Upload
others
View
1
Download
0
Embed Size (px)
Citation preview
Enterprise Mobility Management Solu4ons
Copyright © 2013 AirWatch, LLC. All rights reserved. Proprietary & Confiden4al.
8,000 customers
150 countries
18 languages
1,500+ employees
About AirWatch
2
Leadership built Manha%an Associates (NASDAQ: MANH) to 2,000+ employees and $300+ million in revenue, $1 billion market cap with no outside capital
Largest EMM provider with 1,500+ employees, 450+ focused on R&D
Provides mobility solu4ons to 8,000+ global customers
Leaders in mobile security, device, applicaDon and content management across mul4ple plaTorms
Our Mission: Simplify Enterprise MobilityTM
Copyright © 2013 AirWatch, LLC. All rights reserved. Proprietary & Confiden4al.
Industry Recogni4on
3
Named INNOVATOR in Market Overviews, Q1, 2012: Cloud-‐Hosted Mobile Device Management Solu4ons and Managed Services On-‐Premise Mobile Device Management Solu4ons
CUSTOMER VALUE Enhancement Award Mobile Device Management, 2012
LATAM PROVIDER MEMBER of IAITAM (Interna4onal Associa4on of Informa4on Technology Asset Managers)
LEADER in 2013 Magic Quadrant for Mobile Device Management SoYware OUTSTANDING Score for Product Viability in 2013 CriDcal CapabiliDes Report for Mobile Device Management EXCELLENT Overall Score for Use Cases in 2013 CriDcal CapabiliDes Report for Mobile Device Management
Copyright © 2013 AirWatch, LLC. All rights reserved. Proprietary & Confiden4al.
Mobility Management PlaTorm
4
Devices Gain visibility and manage devices, configure secure access to corporate resources, enforce security policies and compliance, and wipe lost devices
Applica4ons Manage internal, public and purchased apps via an Enterprise App Catalog, and build custom internal apps with the AirWatch SDK and wrap apps for added security features
Security Ensure your enterprise mobility deployment is secure and corporate informa4on is protected at the user, device, applica4on, content, data and network levels
Content Secure distribu4on, promote collabora4on, and enable mobile access to documents in a corporate container through Secure Content Locker™
Email Manage devices accessing corporate email to prevent data loss, secure a^achments, encrypt sensi4ve data and enforce advanced compliance policies
Copyright © 2013 AirWatch, LLC. All rights reserved. Proprietary & Confiden4al.
Key Trends in the Evolu4on of Mobility
5
Past Present Future
82% using personal smartphones/tablets for business purposes
56% businesses are looking at mobility to improve produc4vity
Security infrastructure Compromised detec4on Device lock and wipe Passcode policy App distribu4on Email management IT influence
App SDK App Wrapping Content management BYOD IT infrastructure integra4on Granular privacy policies Legal influence
Systems consolida4on Business system integra4on Device, laptop, peripherals Content filtering Web gateways Law and regula4on influence
“For 25 years a one-‐size-‐fits-‐all approach to workforce technology worked just fine, but those days are fading fast”
Copyright © 2013 AirWatch, LLC. All rights reserved. Proprietary & Confiden4al.
The Founda4on for Your Mobility Strategy Now and in the Future
Integrated Mobility PlaTorm
6
Simplified user enrollment Dashboards and wizards
Device ownership flexibility Policy management Device configura4on
Corporate email, Wi-‐Fi, VPN networks Enterprise App Catalog
AirWatch Cloud Connector Mobile Content Management
Self-‐service Portal
Telecom policies
Mul4-‐user management SoYware Development Kit (SDK)
App Wrapping AirWatch Browser
Content collabora4on Mobile Access Gateway (MAG)
Secure email container Enterprise integra4on
Cer4ficate and PKI integra4on API integra4on
Core Advanced
Copyright © 2013 AirWatch, LLC. All rights reserved. Proprietary & Confiden4al.
Mobile Email Management
7
Standard Security Advanced Security
Configure Email profiles
Email sejngs
Cer4ficates
SSL security
Email compliance
Container for Email A%achments Open email a^achments in Secure Content Locker
Block email a^achments based on document file type
Prevent copy/paste of data from a^achments to 3rd party apps
Encrypt a^achments using AES 256-‐bit encryp4on
Wipe a^achment content from compromised devices
Separate Container for Email Enforce device and SD card encryp4on
Require password for access
Disable copy/paste from email text
Disable backup of data and sejngs EncrypDon
Access Control Discover unmanaged devices a^emp4ng to access email
Block unmanaged or compromised devices from
email access
Configure whitelists/blacklists based on email client, device model or opera4ng system
Copyright © 2013 AirWatch, LLC. All rights reserved. Proprietary & Confiden4al.
Seamless Integra4on with Enterprise Systems
8
Directory Services
Email Infrastructure
CerDficates and PKI
Corporate Networks
Content Repositories
SIEM
Copyright © 2013 AirWatch, LLC. All rights reserved. Proprietary & Confiden4al.
Users & Devices
Managed by North America IT Department
Geographies
Divisions
Mul4-‐tenancy
9
Global Bank ACME Bank
North America Asia
Corporate Insurance Corporate Investments
Managed by APAC
IT Department
Maintain control at a global level
APAC Enterprise Systems
North America Enterprise Systems
User 1 User 2 LOB 1 User 3 LOB 2
Copyright © 2013 AirWatch, LLC. All rights reserved. Proprietary & Confiden4al.
Compliance Engine
10
Build Policies Applica4on list Compromised status Encryp4on Model, OS version Passcode Roaming
Define EscalaDon Time based: • Minutes • Hours • Days Tiered ac4ons Repeat ac4ons
Specify AcDons Send SMS, email, push no4fica4on Request device check-‐in Remove or block specific profiles Install compliance profile Remove all profiles Remove or block apps Enterprise wipe
1 2 3
Copyright © 2013 AirWatch, LLC. All rights reserved. Proprietary & Confiden4al.
FIPS-‐140-‐2 Compliance Servers
• Configure servers with necessary cryptographic modules
• Use encryp4on and hashing for three purposes
• Configure servers to u4lize only FIPS-‐140 approved cryptographic modules
o Store hashes of passwords associated with AirWatch user accounts (SHA-‐512)
o Encrypt documents for AirWatch Secure Content Locker on mobile devices (AES-‐256)
o Transmit encrypted data between AirWatch and mobie devices (TLSv1)
11
Devices
• Leverage na4ve device encryp4on
• Support plaTorms which offer addi4onal APIs for security and have received FIPS-‐140 approval
Copyright © 2013 AirWatch, LLC. All rights reserved. Proprietary & Confiden4al.
• GPS loca4on • User info
• Name • Phone number • Email account
• Public apps • Telecom data
• Calls • Messages • Data usage
Protect Employee Privacy
12
Ensure privacy of personal data • Set privacy policies that do not
collect personal data • Set custom policies for employee-‐
owned devices
Define granular privacy policies
Copyright © 2013 AirWatch, LLC. All rights reserved. Proprietary & Confiden4al.
Mi4gate Business Risks • Require users to accept Terms of Use to access corporate services
• Enforce agreements when users enroll their device with AirWatch
• Inform users about data captured and ac4ons allowed on the device
• Track, report on compliance and update agreements over 4me
• Assign and enforce different agreements based on: o User role – End users vs. administrators
o Ownership – Corporate vs. employee
o PlaTorm – iOS vs. Android
o Department, business unit or country
• Support mul4-‐lingual agreements across the company
13
Copyright © 2013 AirWatch, LLC. All rights reserved. Proprietary & Confiden4al.
Bring Your Own Device (BYOD) Management Enable Device Choice • Support all opera4ng systems and latest device models • Enable employees to choose the most produc4ve device Enroll Devices Easily • Enroll personal devices into AirWatch • Select “Employee Owned” device ownership Manage Personal Devices • Configure policies and sejngs based on device ownership • Secure access to enterprise resources, apps and documents Protect Employee Privacy • Configure what info is collected based on device ownership • Isolate and protect both corporate and personal informa4on MiDgate Business Risks • Enforce custom Terms of Use agreements for employee devices • Specify the info being collected and ac4ons IT is allowed to take Enable Self-‐service Management • Simplify enrollment, configura4on and support capabili4es • Locate, lock and perform an enterprise or full device wipe
14
Copyright © 2013 AirWatch, LLC. All rights reserved. Proprietary & Confiden4al.
AirWatch Browser • Block na4ve browsers and public browser apps • Enable browsing through AirWatch Browser™ • Authen4cate users before gran4ng web access • Enforce whitelists for approved websites • Enforce blacklists for restricted websites
• Bookmark websites for easy browsing • Define cookie acceptance, copy, paste or print • Navigate websites with gestures • App tunneling provides a secure connec4on without VPN
15
Restricted Mode Limit browsing via site blacklists and whitelists
Kiosk Mode Restrict browsing to a specific page and remove naviga4on
Proxy Mode Proxy browsing through a corporate server
Copyright © 2013 AirWatch, LLC. All rights reserved. Proprietary & Confiden4al.
AirWatch Mobile Content Management Secure Content LockerTM
Protect sensi4ve content in a corporate container
Secure document distribu4on and mobile access
Ensure end users have the latest materials
Anywhere, any4me access to cri4cal content
16
Copyright © 2013 AirWatch, LLC. All rights reserved. Proprietary & Confiden4al.
Enterprise-‐grade Content Capabili4es • Advanced security • Flexible storage
o Cloud, on-‐premise or hybrid
• Content repository integra4on • File synchroniza4on • Administra4ve console • Event logging and analy4cs • End user experience • Personal storage and synchroniza4on • Desktop synchroniza4on • Collabora4on and sharing
17
Copyright © 2013 AirWatch, LLC. All rights reserved. Proprietary & Confiden4al.
End User Experience
18
Browse via smart views
Receive auto updates and no4fica4ons
Search for content
Navigate through synced folders and categories
Manage content in personal folders
1
2
4
5
6
Tag content as a favorite 3
2
3
4
5 6
1
Brand custom to your company 7
7
Make available in mul4ple languages 8
8
Copyright © 2013 AirWatch, LLC. All rights reserved. Proprietary & Confiden4al.
Personal Sync and Storage Personal content storage
Back-‐up to cloud; sync across devices
Flexible folder crea4on and administra4on
Define storage limits by group or user
Sync integra4on to self-‐service portal
Desktop sync folder for Mac & Windows
19
Copyright © 2013 AirWatch, LLC. All rights reserved. Proprietary & Confiden4al.
Desktop Synchroniza4on Two-‐way sync of content from desktop to device
Sync based on scheduler and real-‐4me folder changes
Sync status and no4fica4on of failures
Sync personal and shared content
Available for both Mac and Windows
20
Copyright © 2013 AirWatch, LLC. All rights reserved. Proprietary & Confiden4al.
Collabora4on and Sharing Share, edit and collaborate on personal content with other internal users
Assign different access and edi4ng privileges to users or groups Reader, editor, owner, co-‐owner
Share links to content for external users with password protec4on
21
Copyright © 2013 AirWatch, LLC. All rights reserved. Proprietary & Confiden4al.
Self-‐Service Management Reduce IT burden by allowing users basic administra4on over devices
Allow users to manage simple tasks
Simplify enrollment, configura4on and support
Enable users to drag-‐and-‐drop files into personal folders in SCL
22
Self-‐service User Capabili4es
Enroll addi4onal devices Perform remote commands
• Device query • Send message • Clear passcode • Wipe device
Download op4onal profiles View device informa4on
• Compliance audit • Installed profiles and apps • GPS loca4on
Request applica4ons Request technical support Add personal content to SCL
Copyright © 2013 AirWatch, LLC. All rights reserved. Proprietary & Confiden4al.
Mul4-‐user Management
23
Configure a single managed device to be used by mul4ple users
Personalize each user’s experience without losing corporate-‐ wide sejngs
Configure corporate access, apps, files and device privileges based on device, user or organiza4on group
Used either fixed or dynamic configura4on to manage user profiles
Allow for seamless check-‐in, check-‐out process that is self-‐contained in the AirWatch Agent
Authen4cate users during login with directory services creden4als
Check-‐in and check-‐out devices without affec4ng device enrollment in AirWatch
Manage devices even when device isn’t checked out
Copyright © 2013 AirWatch, LLC. All rights reserved. Proprietary & Confiden4al.
Seamless Integra4on with Enterprise Systems AirWatch Cloud Connector Secure communica4on between AirWatch and enterprise systems
Mobile Access Gateway Secure communica4on between mobile devices and enterprise systems
24
Content Repositories Corporate Networks AirWatch App Wrapping AirWatch SDK
Corporate Email
Cer4ficates and PKI
System Informa4on and Event Management
Business Systems AirWatch
Mobile Devices Mobile Access Gateway (MAG)
Cloud Connector (ACC)
Copyright © 2013 AirWatch, LLC. All rights reserved. Proprietary & Confiden4al.
Directory Services Integra4on • Leverage exis4ng directory services and corporate iden44es
• Import directory structure or select specific groups to import
• Support 1-‐N user groups through mul4-‐tenant architecture
• Map exis4ng group assignments with AirWatch user groups
• Detect changes in the directory system and sync with AirWatch
• Delegate authority to IT admins to manage specific groups
• Assign device profiles, apps and content based on group membership and ensure users receive the appropriate access and restric4ons
• Remove access and re4re devices as users are deac4vated in directory system
25
Copyright © 2013 AirWatch, LLC. All rights reserved. Proprietary & Confiden4al.
Content Repository Integra4on
26
Synchronize network shares, file servers and file systems with Secure Content LockerTM
U4lize exis4ng corporate creden4als for user access
Provide author, keywords, date created, date modified, version, notes, created by, etc. in document informa4on
Allow emailing, offline viewing, third-‐party applica4on access or prin4ng on per document basis
Restrict access to a specific loca4on with geofencing
Use Access Control Lists (ACL) for user permissions
Secure distribu4on from SharePoint without VPN (using MAG and Cloud Connector)
Apply default sejngs for security and deployment
Copyright © 2013 AirWatch, LLC. All rights reserved. Proprietary & Confiden4al.
System Informa4on and Event Management Integra4on
27
• Record and view all device and console events in the AirWatch console
• Configure device and console logging levels • Filter events by severity level, category or module • Device events
o All communica4ons to and from a device o Interac4ons including MDM commands and responses
o Informa4on including end-‐user ac4ons on the devices
• Console events o Console login/session events (including failed login a^empts)
o Admin ac4ons for user and device management (including changes to profiles, apps, content)
o Changes to system sejngs and configura4ons o User preference and naviga4on changes
Copyright © 2013 AirWatch, LLC. All rights reserved. Proprietary & Confiden4al.
Network Access Control (NAC) Integra4on
28
Bi-‐direcDonal APIs and LDAP integraDon opDons
Dynamic WLAN access and features
o Based on compliance with AirWatch
o Traffic priori4za4on
o Protocol restric4ons Guest access and auto MDM registraDon
AutomaDc Access Control Lists (ACL) assignments
ApplicaDon enforcement
Copyright © 2013 AirWatch, LLC. All rights reserved. Proprietary & Confiden4al.
Scalability
29
Server
Take advantage of flexible solu4on that grows with you
Support an unlimited number of devices without losing management capabili4es
Apply global sejngs, organiza4on group sejngs and allow excep4ons
Manage all devices and processes from a single instance admin view and delegate access to administrators and users
U4lize either horizontal or ver4cal scaling
Small Company 50 devices
Global Company 100,000+ devices
Copyright © 2013 AirWatch, LLC. All rights reserved. Proprietary & Confiden4al.
Cloud On-‐premise
Make no significant investment in technology or installa4on services
Deploy in less than a day with minimal effort
Best of class hardware in mul4ple data centers
AirWatch handles maintenance and upgrades
Shared or dedicated architecture available
Integrate with enterprise systems through a secure and encrypted connec4on
Install on physical or virtual server, or have a physical appliance shipped
Implementa4on services and support available
Transfer to a cloud deployment at any 4me
Control upgrades and maintenance
No transmission and storage of data off site
Configure informa4on collected and stored in local database based on customizable privacy policies
Deployment
30
Copyright © 2013 AirWatch, LLC. All rights reserved. Proprietary & Confiden4al.
Flexible Pricing
31
Contract Terms
SubscripDon Month to Month
Perpetual One Time
$3.25 per device , monthly
$50 per device one 4me plus
annual fee of $10
In the Cloud Shared or Dedicated
On Premise Appliance Available
Deployment Models
Shared Environment $.75 per device
Dedicated Environment Available
“AirWatch gives you the best bang for your buck.”
-‐ Info-‐Tech
"I like knowing AirWatch can offer a price solu3on that fits me and doesn’t
try wedging our organizaHon into a contract I don’t want to sign.”
-‐ Five Star Bank
Copyright © 2013 AirWatch, LLC. All rights reserved. Proprietary & Confiden4al.
AirWatch Cloud World Class Data Centers Mul4ple data centers around the world
32
Dedicated OperaDons Team Experience in implemen4ng large-‐scale, mission cri4cal global networks and data centers
Standard Best PracDces Follow industry best prac4ces and regula4ons including ISO 27002, CSA CCM 1.3, and NIST SP 800-‐53
Physical Security Mul4-‐layer approach with 24x7 on-‐site security, biometrics, mantraps, cameras, badge access and segregated spaces
Data EncrypDon Encryp4on, access control, segrega4on and monitoring, an4-‐virus and spam filtering, and patch management
High Availability Meet strict requirements for high availability and redundancy through load balancing across mul4ple data centers
Disaster Recovery Protect data through data replica4on, data backups, database log shipping for a guaranteed quick recovery