Windows for the Enterprise 3 rd party MDM

Windows for the Enterprise 3 rd party MDM Enterprise grade security with common core and security architecture

Y T I R U SEC O T E R O C E H T M O FR D U O L THE C

Windows 8. 1 Update Internet Explorer Compatibility Refined user experience Support for low cost & the latest hardware Extended Mobile Device Management Easier deployment

• Mobile Device Management (MDM) • Configuration management • Certificate management • Application management • Secure Access • S/MIME

Enrollmen t Unenrollment Policies Profiles Certificates Asset Inventory & Assistance App Mgmt

Enrollmen t Unenrollment Policies Profiles Certificates Asset Inventory & Assistance App Mgmt

WAB hosted web page next

Enrollmen t Unenrollment Policies Profiles Certificates Asset Inventory & Assistance App Mgmt

Windows Phone 8 Simple password Alphanumeric password Minimum password length Minimum password complex characters Password expiration Password history Device wipe threshold Inactivity timeout Device encryption Disable removable storage card Remote device wipe (pull) Remote update of installed LOB apps Remote or local un-enroll Windows Phone 8. 1 additions Disable Camera Disable Bluetooth Disable Wi-Fi Disable telemetry data submission Disable Location Disable NFC Disable Microsoft Account Disable roaming between Windows devices Disable custom email accounts Disable screen capture Disable copy & paste functionality Disable sharing and saving of Office Documents Disable MDM un-enrollment Remote device wipe push Enterprise wipe …and there are more policies

Device encryption based on Bit. Locker technology for internal storage (policy) Disable storage card (policy)

MDM or manual import of certificates authentication API for apps to use certs Advanced cert management

Wi-Fi policies Disable Internet Sharing over Wi-Fi Disable Wi-Fi Off loading Disable Manual Configuration of Wi-Fi Profiles Disable Wi-Fi Hotspot reporting

VPN policies Disable VPN when Roaming over Cellular Disable VPN over Cellular

Policy support from Exchange Server 2007 SP 2

Windows Phone 8. 1 additions Simple password Alphanumeric password Minimum password length Minimum password complex characters Password expiration Password history Device wipe threshold Inactivity timeout Device encryption Remote device wipe Block email attachments (EAS 14. 0+) Disable removable storage card Include past email items (duration) Include past calendar items (duration) Email body truncation size HTML email body truncation size Require signed S/MIME messages Require encrypted S/MIME messages Require signed S/MIME algorithm Require encrypted S/MIME algorithm Allow S/MIME encrypted algorithm negotiation Allow S/MIME Soft. Certs EAS protocol version support: 2. 5, 12. 0, 12. 1, 14. 0, 14. 1, 14. 2

Enrollmen t Unenrollment Policies profiles certificates Asset Inventory & assistance App Mgmt

MDM integrated (private) app distribution App management policies Disable Microsoft Store Disable development unlock (side loading) Disable Internet Explorer

Restrict UX using Allow List Applications Settings Notifications Search button re-map Reinforce Brand Identity Start Layout Lockscreen Background Custom Theme

Enrollmen t Unenrollment Policies Profiles Certificates Asset Inventory & Assistance App Mgmt

Windows Phone 8. 1 additions Server configured policy values Query installed enterprise app Device name Device ID OS platform type Firmware version OS version Device local time Processor type Device model Device manufacturer Device processor architecture Device language Phone number Roaming status IMEI & IMSI Wi-Fi IP address Wi-Fi MAC address Wi-Fi DNS suffix and subnet mask Remote lock Remote password (PIN) reset Remote ring Wi-Fi

Enrollmen t Unenrollment Policies Profiles Certificates Asset Inventory & Assistance App Mgmt

Un-enrollment policies Disable mdm un-enrollment Disable software and hardware factory reset

Manual or server-initiated unenrollment Remove: LOB apps, email, policies, profiles, certs, Office Documents Unenrollment Intune and 3 rd party MDM Flexible Enrollment using WAB Enrollment Policies Profiles Certificates Asset Inventory & Assistance Full Wipe Lock PIN reset & ring Enhanced inventory App Mgmt Install, update, remove LOB apps Store disable MDM Push MDM/EAS policies Email accounts Root/CA certificates MDM app/company portal Wi-Fi & VPN profiles Client Auth Certs

Window Phone 8. 1 Policy Summary MDM EAS Policy Summary Continued MDM Simple or Alphanumeric password X X Disable custom email accounts X Minimum password length X X Disable screen capture X Minimum password complex characters X X Disable copy & paste functionality X Password expiration X X Disable sharing and saving of Office Documents X Password history X X App Allow / Deny list X Device wipe threshold X X Disable Microsoft Store X Inactivity timeout X X Disable development unlock (side loading) X Device encryption X X Disable Internet Sharing over Wi-Fi X Disable removable storage card X X Disable Wi-Fi Off loading X Disable desktop sync over USB X X Disable Manual Configuration of Wi-Fi Profiles X Disable Internet Explorer X X Disable Wi-Fi Hotspot reporting X Disable Wi-Fi X X Disable VPN when Roaming over Cellular X Disable Camera X X Disable VPN over Cellular X Disable Bluetooth X X Disable mdm un-enrollment X Disable telemetry data submission X Disable software and hardware factory reset X Disable Location X Disable Wi-Fi credential sharing X Disable NFC X Lock screen notification controls X Disable Microsoft Account X Enforce Safe Search X Disable roaming btw Windows devices X Disallow Search to use location X Enable start screen lock down X Disable data roaming X

NOKIA LUMIA 620 NOKIA LUMIA 820 NOKIA LUMIA 925 NOKIA LUMIA 1320 NOKIA LUMIA 1020 NOKIA LUMIA 1520 NOKIA LUMIA 920 NOTE: Availability of particular products may vary by region and by service provider. NOKIA LUMIA 720 NOKIA LUMIA 625 NOKIA LUMIA 520

Next Steps Evaluate Windows Phone for your Business Applications Download the latest Windows developer tools & MDM protocol documentation Now is the time to start developing business apps for Windows

\BUILD http: //aka. ms/wpitpro