Windows Phone 8 Enterprise ready?

Now that Microsoft has released Windows 8 on all different platforms (Desktops/Notebooks, Tablets and Phones) it's time to see if Windows Phone 8 is ready to be used in an Enterprise environment.

First of all I have to say I like the similarity of the interfaces across all platforms on Windows 8. Also the integration of your Microsoft Account across the platforms gives you a feeling you're working on one interface across all devices. This is the mean reason I always claimed that Apple iOS is the most enterprise ready OS for mobile devices in a Enterprise environment. So does this mean Apple has a real competitor now? I don't think so at this moment. I have to say Windows Phone 8 could be a real competitor but their not yet.... at this moment, but why?

Because of the company's policy Microsoft doesn't release many API's of their OS. We also saw this in Windows Phone 7. For this reason many Mobile Device Management (MDM) vendors can't develop and produce policy settings and features for their MDM solution. For example AirWatch. So, what policy set's are avaible for Windows Phone 8 in AirWatch?

  • Passcode
  • Email
  • Restrictions
  • Credentials
  • Exchange ActiveSync

Let's compare this with the posibilities on iOS with AirWatch.

  • Passcode
  • Wi-Fi settings
  • Email
  • LDAP
  • Single App mode
  • Restrictions
  • VPN
  • Exchange ActiveSync
  • and more... (see picture below)

Passcode

When we look deeper into the available policy's of Windows Phone 8 in the AirWatch console we can see a big difference in the possibilities and completeness of these policies. For example we want to require the device owner to set a passcode so that no one else can access the device. I think most companies will set this as a requirement. But what if the device owner forgets his passcode (we all know this happens often in a Enterprise). Unfortunately in AirWatch their is no way to remove the passcode on a Windows Phone 8 device. So you will have to "wipe" the device. (luckily) this option is available through the AirWatch console.

Security

In a Enterprise we are continuously trying to protect are sensitive data. Now that employees not only access their data on a company Desktop/Notebook in their office or at home but also on a smart device which travels with them all over the planet we want some kind of protection when the device is lost or stolen. Windows Phone 8 (but also Windows 7 and 8) have a solution for this, Bitlocker! Be aware, Bitlocker is not enabled on default! you have to configure this on your Exchange server with a Exchange ActiveSync policy. Their is no way to enable or disable it on the device itself. Therefore on default you will see the device isn't encrypted on most MDM consoles.

For more information about Windows Phone 8 and Security see: http://www.windowsphone.com/en-us/business/security

Find my Phone (Self Service Webpage)

A nice feature of Windows Phone 8 (but not entirely new) is the Self Service Webpage or "find my Phone" option. The only thing you have to do is to log in with your Microsoft account and your Windows Phone is automatically added to your account. From this page you can track and trace your device, let it ring, lock it and even wipe it yourself. Unfortunately non of these options are available trough the AirWatch console. 

Windows Phone 8 interface

As I mentioned before I like that the Windows 8 interface is the same on alle platforms (Desktop/Notebook, Tablet and Phone) unlike Google's Android interface look is on different on most devices (HTC, Samsung, etc) Windows has just one interface. This can be a great advantage of the Windows 8 adoption in Enterprises. Users will always have the same "look and feel" regardless on wich device their working on.

Office on Windows Phone 8

The ability to use the mobile device as a "fat" client to view or edit your Office documents is a real added value on Windows Phone 8. Because Office is a standard feature of Windows Phone 8 you can easily access your Word, Excel and PowerPoint documents on your Windows Phone. The documents can be opened and saved from local storage or even from the cloud (SkyDrive or Email).

  • wp_ss_20130421_0001 Custom
  • wp_ss_20130421_0005 Custom
  • wp_ss_20130421_0006 Custom
  • wp_ss_20130421_0007 Custom
  • wp_ss_20130421_0008 Custom

Overall conslusion

My conslusion is that Windows Phone 8 it not yet ready to be used in a Enterprise enviroment. Although Microsoft has set a step in the right direction they are not their yet. I believe Windows Phone 8 in combination with other Windows 8 devices is going to be a good challanger for Apple's iOS in the Enterprises. My tip for Microsoft would be to start sharing API's with the MDM vendors so they can start to develop policies and security settings for Windows 8 devices. Windows Phone 8 has a nice interface and a good feature with a full worthy Office client on board. But is incomplete with the management options of these devices by IT administrators. Therefor a great security risk and time spending job for Enterprises. The only way to manage your Windows devices properly it to buy the Microsoft solution "System Center Configuration Manager" (SCCM). you can find more about that here: http://www.microsoft.com/en-us/server-cloud/system-center/configuration-manager-2012.aspx.

Thank you for reading this blog. Do you have any questions or comments on this article. Please feel free to let me know trough the contact form.

 

  • wp_ss_20130421_0001 Custom
  • wp_ss_20130421_0002 Custom
  • wp_ss_20130421_0004 Custom

Helpfull Windows Phone 8 links:

Windows Phone 8 How-to : http://www.windowsphone.com/en-us/how-to/wp8

Features: http://www.windowsphone.com/en-us/features

Phones: http://www.windowsphone.com/en-us/phones

News: http://www.windowsphone.com/en-us/news

App's and Games: http://www.windowsphone.com/en-us/store

 

 

Why AirWatch as a MDM solution?

Since recently I’ve been working with the AirWatch solution for Mobile Device Management for our fleet of smartphones (Android, iOS, Blackberry and Windows Phone) and I have to say AirWatch has a great set of tools to manage this fleet of different devices. They are almost the only one with even a procedure of enrollment that doesn’t require the owner of the device to download a client. The IT administrator set’s up an account for the device owner, gives the owner the permission to enroll the device and the only thing the device owner has to do is to click on a link the IT administrator sends him (automatically) by e-mail or sms (by using a SMS Gateway from CellTrust). How cool is that?!

AirWatch doens’t only allow you to manage your devices. No, they also got a great solution for your own Enterprise App store (Application Management) and for secure document sharing (Content Management).

I think AirWatch is a fantastic solution for your enterprise mobile devices. For more detailed information about AirWatch see this link.

 

Mobile platforms and AirWatch presentation for partners

Soon I will write a article on my blog about the choice for mobile platforms in enterprises and what my choice and advice would be. So come back soon to check that blog!

Here are some photo’s from my presentation:

For my short opinion about AirWatch see this link.

Mobile Devices in Enterprises

The last six months I have been working on a view and opinion about the upcoming trend on “Bring your own/ Choose your own device” (BYOD/CYOD) in Enterprises and the associated mobile platforms.

Every IT admin knows what I am talking about. One day the head of the department walks in your office and says: “We’ve just ordered a bunch of iPads and some iPhones (or Galaxy tabs, HTC phones etc). Make sure the device owners can use these devices within our company infrastructure and that they can use email/agenda and can log into our environment (Citrix Xenapp, VMware View, Terminal services). Oh, and one more thing. We expected everything to be secure and to be managed by the IT department”.

Well you think thats going to be a big challenge. And your (a bit) right. First things first. What to do about BYOD and CYOD? I think it’s simple. Forget about BYOD. It’s unpossible to manage all kinds of devices/platforms and the different versions of operating systems with all their diffirent API’s! Go for CYOD and let the employee/customer choose from a different set of devices. For example a budget model smartphone (HTC?), the Samsung Galaxy SII/III, Galaxy tab and the so popular iPhone (4/s4) and iPad. Why? Now you know wich devices to support you can move further on looking for a solution to manage/support and enroll these devices.

I have looked at some different Mobile Device Management (MDM) solutions and talked to a lot of MDM sales executives. They all claim the same: “We can manage all platforms!”. Yeah, sure you can! But can you manage all the platforms the same way and can you enroll en support them with the same ammount of policy sets? Then their answer is quick and clear. No we can’t. Then they say: “Our most comprehensive set of policies and support is for iOS”. Why? iOS (Apple) is the most “full-grown” smartphone supplier that has a clear vision on developing their OS (a give the MDM developers enough API’s to develope policies set’s) for use within enterprises.

So what is really the difference on choosing the platform for the IT admin?

What is the most important on the mobile devices in enterprises? Yes, it’s the email and agenda isn’t it? How can we make sure the device owners don’t have to set up the (for example) Exchange account thereselfs or the IT admin has to do it for them? We buy a MDM solution that provides in this and we enroll the device with a policy wich include our mail server settings. To do this the IT admin has to configure the policy template. And here is the actual difference. For example: for the Android devices you can’t create one template! Why? There are so much different Android device platforms and versions of the OS (Samsung, HTC etc) and all with their own email and agenda client. That’s why the MDM developers use Nitrodesk Touchdown client (wich cost you $19,99 per client!). By using Nitrodesk you can create one mail/agenda policy template. But what about the device users? Yes, this was not all. The device user has now 2 mail/agenda clients. Ofcourse the standard client wich came with the OS and the Nitrodesk touchdown client you (push) with your MDM solution. This all doesn’t make the usage of the device and the app’s that clear to your (not so IT minded) employees. And this was only about the email and agenda issue. Not to get even started on the different policy possibilities between the different platforms. You can look into that by reviewing this PDF (Policy set’s with AirWatch MDM).

Now that we talked a little bit on the Android way to provide your employees with company email and agenda let’s now talk about the Apple iOS way to do this (I don’t discuss Blackberry, Sybian or Windows Phone in this article. I hope you know why…). With an iOS device you can really quick set up a policy template. The advantage of an iPhone or iPad is that they all, and then a mean really all devices regardless wich type or platform, they all use the same client! So you don’t have to go and buy a license or so for a third party mail/agenda app. Also the IT Admin has only to create one template for all the iOS devices. What does this mean for the device users? The users of the devices can use their standard client wich (if you choose to do so) can use their private and company email and agenda. Ofcourse all of this with the standard device encryption that comes with your iOS device (wich Android doesn’t have).

Now, I wan’t to make clear to you, I don’t sell Apple products or have any shares of Apple. I just want to make clear to you if you are looking for a solution with mobile devices in your enterprise take my story in consideration.

Update #1: AirWatch does now support the standard email client for Samsung and HTC devices. So now you don’t longer need to buy the Touchdown client for these devices. However their is a big difference in the range of options for your mail config between Samsung and HTC. In the HTC profile you can only set your mailservers address. No options for sync period etc. With the Samsung profile you can! so that’s a big improvement.

Still I think there is a advantage of using iOS. For iOS you only have to configure one email profile for all your iOS devices regardless wich iOS version. For Android (when I want to support all devices) I still need to configure 3 profiles (one for Samsung, one for HTC (with his limited options) and one profile for all other iOS devices).

I hope you have enjoyed reading my article. I really appreciate your reaction on this post. Any comments are welcome!

Looking for a complete and reliable MDM solution? Look into the AirWatch solution! trust me, it’s worth it!