Where MDMs on iOS Leave Oﬀ Speaker: Marc Grayson Montefiore Medical Center Contact: [email protected] -Blood Draw verification and printing -100 iPod Touch(s) in Single App Mode = Mange with MDM -Enterprise App -App Update 1 month post deployment Planning Overview: -iOS Focus More iOS limitations in management vs. Android ! -How to plan ! -Examples of Where MDMs Leave Oﬀ ! -Q&A How to plan? ! MDM Vendors: ! - MDM comparison wiki. ! ! ! -Gartner Magic Quadrant for Mobile ! Device Management Software. 30 Days to Plan: -Most MDMs oﬀer $0 down 30-day trial. -Dig around. -Start planing for the limitations. -Build policies & test. ! -OSX Server $19 = basic MDM ! -Apple Configurator $0 = build profiles Profiles for AirWatch ! ! ! Planning Example 1: Tracking a device Tracking a device Planning: -No network connection; no tracking. -No MDM agent app; no tracking. -No Location Services; no tracking. -MDMs ≠ physical security tool. -They do help enforce software security in the event of theft. -Find My iPhone Limitations. Example 2: Apple’s Device Enrollment Program Apple’s Device Enrollment Program Planning: -Need to apply for access. -Only works with devices purchased from Apple. -iPhones or iPads from carriers; no. -MDM needs to support it. -For devices in use, device needs to be wiped to enroll. -Only devices < 4 years. Apple’s Device Enrollment Program https://developer.apple.com/videos/wwdc/2014/#702 Example 2: Remote Control on iOS Remote Control on iOS Remote Control on iOS Planning: -Does not exist. -Bomgar is the only solution that comes close with a screenshot sharing app. ! -Android does have Remote Control tools, but there are know exploits of them. Example 4: Remote Wipe Remote Wipe Planning: -Enterprise Wipe (BYOD) -Full Device Wipe (Corporate Device) Planning Takeaways: ! -Try it out. ! -While you try, plan. ! -Think about all scenarios. -Shared models, guest models, loaners, special projects, groups, VIPs, BYOD… ! ! Q&A Speaker: Marc Grayson Aﬃliation: Montefiore IT Contact: [email protected]