Live: MobileIron LIVE! 2018

Main highlights:

• Big push on Mac management and a general shift towards UEM
• Given the big presence of Google, I’d say they’re taking Android enterprise very seriously too!
• Access, Authenticator and identity management
• MTD and their previously announced partnership with Zimperium was mentioned a lot
• Orbitera actually looks pretty awesome. Will really help with ecosystem integration (but cloud only…)

Read on for post-by-post updates!

Made it!

First stop - Android ( )

“There are 400 devices capable of running Android enterprise in the market today, 68% of business shipments will support it”

Talking about the benefits of corp-liable (work-related managed) deployment scenarios.

Loads of that covered in my existing documentation - bytn.uk/android

I think the main focus of the Android enterprise piece offered by MobileIron is the managed work profiles. No other EMM on the market supports that today which gives MI a good advantage.

Managed work profiles has been covered off here: bytn.uk/mi-mwp

Can’t fault a zero-touch demo though

The lighting in this event is abysmal. Not sure how useful these photos will be later…

Visiting the identity management booth!
Talking about SAML with & without MI access

Access sits between the IDP and SP as a means of ensuring only managed devices gain access to the service.

Without access SAML can of course be used, but you lose the checks to determine if the device in question is authorised to log in.

Windows hello for business integration!

Passwordless authentication using certificates. Supports cloud, on-prem and hybrid deployments

It uses 2fa to permit authentication

That’s

• PIN
• Fingerprint
• Facial recognition
• Trusted signal

Back from lunch, tuning into the keynote now. A brief history of Android enterprise

“From later this year every app submitted to Play must use runtime permissions”

Here’s a good opportunity to read up on the Android enterprise Summit live-blog as there’s a lot of crossover here …

Oh! Pre Oreo devices will be getting per-source confirmation when trying to install apps from unknown sources. This will be pushed in a Play Services update.

Nice!

Walter Ji of Huawei coming onstage to talk about device innovation

Cheeky mention of zero-touch there. Hopefully the new devices support it properly…

Mr. Sonkin comes to the stage! Hello, HMD.

70 million devices sold in the first year. 600 employees globally. Blimey.

“30 day secure patching and we haven’t missed a single one”

Just in case you were wondering, their lineup:

ALL of these support zero-touch.

Some of these aren’t AndroidOne. When the next hardware revisions launch they will also be AO.

This has turned into a Nokia advertisement!

Talking Mac management

• Mac’s are becoming the approved choice for device lists.
• Mac TCO is lower than traditional PC
• Mac management is a requirement for organisations today, particularly for GDPR

End to end Mac management, including DEP!

Seems to be a big push on Mac management this year.

Lots of talk about script management too with details in the Mac corner on MI community.

And now moving on to DEP and zero-touch

I’m guessing most will know about DEP/VPP and ZT by now, but if not, here’s a refresher:

I’m looking forward to Apple business manager support. It will be very much welcomed I think. It’s taken far too long for Apple to merge these two portals.

After checking out a few more sessions, that’s a wrap for today!

Hey Jason,

Is there a link from android developers ? Can you explain it a little bit more please ?

Good morning day 2!

No links at present, but it’s essentially replicating what we see in Oreo today - if you try to install an APK from Chrome you get a prompt to trust the source on an individual basis… I don’t know how it’ll work with the wider rollout but details will follow #soon

15 mins before we kick off!

John Morgan takes the stage!

Discussing the shift from MDM to EMM to UEM

Key value propositions

• Protect data at the endpoint
• Control where data is going
• Focus on enabling productivity

Key usecases

Very cool to hear they’re excited about Android P. Looks like we might be seeing a bit of focus on COSU

Strong growth in Android

Growth in Mac too!

Managing Windows 10

Since SCCM is still a fundamental IT tool there’s more work to be done to get orgs migrating to modern management.

Modern work brings with it high velocity productivity.

Orgs not embracing this way of working aren’t competitive. Much greater attack surface comes with it though.

Mobile threats are everywhere.

Upselling MobileIron Threat Defense

• Integrated into the agent
• Instant activation and visibility
• On-device mitigation

And pivoting over to Access

Talking about the issues with passwords, why they’re not secure… access works towards that, and with it they (re?)introduce authenticator

To be fair, authenticator is super slick

“If you’re coming from a managed device, should the user be asked for a password? No!”

A nice overview of the tools available/integrated with MI for delivering a great app experience:

Access and office365

With MTD

And summarising the MI suite of services

Intro over … heading up to the whisper suite shortly to get some insight on the Google Cloud/MobileIron piece.

Orbitera, something I really didn’t understand the usecase for until today, actually looks pretty powerful.

Imagine you want Box for your org. Buy it through orbitera and it’ll hook into MobileIron for SSO authentication and license management, push out the box app to users and allow them to log in using their existing accounts. All automatically.

MobileIron will create the accounts dynamically as licenses are assigned to users and there is no need to manage the solution via the box admin console.

Pretty slick!

Checking out the HMD session

“We don’t separate our devices into enterprise and non-enterprise” - all devices are treated equally and given the fastest updates possible.

I wish more EMMs were as transparent with patches. Very easy to verify if the device has a patch pending for it… as well as validating devices are patched regularly.

Now Andrej is talking about Android enterprise deployment scenarios. You can read more about that here: bytn.uk/ae

Of course Android Enterprise Recommended is being talked about…

HMD support 2 letter upgrades

We’ll be seeing Q on the 2018 lineup based on that statement!

That’s pretty impressive

Because Nokia devices are so bloat-free, consistent and always up to date, they believe the support overhead in enterprise is lower than other OEMs.

I’d agree!

With permission, Andrej’s contact details for more information about Nokia devices in the enterprise:

And lunch!

And back!

Ojas talking about choice computing

I ended up getting caught up in meetings so missed a session or two, but back in time for the final keynote!

That’s a wrap! Thanks for tuning in