Ryan will explore the management needs of the three major mobile platforms, iOS, Android, and Windows, to explain the difficulties in designing effective management systems. Mobility management issues come into focus as past IT practices collide with the new world of mobile. Start exploring the considerations of the new age of mobility through the lens of reorganized priorities.
- [Narrator] I'll take a look at the considerations necessary in order to begin mobile device management. Currently, mobile devices are all running either iOS, Android, or for our purposes, Windows 10 operating systems. There are small differences to each. If not reconciled, it certainly can make management difficult. In the past, the hallmark of a well managed enterprise deployment was a granular control over the OS. I always knew when updates would be released. I knew what the update makers did in the updates, and I had time to test the updates for any issues it might present to my organization before it was released to the workforce.
Not anymore, the age of mobility is the age when a direct update to the OS is pushed through channels without warning, and I have to be ready to inform a global workforce if it breaks any of our business critical applications or processes. In order to facilitate the management of my mobile devices, I must establish the following practices. First, a developer relationship with Apple, Google, and Windows is a must. With a developer license, I am able to acquire beta OS updates released early to developers leading up to the public release of the update.
I use the seeded beta software to arrive at an approximated understanding of whether or not the update will compromise any part of my mobility program. This allows me to be as close to same day readiness as I can get. The Microsoft developer information can be found at developer.microsoft.com. When signing up, this required a Windows Live or registered O 365 account. Second, for security and scale, I must establish a list of supported OS's.
I cannot hope to support every IOS, Android, or Windows phone available in the world. Therefore, I have to establish some parameters. It is a good rule of thumb to set an N-1 parameter where N is considered the current pubic release of the OS. In other words, I will be supporting no more than two major releases of the OS. At this moment, that means I would be supporting Android five and six, iOS eight and nine, and Windows 8.1 and 10.
Third, I need to determine where the devices under management will be coming from, or who will technically own the device. This is where the great debate over corporate owned devices, bring your own devices, or a mix of the two comes into play. Corporate owned devices are just what they sound like. The company has decided to purchase the hardware and cellular service. With that ownership comes the right to manage the device however the company deems necessary. They can even lock the device down to the operation of a single application.
Bring your own devices or BYOD is a very different matter. In this instance, the company is requesting to essentially rent the user's own device in order to facilitate work. Since the company does not own the device, the user must be made explicitly aware of what the company is doing when it manages the device. BYOD mobility programs can be very difficult to manage since it is harder to control the variables required for management. It is important to stress explicitly what I will and will not support if I manage a BYOD mobility program.
Corporate owned, personally enabled or COPE, as well as choose your own device are attempts at a middle ground. Both attempting to equip the mobile worker without creating chaos for the IT department. With COPE, the company is selecting the phone, and allowing the employee to use it for personal tasks. With COID, the company is asking the mobile workforce to select from a pre approved list of devices, then giving them the permission to do both corporate and personal work on the device. Setting these boundaries early, will benefit the program in the long term.
Ryan is the director of enterprise mobility management at MOBI and supports Fortune 100 clients around the world. Here he shares the key components of any enterprise mobility management (EMM) strategy, focusing on Microsoft Intune. Learn what's different about the Windows 10 mobile operating system and why and how businesses manage Windows devices with Intune. Explore Intune infrastructure management and best practices pertaining to design, identity, security, updates, applications, content, and more. Along the way, he'll help you design and implement smart security policies, configure monitoring and services like Windows To Go, and provisioning user accounts.
Note: This course maps to the Plan and Implement a Microsoft Intune device management solution domain of the Microsoft exam 70-697: Configuring Windows Devices.
- Preparing for a mobile program
- Managing mobile devices, users, and data
- Building mobile user awareness
- Understanding mobile security issues
- Activating Enterprise Mobility Suite (EMS)
- Configuring and deploying device policies
- Configuring monitoring and alerts
- Designing file and power policies
- Configuring Windows To Go, Windows sync, Wi-Fi direct, and device encryption
- Supporting Intune deployments
- Provisioning user accounts
- Managing Intune groups
Skill Level Intermediate
Q: This course was updated on 03/30/2018. What changed?
A: New videos were added that cover mobile device and application management, the Azure AD interface, app management without device enrollment, and Intune and eBook deployment. In addition, the following topic was updated: mobile security.