Case Study Version 1.0 Contents 1 Challenge..........................................................................................................................3 2 Selecting an MDM solution ........................................................................................4 3 AirWatch solution for Nokia........................................................................................5 3.1 Enrolment....................................................................................................................................5 3.2 Use...............................................................................................................................................6 3.2.1 Security...............................................................................................................................6 3.2.2 Dashboards.........................................................................................................................7 3.3 Retirement..................................................................................................................................7 4 Evaluation........................................................................................................................9 How Nokia piloted AirWatch MDM for Nokia Lumia Version 1.0 2 2013 Nokia. All rights reserved. 1 Challenge Mobile devices like smartphones and tablets are more important every day. Nokia strives to meet both corporate and end-user needs across the mobile device and application life-cycle, from enrolment to use to retirement. Nokia recognized that this requires an MDM (mobile device and application management) solution that: Supported Nokia Lumia smartphones and Windows Phone 8 phones in particular Met IT requirements for improved enterprise data security and mobile device visibility Supported end-user wishes for BYOD (Bring Your Own Device) for a range of device platforms, if needed Improved productivity by helping end-users maximize the business potential of their smartphones Provided a flexible platform that could be easily integrated into existing enterprise architectures Was created with an MDM provider willing to further develop the MDM solution in future The first step towards meeting these requirements was to select an MDM provider and pilot their solution. How Nokia piloted AirWatch MDM for Nokia Lumia Version 1.0 3 2013 Nokia. All rights reserved. 2 Selecting an MDM solution MDM technologies are new and evolving and each provider has benefits and drawbacks with none providing a fully comprehensive solution for all platforms. The development pace of Windows Phone developer Microsoft, for example, means some key MDM features were not yet available. Nokia began their search for an MDM provider by finding analyst information on the globally leading MDM vendors, contacting the top vendors and testing their latest MDM solution in a demo environment. The first round evaluation was done against a pre-defined set of requirements and use cases. In the second phase, Nokia asked the selected vendors to present an overview of how they could meet both non-technical and technical requirements, and to describe their future development plans, their co- operation model, their pricing, and their business outlook. The requirements in both phases were designed to cover the following considerations: Technical considerations Supported platforms and features Cloud-based or on-premises architecture Planned policy implementation Reporting platform Providers technical requirements Other considerations Own SaaS service or through another partner Available level of IT support Future strategy for mobile devices Providers current relationship with Nokia Providers financial status After careful analysis, Nokia selected AirWatch as an MDM provider and they began working together on a pilot solution. How Nokia piloted AirWatch MDM for Nokia Lumia Version 1.0 4 2013 Nokia. All rights reserved. 3 AirWatch solution for Nokia AirWatchs MDM solution enabled large-scale Windows Phone 8, Windows Phone 7 (limited support), Symbian, iOS, and Android device deployments. The pilot targets included the following: Manage 500 Windows Phone 8 users using multiple mobile devices: the pilot did not implement or test features not supported by Windows Phone 8 Support use cases in enrolment, use, and retirement phases Add value for end-users while ensuring device and email security Deploy and promote enterprise applications Update configuration profiles on demand, re-provision devices automatically Cross-platform actions for groups of devices Send support messages based on various criteria (push or email) Send information requests or lock / wipe commands to devices on demand The success of the pilot launch was in no small part due to the co-creation and testing of the solution by Nokia and AirWatch. User experience was vital, requiring end-user training videos and clear guidelines. User experience was tracked by user feedback and then feeding prioritized development needs back to the development process during daily scrum meetings between the Nokia team and the AirWatch development team. 3.1 Enrolment Enrolment included configuring devices to securely communicate with the MDM server. End-users enrolled devices through an app, determining device ownership and authentication. End- users could only see the AirWatch client that launched the enrolment process, and the Privacy License and Supplement approval steps that set MDM privacy levels. In the pilot phase, collection of location data is enabled by default. Figure 1: AirWatch client icon How Nokia piloted AirWatch MDM for Nokia Lumia Version 1.0 5 2013 Nokia. All rights reserved. 3.2 Use Once enrolled, end-users could securely use Nokia enterprise applications free of complex security processes, protected by Nokia security policies. End-users could, for example, securely use Mail for Exchange with a single password. All other configurations were automatic. The MDM solutions user-friendly installation channel enabled deployment and promotion of internal enterprise applications developed or recommended by Nokia including, for example, applications for arranging meetings or managing approvals. The MDM server recognized installed applications and included them in monitoring and management. IT administration-led application distribution was also available. 3.2.1 Security AirWatch MDM enabled management of security policies and certificates. For the pilot, priority was email control. Security policies required pilot members to enroll to access email accounts. After enrollment, security policies were deployed silently, no end-user action required. IT administrators monitored device compliance through an AirWatch UI. Figure 2: Device compliance IT administrators could configure automated end-user message rules in response to, for example, policy violation, and define actions required for devices to comply with security policies. Rules could include the following criteria: Defined number of days within which end-user must change password. Defined (if BYOD comes with an insecure firmware version) how and when firmware must be updated for device to continue as enrolled in MDM. The ability to wipe enterprise data remotely added security. End-users could perform the wipe themselves through a self-care portal, or make an IT request. Additional settings and credentials were used to access accounts and enterprise resources. How Nokia piloted AirWatch MDM for Nokia Lumia Version 1.0 6 2013 Nokia. All rights reserved. 3.2.2 Dashboards Dashboards allowed IT administrators and end users to immediately address known issues, and included filterable views with a range of valuable, real-time information, including the following: Certificates Compliance Event Logs Firmware GPS Installed applications Manufacturer Operating System Profiles Total number of devices Figure 3: Pilot dashboard - enrolled devices 3.3 Retirement Corporate and enterprise data security must not lapse when end-users no longer need their devices . Devices could be retired, that is, unenrolled from MDM, in the following ways: How Nokia piloted AirWatch MDM for Nokia Lumia Version 1.0 7 2013 Nokia. All rights reserved. Locally by the end-user Remotely by an IT administrator Automatically according to pre-defined criteria (A rule could define that if a device was not used in 6 months, for example, it would be unenrolled automatically on next connection to the server) Unenrolment included steps for removing device policies, configurations and enterprise applications. A full device-wipe was also possible. How Nokia piloted AirWatch MDM for Nokia Lumia Version 1.0 8 2013 Nokia. All rights reserved. 4 Evaluation Nokia piloted the MDM solution with 500 Nokia employees using both Nokia and non-Nokia phones. During full deployment, this number will be easily scalable to more devices. Improved security options, like defined requirements for power-on password controls, password policy enforcement, and multiple levels of theft-loss protection, provided a comprehensive solution that addressed corporate risks. Flexible BYOD aspects of the solution were vital: Nokia, a handset provider, must be able to deploy new models quickly and efficiently. Benefits for end-users End-users enrolled their own corporate devices, or even provided their own (BYOD) if the company mobile phone or mobile device policy allows it. On enrollment the end-user had easy and secure corporate access to key applications, such as email When using a managed device, end-users could be confident the device was configured properly, adhered to corporate security policies, and had the key software applications Troubleshooting problems was simplified with automated notifications and application management tools On retirement, end-users could easily wipe old devices and get started with new ones Benefits for IT administrators IT administrator responsibilities were streamlined by providing the following benefits: Real-time device visibility and the ability to analyze and report critical device information. Tools for administering policies and enforcing enterprise security and compliance. Reduced need for support upon device retirement. How Nokia piloted AirWatch MDM for Nokia Lumia Version 1.0 9 2013 Nokia. All rights reserved.