Today’s workforce is becoming increasingly mobile as traditional desktops are replaced by mobile devices running enterprise applications and capabilities. As these devices are often used for both personal and confidential company business, and in many cases are actually owned by the employee, the ability to ensure that they are secure and compliant is a high priority for global businesses. This has led organisations to attempt to manage these devices as they would any other corporate computer and in the case where the employee owns the device, to initiate a Bring Your Own Device (BYOD) scheme to control the usage within the workplace.
The management of both corporate and BYOD mobile devices offer significant opportunities for Managed Service Providers (MSPs). MaaS360 offers a complete solution for MSPs and their customers.
A single portal for an MSP and Customer
MaaS360 is a secure multi-tenanted solution for MSPs to setup, deliver and support their customer’s Mobile Device Management (MDM), Mobile Application Management (MAM) and BYOD solutions. In addition it provides the MSP with the ability to offer their customers the use of a self-service portal to access and manage their own device inventory, execute remote management commands such as lock and wipe and define and check the compliance of any defined security policy on their employee’s mobile devices.
Manage your own Customers
Bring Your Own Device Policy
- Employee Eligibility
- Support Model for Employee owned devices
- Employee Education and Change management
- Legal and Privacy aspects
- BYOD Funding arrangements
To help the MSP provide a BYOD solution to their customers Orb Data has created a template that provides help in defining all of these aspects whilst also ensuring that MaaS360 can provide any security settings that are required.
Use your Own Branding
Taking on New Customers
Adding new customers to MaaS360 is a simple process; from a single screen you can specify the contract definition (such as Full or Trial), pricing and licensing options such as price per device and length of trial or contract.
The MSP then simply imports the details of the devices to be managed including device owner, email addresses and mobile phone numbers. MaaS360 can then auto-email or text the welcome instructions to the end users where they can install and enrol the agents in their own time. Once the devices have logged in the device details will be merged with the already imported company information. The last stage is for the MSP or the customer to login and manage their devices.
The portal is also available for customer’s employees to use to look at their own devices. This can be useful if an employee loses their phone at 3am on Saturday night. With the self service feature they can log on to the portal and click on a button saying their device has been lost or stolen. This will then automatically notify the company’s administrator of a potential issue, remotely lock the phone, give the user the last known location and provide them with the phone’s IMEI Number to give to the police.
The MaaS360 Compliance Engine achieves two important goals: it ensures that all mobile devices are in compliance with policies and it moves any devices in violation into a restricted policy until remediated.
Continuous Monitoring Checklist:
- Enforce Device Management
- Minimum OS Version
- Remote Wipe Compliance
- Jailbreak/Root Detection
- Encryption Compliance
- Application Runs (Restricted/Required)
- SIM Change
- Roaming State Change
Available Actions List:
- Alert User and Administrator
- Block Email Access
- Restrict Device (Email, Wi-Fi, VPN)
- Wipe Device
The MaaS360 Compliance Engine proactively solves common use cases, allowing IT to streamline resources and focus on strategic goals.
Safeguard Enterprise Data
The flexibility and connectivity that mobility brings can make an organisation more agile and responsive but these benefits can also bring security risks. Portable devices can be lost, stolen or damaged and therefore the protection of these mobile devices as they access your sensitive systems is vital. Orb Data’s MSP Mobile Portal enables you to:
- Detect security threats such as rooted or jail-broken devices
- Wipe or lock a device when it is lost or stolen
- Configure and enforce password policies, camera use and iOS specifics such as iCloud and Facetime
- Enforce a global HTTP proxy
- Automatic identification of noncompliant devices
- Control non-compliance by issuing user notifications or deprovisioning devices
Any organisation with BYOD policies or even companies that are buying mobile devices for their employees needs the ability to control the devices that are connecting to the corporate network. The Mobile Portal provides both hardware and software mobile device inventory capabilities including:
- Device details, including model, version, serial number, type and version of operating system
- Hardware information, including firmware, memory, battery and screen type
- Installed applications names and versions—including classification of white listed or unapproved applications
- Device location, with identification on a map
- Network details, including IP address and carrier
- Email user identity, phone number and installed certificates
Mobile Application Management
Enterprise Mobile App Container
MaaS360 simplifies mobile application management by delivering an easy-to-use enterprise app catalog with full security & operational lifecycle management of apps.
- Enterprise Application Catalog – An intuitive, customizable enterprise app catalog for iOS & Android devices.
- Mobile Application Lifecycle Management – A platform to distribute, update, manage & secure both public & enterprise mobile apps.
- MaaS360 Mobile Application Security – A mobile application container for enterprise apps with full security management.
- Mobile Application Compliance & Enforcement – Security policies to blacklist, whitelist & require apps. Automated enforcement rules to alert administrators, block email, restrict network resources & perform remote wipes.
- MaaS360 App Cloud – An option to host & distribute your enterprise mobile apps on a globally optimized app distribution network.
- Volume Purchase Program – Support for bulk app licenses for employees.
MaaS360 simplifies mobile application management by delivering an easy-to-use enterprise app catalog with full security and operational lifecycle management of apps across mobile device platforms.
MaaS360 also supports the ability to define a “white list” of applications (or apps) that are allowed on the device. This means that rather than keeping a list of all the thousands of apps that a customer may not want on the employee’s devices they only need to define the list that are acceptable to the corporate policy. Any app that is installed without authorisation can be flagged to both employee and company.
- Protect enterprise apps with full containerization
- Increase employee productivity and satisfaction
- Centrally manage mobile apps with web-based console
- Safely and securely support Bring Your Own Device (BYOD)
- Reduce risk of sensitive data leakage
- Enforce on-device access control and compliance with policies and regulations
- Perform selective wipe on app catalog and managed apps
- Use granular administrative controls and interactive, graphical reports
- Reduce network load and increase app performance and scalability