double-density floppy-disk drives (plenty of storage) CP/M operating system And it cost around US 1,800.00
It started out manageable . . . . . . But gradually mushroomed
User s Devic es Realit What we y want Apps Data
“the end user gets the experience they want and IT gets the control that they want.” Satya Nadella
Mobility is the new normal 67% of the people who use a smartphone for work and 70% of people who use a tablet for work are choosing the devices themselves 905M tablets in use for work and home globally by 2017 FORRESTER RESEARCH BRING THE BUSINESS CASE FOR A BRING-YOUR-OWN-DEVICE (BYOD) PROGRAM, FORRESTER RESEARCH, INC., OCTOBER 23, 2012 FORRESTER RESEARCH 2013 MOBILE WORKFORCE ADOPTION TRENDS, FORRESTER RESEARCH, INC., FEBRUARY 4, 2013
People-centric IT Enable users Unify your environment Access to company resources consistently across devices Simplified registration and enrollment of devices Synchronized corporate data On-premises and cloud-based management of devices within a single console. Simplified, user-centric application management across devices Comprehensive settings management across platforms, including certificates, VPNs, and wireless network profiles Protect your data Protect corporate information by selectively wiping apps and data from retired/lost devices A common identity for accessing resources onpremises and in the cloud Identify which mobile devices have been compromised
People-centric IT Enable users Protect your data Unify your environme nt
Enable users To work across multiple devices With access to the apps and data they need While enjoying a consistent experience All through a single, verified identity
It all starts with a person
You know who people are 93% 12B Microsoft Microsoft of Fortune 500 use Active Directory Windows Azure Active Directory authentications per week
People are using multiple devices
Flexible access makes for happy users The focus is on productivity, not on abstract notions of ownership or IT standards. Indeed, 67 percent of the people who use a smartphone for work—and 70 percent of those who use a tablet for work—are choosing the device themselves and not necessarily thinking about whether the enterprise will support it. Forrester Research The state of workforce technology adoption: global benchmark 2012, Forrester Research, Inc., April 12, 2012 Cloud services Line of business apps Company self-service portal The logos above may be the property of their respective owners. SaaS apps Store apps
Microsoft MDM Platform Support “Modern” Platforms Windows 8 RT Windows Phone 8 (and 8.1) iOS (5.x, 6.x, 7.x) Android (2.3 via EAS) Android (4.0 via native agent) Windows 8.1 (x86/x64 and RT) Features fully integrated into ConfigMgr Over the air device enrollment Available user targeted applications User and device settings management Device inventory Remote device retirement Remove device wipe (full and selective) Company branding Web apps and remote apps Required application deployment VPN/Wi-Fi/certificate profiles Additional settings
Platform Support in ConfigMgr R2 OS Platform Windows 8.1 PC Management Agent ConfigMgr Agent Or Management Agent(OMA-DM) End User Experience Software Center/Application Catalog / ConfigMgr Company Portal app Windows Intune Company Portal app Windows PC (Win8,Win7,Vista,XP) ConfigMgr Agent Software Center/Application Catalog Windows RT Management agent (OMA-DM) Windows Company Portal app Windows Phone 8.x Management agent (OMA-DM) Windows Phone 8 Company Portal app iOS Apple MDM Protocol Native iOS Company Portal App Android Android MDM agent (OMA-DM) Native Android Company Portal App Mac ConfigMgr Agent Limited self service experience Linux/Unix ConfigMgr Agent N/A
Demo Configuration Manager with Windows Intune integration Windows Intune Connector Active Directory Sync ADFS Portal access
Enable users Enable users Protect your data Windows Intune Windows Server Microsoft System Center 2012 R2 Configuration Manager Windows Azure Unify your environme nt
Protect your data Enable users Protect your data Unify your environme nt
Protect your data IT can enforce protection of corporate assets Through secure access to apps and data With enforcement of strong authentication for sensitive information
Security and Compliance Settings Management ConfigMgr MP Baseline ConfigMgr Agent Assignment to collections Baseline drift ! Auto Remediate OR Create Alert (to Service Manager) Baseline Configuration Items Active Directory Script WMI XML SQL File Software Updates Registry MSI IIS Impr Copy Trigg Rich
Demo Configuration Management using Configuration Manager and Windows Intune Compliance Settings for mobile devices Remediation of non-compliant devices when appropriate
Selective Wipe Selective wipe removes corporate applications, data, Lost or Stolen certificates/profiles, and policies as supported by Retired each platform Lost or Stolen Enrollment Retired Users can access corporate data regardless of device or location with Work Folders for data sync and desktop virtualization for centralized applications. Personal Apps and Data Full wipe if supported by each platform Company Apps and Data Apps Can be executed byCompany ITandorData by user via Company Portal Sensitive data or applications can be kept off device Remote App and accessed via IT can provide a secure and familiar solution for users to access sensitive corporate data from anywhere with VDI and RemoteApp technologies. Personal Apps and Data Centralized Data Desktop Remote Remote App Policies Policies Services
Demo Selective Wipe Wipe corporate data and leave personal applications and data Wipe lost or stolen device completely
IT is empowered to protect company assets Corporate policy Variables Who What data Where What device Delivery options Additional controls Native app IT ADMIN Company self-service portal Remote app SaaS app Virtual Desktop (VDI) The logos above may be the property of their respective owners. Dynamic Access Control Rights Management Services Windows Azure Multi-Factor Authentication
Protect your data Enable users Protect your data Windows Intune Windows Server Microsoft System Center 2012 R2 Configuration Manager Windows Azure Unify your environme nt
Unify your environment Enable users Protect your data Unify your environme nt
Unify your environment Build on existing investments and resources While providing a single view across all devices To manage the experience at the user level And simplify IT
Demo Deploying Applications with Configuration Manager Application Model Deployment Types Requirements
PC management People-centric IT offers a single administrator console for unified device Mobile device management (MDM) is still a separate market, management but organizations are increasingly looking to use a single IT ADMIN vendor and management platform to support their PCs, Macs, and mobile devices. On-premises Mobile device management IT ADMIN IT ADMIN Cloud
People-centric IT offers a single administrator console for unified device Mobile device management (MDM) is still a separate market, but management organizations are increasingly looking to use a single vendor and IT ADMIN management platform to support their PCs, Macs, and mobile devices. On-premises and gives users a common identity and single sign-on experience. Cloud
Unify your environment Enable users Protect your data Windows Intune Windows Server Microsoft System Center 2012 R2 Configuration Manager Windows Azure Unify your environme nt
Next Steps Evaluate your environment Identity your needs Start your design http://www.steeves.net