Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

TechEd crystalizes Microsoft's BYOD management strategy

Joab Jackson | June 10, 2013
Microsoft's TechEd North America conference, which was held this week in New Orleans, provided a first glimpse of the architecture that Microsoft shops should use to manage employee personal devices for work duties, an emerging IT trend called bring your own device (BYOD).

 "We did go through a little bit of a shift" with Intune, Conway admitted. Currently, about 35,000 organizations use Intune. Microsoft chose to use Intune because it predicts that most employees would connect their devices to work resources through the Internet, rather than through the company's internal network, Conway said. In Configuration Manager, Intune shows up as "just another site server in your infrastructure," Conway said.

Anticipating this shift in usage, Microsoft in December changed the pricing of Intune from a per-device model to a per-user mode, understanding that people often have more than one device. Each employee can register up to five devices through the service.

 In a nutshell, an organization can subscribe to the Intune service and it will provide a console for the organization's copy of System Center Configuration Manager. Configuration Manager is used to update and manage applications and operating systems across a corporate network. It also allows administrators to set management policies for devices, such as the required length of passwords.

Configuration Manager also comes with a user portal, which will allow employees to easily find and download applications that they would need for their jobs. The portal customizes itself to show only those apps that can run on the type of device that is being used -- iOS users would only see iPhone and iPad apps, for instance. Apps can be made available both from the organization itself, as well as from app stores for the platform. The portal also provides buttons for users to expunge all the corporate data and apps.

To prepare to manage these devices, the organization would replicate online its Active Directory compendium of user accounts and devices using Microsoft Online Directory Services (MSODS). Then, the devices themselves would connect to Intune and register, using the same employee log-in credentials that have been assigned to gain entry to corporate networks. Organizations would also need to get digital certificates for each device being registered. Apple provides this service, and Microsoft relies on certificates from Verisign.

Microsoft has even tried this approach in-house. Late last year, the company set up mobile device support for 98,000 employees and 80,000 contractors, according to a technical session at TechEd given by Microsoft engineers Arun Ramakrishnan and Marc Hurley. The engineers expect that over time, more than 125,000 of these workers will register their own personal mobile devices.

The vast majority of these devices were either Windows Phones or Windows RT devices, though a few Microsoft employees and contractors confessed to using Apple iOS devices. They didn't build in support for Android devices because very few Microsoft workers admitted to using them, at least for work purposes.


Previous Page  1  2 

Sign up for CIO Asia eNewsletters.