apple, google, innovation, microsoft, technology

unified endpoint management

today’s employees use at least two or more devices to do daily work on various os at different versions – it is time for a new class of tools – unified endpoint management (uem) combine the management of multiple endpoint types in a single console

evolution

from pc configuration lifecycle management (pcclm) via client management tools (cmt) to unified endpoint management (uem) – companies listed in the client management tools magic quadrant already transformed, other a overruled

content

emm

while enterprise mobility management (emm) is highly competitive and rapidly transforming — for instance, good technology, which was in gartner’s magic quadrant in 2015, was acquired by blackberry, airwatch was acquired by vmware in 2014 – emm contains of:

  • mobile device management (mdm)
  • mobile application management (mam)
  • mobile identity (mi)
  • mobile content management (mcm)

uem combine cmt + emm + iot

benefit

  1. reduce it management cost – a single tool
  2. improved security – get the best of both
  3. better insights – reporting
  4. prepared – enterprise of things

gartner

magic quadrant reports the ability to execute and completeness of vision for vendors – read full report here

Magic Quadrant for Unified Endpoint Management Tools

tco

according to gartner research, the annual tco of a fully managed smartphone using emm is almost
80% lower than the annual tco of a fully managed desktop using cmt

@mobileiron

technology

everything you need to know about malware and how to protect

 

rootkit, control your device and get your data – mining-software, steal your power to mine crypto currency – trojan, install other malware, to send spam from your device or steal information like passwords

 

only 14% of businesses have implemented even the most basic cybersecurity practices

 

 

the signs are clear that mobile threats can no longer be ignored

 

 

a combination of vulnerability management, anomaly detection, behavioral profiling, intrusion prevention and transport security technologies to protect mobile devices and applications from advanced threats

 

 

innovation, technology

multi-factor authentication

most used passwords still “12345” and “password”, keep you private data as save as enterpises

secure authentification needs to be smart

smssim

short message service is the most convinat second factor, but sms is insecure and can be intercepted – major us carriers working together on next-gen ‘mobile authentication platform’ to replace weak sms system

mobile id

is a more secure service, based on certificates and secured with a seperat pin – special sim needs to be provided form the carrier @mobileid

id cardLogo_nPA

electronic id function of the german passport to secure authenticate at public services, insurances or banks – registred to you secured with a pin – you need a card reader or app @personalausweisportal

oath

is an open standard that allow strong authentication of all users on all devices – no need to send or her intercepted with man in the middle (mitm) attack, code ist calculated in an app – get code right at your smartwatch or backup you accounts with andotp

update: since ios12 and macos 10.14 it is possible to configure oauth in exchange payload via emm, read detailed at: apple’s configuration profile reference

pointsharp

d2ff31ae74196b94cdbdf4dd812ea5bb.png

provides secure login with multi-factor authentication to enterprise alliances or cloud services – use pointsharp passwort for mobile services, instead of windows accounts – login with scratch cards, hardware token smartwatch, biometrics or one-time pin

fido

71G5MIq2OPL._SL1500_
review here

an alliance to provide passwordless experience and a secure second factor – a hardware device ensure the trust of identity @fidoalliance.org

microsoft announced “password-less sign-in to windows 10 & azure ad using fido2” @blog.microsoft

cloud

casb (cloud access security broker) check access based on security policy infront a a cloud service

iam (identity access management) manage user identities centralised, provide role-based access

emm alone can’t prevent users from accessing cloud services via unmanaged apps or browsers. neither iam nor casb have the visibility or ability to allow or deny access to a cloud service based on the state of the mobile device or application. @mobileiron

access.png

arrow be safe – review here for list of websites and whether or not they support 2fa

no excuses anymore

technology

everything just cloud

from bad weather to increase productivity – pamphlet for the cloud

  • flexibility – easy to setup, scalable according to your requirements, highavailable
  • technology – hosted private or public, a mix of both as hybrid or as community cloud
  • security – encryption, access control, access rights, identity management

a service could be as secure or reliable as possible – it is all about trust

pictured from faz

cloud access security broker (casb) is state ot the art technology to utilize security where trust is missing, e.g. mobileiron access ensure secure access of trusted devices from mobile to cloud services

mobileIron access