Delivering a Standard Mobile

Operating Environment

Don Kerr : Business Solutions Marketing – Windows Mobile

Rick Anderson : Mobility Solution Sales

Agenda

1. The Mobile overview – industry, trends, market

2. Is Exchange Good Enough????

3. A Standard Mobile Operating Environment

4. What is the business opportunity for Partners?

5. Resources

Market Shifting Beyond Messaging

• Fastest growth in rich mobile scenarios beyond e-mail

– Corporate data access and mobile LOB grows 5.4x from 2006–2011

– Messaging-only grows 2.3x in the same time period– 27% of global workforce mobile by 2009 *IDC

Note: Sizing based on support for Microsoft solutions. Source: MED Finance analysis and industry reports

Corporate data access and mobile LOB

Corporate data access and mobile LOB

Mobile Messaging

Mobile Messaging

6.3 MM

3.6 MM

0.9 MM

14.7 MM

19.8 MM

4.5 MM

2006 2011

Growth of the mobile client

18.6%Mobile PCs

5.8%Mobile Phones

3.9%Desktop PCs

34.1%Converged

Mobile Phones

Source: Gartner Dataquest, and IDC 2006

245 Million Converged

Devices by 2010

Shift in “User Type” of Mobile Devices

Segment Distribution Shifts : 2006 vs. 2008

2006 Segmentation2008 Segmentation

Po

wer U

sers

Practi

cal

Users

Co

mm

un

icato

rs

Min

imali

sts

Note: Comparison only done among countries surveyed in both 2006 and 2008 – US, W. Europe, Japan & China.

IMPROVE USER

PRODUCTIVITY AWAY

FROM THE DESK

THROUGH MOBILE

ACCESS TO:

- Messaging

- Documents

- Search

DRIVE BUSINESS

RESPONSIVENESS

WHILE AWAY FROM THE

DESK THROUGH

MOBILE ACCESS TO:

- Mobile Forms &

Portals

- Business Intelligence

& Reporting

- Custom Mobile Apps

Mobile Solution Progress

Fundamental

• Provides the fundamental solution

that empowers mobile workers with

adaptable infrastructure and

departmental applications

• Enables mobile access to data

• Provides efficient data management

and integrated search capabilities to

mobile devices

Comprehensive

• Extends mobile access to

communication and collaboration

tools

• Enhances process participation away

from the desk

• Improves mobile access to data

reporting and analysis tools

Leading

• Streamlines mobile access to corporate

data

• Enables seamless communication and

collaboration with external partners

from mobile devices

• Enables mobile access to enterprise-

wide reporting and analysis tools

Exchange is GOOD ENOUGH

Exchange ActiveSync Policies

Exchange Server Standard CAL

Sync

• Configure message formats

(HTML or plain txt)

• Include past email items

• Email body truncation size

• HTML email body truncation size

• Include past calendar items

(Duration)

• Require manual sync while

roaming

• Allow attachment download

• Maximum attachment size

Authentication

• Minimum number of complex

characters

• Enable password recovery

• Allow simple password

• Password Expiration (Days)

• Enforce password history

• Windows file share access

• Windows SharePoint access

• Minimum password length

• Timeout without user input

• Require password

• Require alphanumeric password

• Number of failed attempts

• Policy refresh interval

• Allow Non-provisionable devices

Encryption

• Require signed SMIME messages

• Require encrypted SMIME

messages

• Require Signed SMIME algorithm

• Require encrypted SMIME

algorithm

• Allow SMIME encrypted algorithm

negotiation

• Allow SMIME SoftCerts

• Device encryption

• Encrypt storage card

Color Key

Exchange 2007 SP1

Exchange 2007 RTM

Exchange 2003 SP2

Exchange ActiveSync Policies

Exchange Server Enterprise CAL

Device Control

Disable desktop ActiveSync

Disable removable storage

Disable camera

Disable SMS and any MMS text messaging

Network Control

Disable Wi-Fi

Disable Bluetooth

Disable IrDA

Allow internet sharing from device

Allow desktop sharing from device

Application Control

Disable POP3/IMAP4 email

Allow consumer email

Allow browser

Allow unsigned applications

Allow unsigned CABs

Application allow list

Application block list

Color Key

Exchange 2007 SP1

Exchange 2007 RTM

Exchange 2003 SP2

Who is in control??

It seems that smart phones have too many security risks

and could jeopardize our enterprise

“Who will tell the CEO to

give up their smart phone?”

=

Common Criteria Evaluation for Windows

Mobile

• Windows Mobile has been awarded the Common Criteria

Evaluation Assurance Level 2+ (EAL2+) for:

– Windows Mobile 5.0 with MSFP

– Windows Mobile 6

• Certification lab is Stratsec, Canberra, Australia

• http://www.dsd.gov.au/infosec/evaluation_services/epl/epl

.html

Introducing: System Center Mobile Device

Manager 2008

End User Experience

John

Gateway/VPN

Server

Enrollment & Device

Management Server

Corporate

Resources

Standard Mobile Operating Environment

• Integration with existing Microsoft Technologies– Active Directory, Group Policy, WSUS, Windows Server, SQL, CA

– Exchange not mandatory

• No duplication of management effort

• No Single Point of Failure (NOC)

• Customer controls end to end security

Business Opportunity for Partners

• Revenue

• Driving alignment with Core IO progress

• Mobile Device Manager SI Certification

Secure Mobile Messaging Only

Mobile messaging with high security due to regulatory compliance issues or internal security policies

Key Messages

Security management

Integration with AD/GP

Inventory and reporting

Standard Mobile Operating Environment

“SWEET spot” is…

Applications, Documents, Data

Rich applications for task workers using ruggedized handhelds with no requirement for mobile messaging

Key Messages

Mobile VPN

OTA software distribution

Rich inventory and reporting

App allow/deny

Apps, Docs, Data & Messaging

Rich or lightweight LOB applications. Could also include high security requirements mobile messaging

Key Messages

Mobile VPN

Advanced DM features

Security management

Breadth Messaging Only

Mobile messaging/PIM withlowest TCO and baseline securityand manageability

Key Message

Exchange Standard CAL is “good enough”

Exchange Ent. CAL for device management

Product Offerings

Offering Category License Offering Net Price (Select

C level)

Microsoft Systems Center

Mobile Device Manager

2008 (MDM 2008)

MDM 2008 Server License $1500

MDM 2008 User Client Access License

(CAL)

$40

MDM 2008 Device Client Access License

(CAL)

$40

Microsoft Systems Center

Mobile Device Manager

2008 with Microsoft SQL

Server 2005 Technology

(MDM 2008 with SQL)

MDM 2008 with SQL Server License $2122

MDM 2008 with SQL User Client Access

License (CAL)

$40

MDM 2008 with SQL Device Client Access

License (CAL)

$40

B S R/A D

FU

ND

AM

EN

TA

L

Security & Networking

Identity & Access Mgmt

Desktop, Device & Server

Mgmt

Data Protection & Recovery

IT & Security Process

CO

MP

RE

HE

NS

IVE Security & Networking

Identity & Access Mgmt

Desktop, Device & Server

Mgmt

Data Protection & Recovery

IT & Security Process

LE

AD

ING

Security & Networking

Identity & Access Mgmt

Desktop, Device & Server

Mgmt

Data Protection & Recovery

IT & Security Process

Secure, remote access, server isolation for directory and e-mail server. Secure wireless networking.

Directory tools for central administration. Information protection infrastructure.

Mobile device provisioning, security policy provisioning for mobile devices, remote wipe, and policy enforcement for mobile devices.

Remotely manage devices and enforce corporate IT policy “over the air,” remote synchronization.

CORE IO MAPPING

Secure, remote access. Server isolation for directory and e-mail server. Secure wireless networking.

Directory tools for central administration. Information protection infrastructure.

Certificate provisioning and authorization for mobile devices and Web apps

Remote synchronization. Backup and restore on servers.

Quarantine for desktops and devices. SIP for secure communication through presence.

Federated identity management across organizational and platform boundaries.

Standard mobile OS, apps push, access to LOB apps, patch management for devices, bootstrapping, and asset management for mobile devices.

Backup restore on all servers & mobile device data.

Streamlined security management, all security processes and policies are in place.

The Business Opportunity for SIs

• Mobile device management should be an integral part of any enterprise IT infrastructure

• MDM is a complex product for businesses to deploy

• Microsoft can help SIs become MDM-certified

Mobile Device Manager SI

Certification Requirements

* If available

Internal deployment of

Mobile Device Manager

Evidence of Mobility

practice

Creation of Mobile

Device Manager Partner

Solution Plan

MDM 400-level

training

Next Steps

• Deploy SCMDM inside your organisation

• MDM evaluation: 120 trial version– http://technet.microsoft.com/en-au/evalcenter/cc339027.aspx

• Brightpoint– Device offers @ APC

– Device Customisation service

• Loan/Seed devices– Trial a Treo

www.palm.com/au/trytreo

• Mobility Competency– https://partner.microsoft.com/global/productssolutions/mobility

• Significant/strategic opp engagement with MS– Rick “Batman” Anderson

– Peter “Robin” Brown

Partner Readiness

• SCMDM Tech Center

http://technet.microsoft.com/en-us/scmdm/default.aspx

• MDM Resource Kit Tools

http://technet.microsoft.com/en-au/scmdm/cc304591.aspx

• Partner Sales Resources– General: https://partner.microsoft.com/partnersaleresources

– MDM Specific: https://partner.microsoft.com/Australia/40050861?PS=95000124

Architecture Guidance & Whitepapers

• Configuring External and Internal Firewalls in Mobile

Device Managerhttp://technet.microsoft.com/en-us/library/cc645153(TechNet.10).aspx

• Integrating Mobile Device Manager with Existing Web

Sites or SharePoint Serverhttp://technet.microsoft.com/en-us/library/cc678152(TechNet.10).aspx

• Integrating Mobile Device Manager with Microsoft

Exchange Serverhttp://technet.microsoft.com/en-us/library/cc645161(TechNet.10).aspx

• Integrating Mobile Device Manager with Office

Communications Serverhttp://technet.microsoft.com/en-us/library/cc664624(TechNet.10).aspx