Mobile Device Management

idleheadedceleryMobile - Wireless

Dec 10, 2013 (3 years and 7 months ago)

70 views

Medical University of South Carolina

Office of the CIO


Information Services

Endpoint Security Team

Mobile Device Management


March 8, 2012

App Explosion

Device Proliferation

$

Healthcare provider
adoption soars

Mobility
Coming
of
Age at MUSC

2010



Gotta Have It!”

1,600 Mobile Devices at MUSC


690
are iPhone,
Android or Windows
Mobile

900
are Blackberry



How do we manage

all these devices?

2011

“That’s Cool!”

4
,
800 Mobile Devices at MUSC


4,100
are iPhone, Android or Windows Mobile

700
are Blackberry



How do we protect our
data and network?

2012

“That’s Productive”

7,300 Mobile Devices at MUSC


7,000 are
iPhone, Android or Windows Mobile

300
are Blackberry



How can we transform
healthcare?

Mobile Device Management

Office of the CIO


Information Services

Endpoint Security Team

o

What Mobile Device Management can
do for MUSC



Force devices to always use a password lock


Force devices to automatically lock after a defined period of inactivity to facilitate native encryption


Forcefully lock and/or unlock a device


Locate a device and display its location on a map


Force the display of a predefined alert message on the screen such as “If found please call…”


Provide real time usage information and statistics


Assist communications in provisioning new devices by pushing common settings such as Exchange,
WLAN and VPN


Mobile Device Management

Office of the CIO


Information Services

Endpoint Security Team

Zenprise

and
MobileIron

rank first and third,

respectively, in the latest Gartner MDM product ratings.













*Mobile Active Defense was not evaluated due to its lack of support for
Blackberry and its high cost.


Mobile Device Management

Office of the CIO


Information Services

Endpoint Security Team

Functionality

Zenprise

Passcode lock

requirement

Yes

Ability to push

exchange email credentials to
mobile devices.

Yes

Android requires 3
rd

party email app


Ability to push

MUSC Secure wireless settings
to mobile devices

Yes

Ability to push MUSC VPN settings to mobile

devices

Yes


Self Service Portal

Yes

Ability

to locate a device

Yes

Ability

to lock, unlock, wipe, selective wipe
devices

Yes

Encryption


Email, contacts,

calendar

Android:
Requires 3
rd

party app at $11 per device.


Mobile Device Management

Office of the CIO


Information Services

Endpoint Security Team



What Mobile Device Management
cannot

do for MUSC




Enforce full device encryption:



On iPhone/iPad devices, email/contacts/calendar are encrypted when the device is locked,

but each application developer has to specifically add code in order for the application data to

be encrypted




On Android
devices
email/contacts/calendar are encrypted when the device is locked but only

if a third party product (Touchdown) is installed. Touchdown costs $11 per device.



D
eploy Exchange settings to Android without Touchdown



Remove applications which were installed by the end user


Forcefully prevent (blacklist) applications from being installed. MDM can alert
administrators when an undesired application has been installed

Mobile Device Management

Office of the CIO


Information Services

Endpoint Security Team



How to Enroll:
iOS

Method 1: From App Store

Method 2: From Link

1. Users
go to
mobile.musc.org
/step1.


They click a link to download the
Zenprise

app
.


2. Users go to
mobile.musc.org
/step2.


They click a link that launches the app and pre
-
populates the server URL
.


3. User enters their username and password.

Mobile Device Management

Office of the CIO


Information Services

Endpoint Security Team



How to Enroll:
iOS

Method 1: From App Store

Method 2: From Link

1. Users
go to
mobile.musc.org
/step1.


They click a link to download the
Zenprise

app
.


2. Users go to
mobile.musc.org
/step2.


They click a link that launches the app and pre
-
populates the server URL
.


3. User enters their username and password.

Mobile Device Management

Office of the CIO


Information Services

Endpoint Security Team

Plan of Action


Phase 1: 250 Device Pilot


This will include all of OCIO. We will be beginning rollout of this pilot within a few days.


This will also include a group of physicians hand picked by Dr. Bob Warren.



Phase 2: Number to be determined


We will be asking for volunteers from the IT community to test
Zenprise

MDM.



Phase 3: We will be requiring anyone who connects to exchange to install
Zenprise

MDM.