© 2011 Fiberlink Communications MORE Webinar Series © 2011 Fiberlink Communications Optimized Management for iPhones, iPads, and Androids with Exchange 2007 & Exchange 2010 & Office 365 Val Hetrick
Jan 18, 2015
© 2011 Fiberlink CommunicationsMORE Webinar Series© 2011 Fiberlink Communications
Optimized Management for iPhones, iPads, and Androids with Exchange 2007 & Exchange 2010 & Office 365Val Hetrick
© 2011 Fiberlink CommunicationsMORE Webinar Series
What will I learn today?
> How Exchange can be used as a basic management tool for Mobile Devices
> The features and capabilities that are available in the Exchange Administrator Interface for managing Mobile Devices
> The the gaps and traps to watch out for if using Exchange to manage Mobile Devices
> What to do when you need more comprehensive control and visibility
> The benefits of using Exchange device management to derive additional value from an MDM solution
© 2011 Fiberlink CommunicationsMORE Webinar Series
Let’s get the conversation started…
> You have users with personal and consumer devices that require access to your Exchange email environment iPhones, iPads and Androids
> You need tools and techniques to help get some basic level of control, now
> You know how to do BlackBerry, but these other devices are uncharted territory for you and your team
> You’ve been inundated with information on device management but aren’t sure which approach you should take
© 2011 Fiberlink CommunicationsMORE Webinar Series
So, where to start?
> The built-in Exchange 2007/2010 tools may be a start for some
> What can I do with these tools? Device visibility/asset management
• 10 or so device attributes Mailbox policy creation/edit/assignment Actions
• Wipe (factory reset)• Change Mailbox policy• Remove/Block Device
Legacy Device Support• Symbian• Windows Mobile
© 2011 Fiberlink CommunicationsMORE Webinar Series
What are the steps?
> Turn on ActiveSync, but be careful… Things to consider when you enable ActiveSync on
Exchange Email Access Control
• Full Access– Wild West
• Mailbox by Mailbox– Cumbersome– Multiple device issue
• Monitor for new devices for enabled mailboxes
– Manual effort– 2010 ABQ may help
© 2011 Fiberlink CommunicationsMORE Webinar Series
Now that you have it tuned on….
> Gaps to be aware of No clear picture of connected devices in real-time If you want control, having to use individual Mailbox
configuration Remote Wipe that is all or nothing Script development to augment the limited Exchange tools No easy way to view and remove inactive devices No ability to perform Device and User Group based policy
assignment No concise audit history of mobile device actions (e.g.,
policy change, remote wipe) No web-based access for non email administrator personnel No ability to add asset information to mobile devices
managed via ActiveSync
© 2011 Fiberlink CommunicationsMORE Webinar Series
Now that you have it tuned on….
> Traps that will get you in trouble Multiple devices
• Once a mailbox is enabled, a user can connect any number of devices
Device diversity• No control over what type of device connects• Significant gaps exist in device capabilities that need to
be considered– Apple iOS 3.x– Android 1.x, 2.0, 2.1
Android implementations• Androids lie!
Jailbroken and Rooted Devices
© 2011 Fiberlink CommunicationsMORE Webinar Series
The ActiveSync policy conundrum….
> A comprehensive set of policies, but… Device manufacturer implementation varies greatly
• Only best effort on the part of most… Some critical gaps
• Device and application restrictions• VPN, WiFi, Email profiles• Password policies
Understand what policies are implemented by your device
• Exchange ActiveSync Client Comparison Table (Microsoft)• Comparison of Exchange ActiveSync (Wikipedia)
© 2011 Fiberlink CommunicationsMORE Webinar Series
Supported Exchange Active Sync policies, the basics
> The following Exchange policies are supported on iOS and Android Enforce password on device Minimum password length Maximum failed password attempts Require both numbers and letters Inactivity time in minutes
> The following Exchange 2007 policies are also supported on iOS Allow or prohibit simple password Password expiration Password history Policy refresh interval Minimum number of complex characters in password Require manual syncing while roaming Allow camera Require device encryption
9
© 2011 Fiberlink CommunicationsMORE Webinar Series
Signs that you may need more than Exchange to manage your devices
> You need device level auto-quarantine> You need better device data and asset information> You need more consistent and quality device data to make
better decisions on what is accessing your corporate data> You need a consistent way to deal with variation in
device/vendor support> You need important and more granular actions
Selective Wipe/Full Wipe (as required by the situation) Lock Device Change device passcode Locate device
> You would like to delegate administrative activities > How long you can get by with Exchange management
capabilities before you find a situation that cannot be accommodated?
© 2011 Fiberlink CommunicationsMORE Webinar Series 11
MaaS360 Mobile Device Management
> Offers Exchange ActiveSync Manager as well as iOS and Android Mobile Device Manager for additional capabilities
> Helps organizations at-a-glance understand their mobile device posture (real-time) on their Exchange infrastructure
> Helps organizations extend mobile device management operations to other teams, if desired
> Eases and extends day-to-day Exchange management functionality for mobile device issues and cases
> Adds Quarantine and Device Approval workflows to Exchange 2007 Environments
> Able to have multiple policies> Selective Wipe with iOS> Push out VPN/Wireless Profiles with iOS and Android
© 2011 Fiberlink CommunicationsMORE Webinar Series
MaaS360 compliments Exchange/ActiveSync
© 2011 Fiberlink CommunicationsMORE Webinar Series
Demo of MaaS360 MDM
13
© 2011 Fiberlink CommunicationsMORE Webinar Series
Wrap-up
> Up-coming Webinars (http://maasters.maas360.com/webinars/)
September 1 - Best Practices for Enabling Android Devices in the Enterprise
> Past Webinars (http://links.maas360.com/webinars/)
August 4 - Automated Security for iPhone, iPad, and Android Devices July 21 - Enabling iPhones and iPads in the Enterprise July 7 - Mobile Device Management in a Post-BlackBerry World
> Plus lots of How-To content at the MaaSters Center Mobile Device Management Best Practices
• http://links.maas360.com/mdm/ Mobile Device Management Strategy Series from Lopez Research
• http://links.maas360.com/mdmstrategy/ Mobile Device Management Glossary
• http://links.maas360.com/mdmglossary/ Over 300 articles and posts including training videos and free tools
• http://maasters.maas360.com/
14
Questions or follow-up?Val [email protected]