Our Mobile Blog

about mobile in business and technology

Apr
11

GDPR and EMM

When a company is obliged by the EU General Data Protection Regulation to take all required measures to protect sensitive data, the mobile component can not be neglected.

Following recent studies only 9% of the companies deploy an Enterprise Mobility Management platform (EMM) to manage and control their mobile devices, which means over 90% of the companies out there are currently not taking any measures to secure data on mobile devices.

However, deploying EMM just to secure data is fine, but it’s only a small part of its full potential – even stronger – when deploying it only for security reasons it is perceived very quickly as being expensive, unnecessary and counter-productive… just the opposite of the technology is trying to achieve.
Security is actually just a nice “extra” you get as a user AND as a company.

EMM plays in three domains:
– it makes life more easy for IT because it is a tool to manage hundreds and thousands of devices without touching the hardware
– it secures data and shields the private data from the device for the company, what is corporate remains corporate, private remains private
– it provides the employee a brilliant user experience by automating difficult tasks, provides mobile access to internal resources, specific business apps, …

To make a long story short, EMM is the tool every company should deploy to meet the regulatory requirements for data protection, but the whole point of EMM is to enable your employees with better and more efficient tools, not to limit their experience.
EMM should enrich the employee experience, it should make their professional life better, more efficient.

EMM is about business transformation, an enabling platform to deploy mobile apps, provide access to internal content, … and also to meet todays security requirements!

On June 6th we are organizing an event with subject matter experts to dive into the GDPR link with mobile, because it’s important, but also to illustrate it should not be the final goal – it’s only the beginning of a business transformation where the employee experience plays a central role.

 


Mar
15

Berlin 31st of May

Join us on May 31st in Berlin for a deep dive into mobile technology.

Not often we have the chance to bring Mobileiron engineers and the IT staff of our customers together, this is it!

After several years, the US only event comes to Europe and lands in Berlin on June 1st and 2nd.
But since we want to promote the local networking and as a little thank you, we’re organising a traditional German dinner on May 31st.

Check the registration page for practicalities and don’t hesitate to register asap so you can benefit from the discounted rate.


Jan
10

Enrolling devices should take 0-effort

2017, a new year and new mobile aspirations!

In this first post of the year I would like to share some thoughts on the enrollment of devices.
This is the first action your employees take when they sign up for the mobile IT program to get mail, intranet, apps … and most of the time it’s not the best experience – time to change that.

Our objective for 2017 is to make the enrollment or activation of the mobile devices a 0-effort, easy and fail-safe!

How are we going to do that? By taking a very close look how consumer smartphones are sold today…
Think about how you installed a new PC a few years ago, after plugging in the hardware and figuring out what connector goes where, you booted the system and it asked for OS installation disks… It was a nightmare for most consumers and only the IT savvy few got their system to work – others called in help.
Imagine if Apple or Samsung shipped their smartphones and tablets with the message “please assemble, boot, insert an OS and good luck!”. The user experience but fail all the way and the volumes these companies have set in their targets would never be met.
So how do they achieve a better user experience ?
The way they approach the device activation is to minimise the user intervention – what can be preloaded on the device will be preloaded and settings we already know (or can derive from others) will be set.
It sounds all very simple, and the result is, the preparation is however a complex and labor intensive job.

When we take the next step and use these very same devices for our business, most of us aren’t performing all that well.
We ask our users to enter URL’s, download apps, set their username/password in multiple fields, … and every action we ask from them opens a new opportunity for a failed registration.
The further our users move in the registration process the more complex issues occur and the more expensive support becomes.

enrollment-effort-mobco-state-of-mobile-extract-c2017

In the above schematic I have visualised 3 important phases in the device lifecycle, you would only expect the middle ‘run’ phase and final End-of-Life, but I have added a first one that comes BEFORE the unboxing of the device.
That’s right, before the employee removes the thin foil and switches on the device for the first time.

The green line indicates the effort device manufacturers are putting in when delivering new devices, that’s a lot before they actually ship the devices – and reduces over time to 0. They don’t care too much about the EOL of your consumer device.

Typically in business, the trend is reverse, we don’t think about the device until the moment it contains our information, and we see support increasing over time – we do worry about the EOL and full wipe of all enterprise data before the device is traded on a second hand market.
That’s the red line on the graph.

Our mission for 2017 is to put more effort in the configuration of the devices BEFORE these are unboxed.
The reason is simple: efforts BEFORE the activation are valid for all, efforts AFTER the activation are device-per-device support – we need this economy of scale to win.

With the Apple and Samsung Device Enrollment Program we have now the tools to do just that!
We can take control over the device during the activation and steer it towards our management server to ensure correct, easy and direct registration.
Yes, it takes more brain power to define the activation process, to technically describe every step of the registration process, configuration, apps, … but it does put the user experience on the next level.

Interested to learn how we can guarantee 100% success in device registration with 0-support efforts?
Curious how even the most non-tech people will be able to activate their smartphone for business without any assistance?

Contact us on info@mobco.be or join us on February 1st at Apple Belgium for a Master Class on their Enterprise Programs!


Dec
21

Warm Mobco Greetings!

Our Indian Summer running team at the Ekiden marathon.

Our Indian Summer running team at the Ekiden marathon.

This time of the year is a good moment to look back at all the initiatives we took in 2016 that go beyond IT and mobile business!

We decided in 2016 to focus on the Kom Op Tegen Kanker event. We sponsored Callebaut’s team and participated ourselves to the 1000 km bike event to raise money for the research against cancer and the aid to the patients.

Aside this major budget share, we also supported smaller local initiatives.
– To Walk Again foundation
– Ekiden marathon
… other smaller local initiatives

We believe in a quality and sustainable business, we focus on mobile technology and believe in organic growth, the better business we do, the harder we grow. But every year, we spend part of that budget to help others grow as well!

Season’s greetings,
The mobco team

 


Dec
06

Meet Bart!

Welcome Bart Van Den Bremt,bart-picture Project Manager Mobile IT!
At Mobco, our mission is to enable you to mobilize your business.
Your business mail, web, apps and documents on any device, anywhere, any time.

Welcome Bart! Let’s start with why Mobco?
I consider Mobco to be a family as well as a serious business. The values they uphold are completely aligned with my personal values.
Employee empowerment, freedom and responsibility go hand in hand with a good atmosphere and quality work.
I’m excited to be a part of this winning team that’s dedicated to deliver the best experience in their mobile journey!
How do you see your role as a Project Manager?
A project manager is a coördinator that builds bridges between all involved parties and ensure alignment.
Over the last 10 years I have build up a solid experience in handling various IT projects.
One of my biggest assets is the fact I have the mindset of a technical consultant, meaning I need to be sure “it will work” and answers the needs of the business.
This is also the reason why I get involved in the project in the very early stages, when the architecture is defined.
What are you passionate about, aside mobile ;-)?
In order of importance; my family and kids, good movies, ice-skating, travelling and a blue Mitsubishi Lancer Evo VII!
What can we expect from you in the coming weeks?
Managing all the new projects and to visit our customers to get to know them and their business. During that visit I will make an assessment of where they are today in their mobile journey and how we can assist them in their next steps.
Looking forward to mobilize the business!
You can reach Bart Van Den Bremt, Project Manager Mobile IT on info@mobco.be or via phone on +32 2 669 9500

Dec
06

EnterpriseFiles syncs content offline

0x0ss-85With the new release of EnterpriseFiles a new feature is available that was in high demand: offline documents!

Using standard configuration profiles pushed by the EMM server, the EnterpriseFiles app receives the instructions to download specific content locally.
This new feature allows your employee to access that content at all times, even when there is no data connectivity or access to the file server.

“Customers ask us to distribute emergency plans, but also how to ensure their sales people have the latest powerpoint presentations with them, with this new feature we have a simple tool to do just that!” says Ulrik Van Schepdael.
A simple yet powerful tool that allows the administrator to define what folders or files get synchronised to each device, the configuration can vary per user (using AD group membership or any other variable known by the EMM system).

Hint! Did you know you can create a webclip that links to a file or folder inside the EnterpriseFiles app?
Create a small icon for “Sales Presentations”, upload the icon to the user’s device and link it to the sales presentation folder in EnterpriseFiles. The user can now access the folder by simply tapping the homescreen icon, just as any other app!
You just created your own “Sales Presentations” app!

Let us know if you want to test-drive the app in combination with your per-app-VPN set-up!


Nov
14

Why the new Mobileiron release is big news !

With the latest 9.2 release of the Mobileiron CORE platform Windows 10 PC management, more iOS features and new Android for Work support bridge has been added!

Starting with the Windows 10 development: it means the Enterprise Mobility Platform is now upgraded with features that allow you to change Windows registry settings, deploy legacy W32 applications, GPO’s etc. It brings the same simplicity Mobileiron has developed for the mobile world to the PC world, one single dashboard and management for all
your end-user devices.
The way it works is simple and genius; a Mobileiron application called “Bridge” is being deployed to the Windows 10 computer, from that moment, it is that application that locally translates and executes the Enterprise Management specific tasks typically unavailable to traditional EMM systems.

New iOS features now available in the latest iOS releases are now included in the management capabilities, for enterprises the Cisco Fast Lane technology and the fact you can pre-define the default voice client are the most important ones.

Looking at Android for Work, this does represent a big step forward by making it possible to use Android for Work without a Gmail or joining  to a Google domain.
Combine this new feature with the fact that AfW comes by default on all new (current) Android versions, supports just any app and get updates straight from the Google source,… this means serious business for Android!

We believe that’s big news!

Details on the new Core v9.2. Release
OS Platform Enhancements
Android and Android for Work
  • Support for Android for Work Accounts
  • Display custom Terms of Service for Mobile@Work for Android registration
  • Support for Zebra silent install of apps
Samsung KNOX
  • Support KNOX Workspace as “Container-Only Mode”
  • Support for moving system apps into KNOX Workspace
  • Support custom APNs for Samsung devices
iOS
  • iOS 10 – Restriction for bluetooth
  • iOS 10 – WiFi – Cisco Fast Lane QoS marking
  • iOS 10 – WiFi – Captive bypass
  • iOS 10 – Set communication service rules audio for CardDAV, Exchange and LDAP
  • iOS 9.3 – Support for whitelist/blacklisting of apps
  • iOS 9.3 – Support for customizing Home screen Layout
  • iOS 9.3 – Support for Notifications customization for apps
  • iOS 9.3 – Support for sending customize message on Lock Screen
  • iOS – Option to auto update market/public Apps
  • iOS – Set wallpaper on lock screen and home screen
Windows 10
MobileIron Bridge
  • A brand new solution being introduced in Q416, MobileIron Bridge allows organizations to use the EMM-centric approach across all Windows 10 devices, including mobile devices and PCs/Desktops.  With Bridge, the IT organization now has the ability to secure and manage PCs in the same manner than they do mobile devices using EMM, and experience greater speed and efficiency and significant operational cost reduction when compared to using traditional PC management tools.
  • In short, for any organization that previously had any objections to using EMM to secure and manage PCs due to missing functionality, MobileIron Bridge effectively closes any pending gaps and addresses those objections.
Silent Installation of Windows Store Applications
  • Admins can now silently install Windows Store applications to AAD enrolled devices
Health Attestation for On-premises and Server 2016
  • Adding the ability to use either Cloud or On-premises DHA
Remote Reboot of Devices
  • Adding ability for admins to remotely reboot a device from the Core interface
Enhanced Device Details
  • Also admins can view if Windows defender is up and running and if the Virus definitions are up to date
Greater Usability:  Enhance the IT
  • A newly redesigned Apps@Work user experience that provides a more modern design and easier discovery of apps.
  • Enhanced delegated administration capabilities that provide better user segmentation when creating spaces using LDAP groups as the key space criteria.
Enhanced Scalability and Extensibility
  • Support for new certificate authority GlobalSign that gives our customers more options in securing and managing mobile devices.
  • Support for Blue Coat’s MDS service for iOS devices to provide network-based application controls, real-time threat analytics and encrypted communication.
  • Custom device attributes and variable substitution capabilities now offers tremendous flexibility in terms of how partners and customers can create custom attributes and substitute in those attributes as part of new configurations.  This enhances both efficiency and security.
Security
Enhancements
  • Support for enforcing more secure AppConnect passcode for users
  • Support for biometric authentication for AppConnect passcodes on Android
  • Support for encryption of sensitive information contained in Policies and Configurations exported from Core and imported into Core.
Cisco ISE (Identity Service Engine)
  • Support for API structure that corresponds to Cisco ISE v2 specifications
MobileIron Standalone Sentry v8.5.0

Audit log to Syslog — Standalone Sentry access log information
(device, user ID, resource, response) can now be sent to a syslog server.

DFS document updates — Docs@Work users can now upload and create documents on Distributed File System (DFS) servers.
This is enabled by default on Sentry.

Outbound Proxy support (MI Cloud & Access) — Administrators
can now enable an outbound proxy where a proxy exists between Sentry when registering to MobileIron Cloud or Access.

Support for iOS Tunnel split-tunneling — Administrators can enable split-tunneling for iOS Tunnel using MobileIron Access and Sentry.

UI for Ciphers/Protocols for EMM and Access  — Ability to
configure the ciphers and protocols needed for Sentry communication with MobileIron Core, MobileIron Cloud, or MobileIron Access admin portal.

Configurable password failed attempts — Administrators can configure the maximum number of failed password attempts and the time delay for retry.

Configurable password complexity requirements — Administrators can configure more complex password requirements,such as one or more special characters, one or more upper case letters, minimum password length, saving password history.

 


Oct
04

There is no flight mode for work!

We don’t think you should work all the time, but we do believe you should have the freedom to choose when and where you work. That’s also in flight, above the clouds…

In an article in the in-flight magazine of Brussels Airlines we describe the mobile journey of a typical enterprise, starting with the simple management of devices up to mobilization of all corporate information through apps.

The bottom line: even when there is no connectivity, the device should be smart enough to offer you the possibility to continue working, not only catching up on email, but also on documents you started editing on your computer just before you left for the airport.

When the ‘seatbelt’ sign lights up and your mobile device needs to be put in flight mode, the work can start!
You can read the article here.


Oct
03

iOS reading glasses and PDF

A lot of talk on the millennials and how the youngsters are glued to their smartphone, but let’s be honest, this isn’t actually a generation specific phenomena.
Something that really is linked to the age of the user is his or her sight… at a certain age those reading glasses are just inevitable. However, if you’re still struggling in your denial phase – as the writer of this post – there’s a fair chance you don’t have those glasses with you all the time, or maybe you don’t own a pair just yet.
For those people iOS 10 will come to the rescue: a triple hit on the home button of the iPhone will open an actual magnifying reading app.
It helps you with the small print in any light condition, no more excuses for not reading the instructions!
You can activate this function by going into settings, general, accessibility and there you will find the option.

Another interesting feature is the creation of PDF files from just any app on your mobile device.
The option is so well hidden I wasn’t even aware of the possibility until the moment I read about it on a forum.
The trick (of operation) goes as follows: you open the airprint dialogue and once you see the document on your screen, pinch that document – a PDF version will open up.
From there you can than open it in any app that supports the PDF format, like forward the PDF via email.

Maybe small, but certainly nice and handy features you can use when you upgrade(d) to iOS10!


Sep
20

The file server is not dead!

We will all, eventually, migrate all data to document management systems. However, most of us are still using file servers with (shared) folders and files.

The data in those folders needs to be available all the time, and with the increasing mobility needs of our workforce, this data also needs to be available just ‘anywhere’. Many cloud supporters will see this requirement as the reason to move everything to the cloud, but the ‘cloud’ will not fundamentally solve the issue of availability.

Why is that?

Because availability of data in an enterprise or public institution is not the only parameter we need to take into account, there’s also the confidentiality and integrity. Even stronger so, the fact a confidential or internal document remains intact and secure (so not ‘publicly available’) is more important than the availability on just any device.

This basically means that we should not see the mobility challenge as an opportunity to ‘move’ data to somewhere else to get rid of the problem – because it will not, it means that we need to address the mobility aspect itself – taking into account the security for our documents.

When today you have a file server everybody’s using, the road to mobile documents is a lot shorter than you might think.

It doesn’t require any big migration projects, new hardware …
With standard mobile management techniques we are able to mobilize that file server, make it accessible on any controlled device and without loosing control over the data that travels to that mobile device.

We can basically control that data better on a mobile device, than on a PC (unless you’ve blocked all websites and USB ports on that PC): we can ensure you 100% the documents will never end up in a private cloud storage or even forwarded via private mail to anyone.

Control and security is fine, but we also need to ensure the operational load goes down for the IT team, a challenge we gladly accept and where we have a successful track record. Mobile IT simplifies management, because it takes a positive approach: it enables functionalities on devices – taking into account security, this in contradiction with traditional management where only restrictive measures were possible to keep information secure.

Mobilizing your file server is indeed a simple action and it avoids endless document forwards and employee frustrations.

Our recent launch of Enterprise Files demonstrates how easy this can be: on your iPad, you open Word and browse directly on your enterprise file server to the document you want, at home, on the road, anywhere.

At Mobco, we believe the employee should be able to use just any device to his or her work, on just any location or network!