Smart Devices @ Givaudan From BYOD experience to new mobile - - PowerPoint PPT Presentation

Smart Devices @ Givaudan

From BYOD experience to new mobile opportunities

Givaudan

2

What’s going on ?

3

Consumerization of IT

• Personal device proliferation
• Personal cloud services proliferation
• Millenials generation

Anywhere Anytime from Any Device

• Access personal applications @work
• Access corporate applications @home

Who decides user or corporate IT ?

• Devices
• Applications
• Security

Drivers For Change

4

Multi-devices trend + smart devices proliferation Demands of company provided/supported tablets Upcoming mobile applications

Smartphones landscape in the US

Now what ?

5

A short terms solution to our problems… sort of

BYOD Challenges

6

How to provide platform independent services? How to avoid interfering with personal apps and data? How to secure corporate data ? Can we secure the full device ? Can we wipe the device ? Do we support personal devices ? …..

Mobile Devices Situation

7

18 months ago…

• 950 Blackberry smartphones
• Services:
• Email, calendar,

contacts

• Chat
• Intranet
• Company provided
• Full end-user support

■ 380 users (volunteers) ■ Email, calendar, contacts

• n iPhone and iPad only

■ Bring Your Own device (employee liable) ■ User self support (+ forum)

Standard corporate service: BlackBerry 2011 - First experiment of BYOD service

Approach

8

MDM platform implementation

To support various devices

Addition of Android to the BYOD service

Follow quick market evolution Be ready for mobile app deployment Build foundation for an evolutive mobile services platform

Find the right trade-off between security and user-experience In parallel, enhance mobile service with new features (Chat, VPN…) Provide courtesy wireless to corporate users for internet access only (reduce personal

costs while in the office)

MDM selection → MobileIron

Identified differentiators with competitors:

Integration with device operating system (no sandbox approach) App deployment capabilities (Internal app store) Integrator in Switzerland (Nomasys)

Security

9

Data – device encryption embedded in the profile (iOS) ActiveSync outgoing flow only Access to email/calendar/contacts – windows credentials into device client Attachments – no limitations Lock-code mandatory – embedded into device profile loaded Internal approval process to access the service VPN required to access internal resources

• Only http and https
• Device identified through a certificate from PKI infrastructure

Courtesy network filters through MAC@ for access

• Same web traffic filtering rules as corporate

Wipe is authorised

today

High-Level Timeline

10 10

2011 2012 2013

Q3 Q4 Q1 Q2 Q3 Q4 Q1 Q2

MDM solution selection MDM solution selection PoC PoC Corporate service preparation

Service go- Live Multi-device corporate service

Satisfaction survey Satisfaction survey

Pilot Phase Pilot Phase

BYOD iOS only BYOD service based on MDM (iOS +Android)

Company provided catalogue Company provided multi-device catalogue Corporate service deployment

Our BYOD Service Today Based on MobileIron solution

11 11

1600 active devices

Voluntary enrolment

iOS & Android only Email, Calendar, Contacts + Chat VPN for iOS (via MobileIron PKI device certificate) Security rules

Mandatory screen-lock pin code Jailbroken/rooted devices not allowed Remote wipe in case of loss

User self support (+ forum, getting started videos)

Users must comply read and accept

Our BYOD Service Today

12 12

Infrastructure and Security

In-house managed redundant MDM platform infrastructure Employees BYOD internet access, but no access to internal resources End-User security rules same as corporate for web access

Content and virus filtering

Juniper VPN for iOS (device certificate access control)

Transparent launch No user authentication

Corporate security rules

VPN provides http/https limited access to resources

Satisfaction Survey

13 13

August 2012

Participation: around 250 users (40% of the user population at that time) General satisfaction rate:

93%

All devices

96%

iPhone/iPad users

78%

Android users

What’s next

14 14

2013: Multi-device corporate catalogue (but

keep it simple)

Including corporate tablets (iOS only)

Mobile apps in-house development

Deployment via MobileIron app store Apps@Work

Open network to more resources

Allow devices into corporate network ? Keep controlled access through VPN ?

Open Questions

15 15

Blackberry future Windows phone 8 success Any other mobile OS out there ? Android as a secure business platform ? BYOD with financial compensation to replace corporate smartphones ? How to deal with the forthcoming general unavailability of feature phones Outsourced MDM solution? Increased attacks on mobile devices -> higher corporate and data leak risks ?

Q&A

16 16