Transcript Windows for the Enterprise 3rd party MDM Enterprise grade security with common core and security architecture.

Windows for the Enterprise
3rd party MDM
Enterprise grade security with common core and security architecture
Windows 8.1
Update
Internet Explorer Compatibility
Refined user experience
Support for low cost & the latest hardware
Extended Mobile Device Management
Easier deployment
• Mobile Device Management
(MDM)
• Configuration management
• Certificate management
• Application management
• Secure Access
• S/MIME
Unenrollment
Enrollment
Policies
Profiles
Certificates
Asset Inventory
& Assistance
App
Mgmt
Unenrollment
Enrollment
Policies
Profiles
Certificates
Asset Inventory
& Assistance
App
Mgmt
WAB hosted web page
next
Unenrollment
Enrollment
Policies
Profiles
Certificates
Asset Inventory
& Assistance
App
Mgmt
Windows Phone 8
Simple password
Alphanumeric password
Minimum password length
Minimum password complex characters
Password expiration
Password history
Device wipe threshold
Inactivity timeout
Device encryption
Disable removable storage card
Remote device wipe (pull)
Remote update of installed LOB apps
Remote or local un-enroll
Windows Phone 8.1 additions
Disable Camera
Disable Bluetooth
Disable Wi-Fi
Disable telemetry data submission
Disable Location
Disable NFC
Disable Microsoft Account
Disable roaming between Windows devices
Disable custom email accounts
Disable screen capture
Disable copy & paste functionality
Disable sharing and saving of Office Documents
Disable MDM un-enrollment
Remote device wipe push
Enterprise wipe
…and there are more policies
Device encryption based on BitLocker
technology for internal storage (policy)
Disable storage card (policy)
MDM or manual import of certificates
authentication
API for apps to use certs
Advanced cert management
Wi-Fi policies
Disable Internet Sharing over Wi-Fi
Disable Wi-Fi Off loading
Disable Manual Configuration of Wi-Fi Profiles
Disable Wi-Fi Hotspot reporting
VPN policies
Disable VPN when Roaming over Cellular
Disable VPN over Cellular
Policy support from Exchange Server 2007 SP2
Windows Phone 8
Windows Phone 8.1 additions
Simple password
Alphanumeric password
Minimum password length
Minimum password complex characters
Password expiration
Password history
Device wipe threshold
Inactivity timeout
Device encryption
Remote device wipe
Block email attachments (EAS 14.0+)
Disable removable storage card
Include past email items (duration)
Include past calendar items (duration)
Email body truncation size
HTML email body truncation size
Require signed S/MIME messages
Require encrypted S/MIME messages
Require signed S/MIME algorithm
Require encrypted S/MIME algorithm
Allow S/MIME encrypted algorithm negotiation
Allow S/MIME SoftCerts
EAS protocol version support: 2.5, 12.0, 12.1, 14.0, 14.1, 14.2
Unenrollment
Enrollment
Policies
profiles
certificates
Asset Inventory &
assistance
App
Mgmt
MDM integrated (private) app distribution
App management policies
Disable Microsoft Store
Disable development unlock (side loading)
Disable Internet Explorer
Restrict UX using Allow List
Applications  Settings  Notifications
 Search button re-map
Reinforce Brand Identity
Start Layout  Lockscreen Background
 Custom Theme
Unenrollment
Enrollment
Policies
Profiles
Certificates
Asset Inventory
& Assistance
App
Mgmt
Windows Phone 8
Windows Phone 8.1 additions
Server configured policy values
Query installed enterprise app Device name
Device ID
OS platform type
Firmware version
OS version
Device local time
Processor type
Device model
Device manufacturer
Device processor architecture
Device language
Phone number
Roaming status
IMEI & IMSI
Wi-Fi IP address
Wi-Fi MAC address
Wi-Fi DNS suffix and subnet mask
Remote lock
Remote password (PIN) reset
Remote ring
Wi-Fi
Unenrollment
Enrollment
Policies
Profiles
Certificates
Asset Inventory
& Assistance
App
Mgmt
Un-enrollment policies
Disable mdm un-enrollment
Disable software and hardware factory reset
Manual or server-initiated unenrollment
Remove: LOB apps, email, policies,
profiles, certs, Office Documents
Unenrollment
Intune and 3rd party MDM
Flexible Enrollment using WAB
Enrollment
Policies
Profiles
Certificates
Asset Inventory &
Assistance
Full Wipe
Lock
PIN reset & ring
Enhanced inventory
App
Mgmt
Install, update,
remove LOB apps
Store disable
MDM Push
MDM/EAS policies
Email accounts
Root/CA certificates
MDM app/company
portal
Wi-Fi & VPN profiles
Client Auth Certs
Window Phone 8.1 Policy Summary
MDM
EAS
Policy Summary Continued
MDM
Simple or Alphanumeric password
X
X
Disable custom email accounts
X
Minimum password length
X
X
Disable screen capture
X
Minimum password complex characters
X
X
Disable copy & paste functionality
X
Password expiration
X
X
Disable sharing and saving of Office Documents
X
Password history
X
X
App Allow / Deny list
X
Device wipe threshold
X
X
Disable Microsoft Store
X
Inactivity timeout
X
X
Disable development unlock (side loading)
X
Device encryption
X
X
Disable Internet Sharing over Wi-Fi
X
Disable removable storage card
X
X
Disable Wi-Fi Off loading
X
Disable desktop sync over USB
X
X
Disable Manual Configuration of Wi-Fi Profiles
X
Disable Internet Explorer
X
X
Disable Wi-Fi Hotspot reporting
X
Disable Wi-Fi
X
X
Disable VPN when Roaming over Cellular
X
Disable Camera
X
X
Disable VPN over Cellular
X
Disable Bluetooth
X
X
Disable mdm un-enrollment
X
Disable telemetry data submission
X
Disable software and hardware factory reset
X
Disable Location
X
Disable Wi-Fi credential sharing
X
Disable NFC
X
Lock screen notification controls
X
Disable Microsoft Account
X
Enforce Safe Search
X
Disable roaming btw Windows devices
X
Disallow Search to use location
X
Disable data roaming
X
NOKIA
LUMIA 620
NOKIA
LUMIA 820
NOKIA
LUMIA 925
NOKIA
LUMIA 1320
NOKIA
LUMIA 1020
NOKIA
LUMIA 1520
NOKIA
LUMIA 920
NOTE: Availability of particular products may vary by region and by service provider.
NOKIA
LUMIA 720
NOKIA
LUMIA 625
NOKIA
LUMIA 520
Next Steps
Evaluate Windows Phone for your Business
Applications
Download the latest Windows developer
tools & MDM protocol documentation
Now is the time to start developing business
apps for Windows
\\BUILD
http://aka.ms/wpitpro