In both cases the main points include that systems are not for phone/tablets only, but can manage computers as well. They both also have support for existing management and monitoring infrastructures (like MS System Center Configuration Manager and Operations Manager, or IBM TIvoli) which are widely deployed in large infrastructures (and MS System Center being a de facto standard in virtualized NOCs using Hyper-V). The last link also shows that these companies are even getting ahead of BB in government certifications...
What is the advantage of using such software as opposed to using exchange in the mail app, exchanging docs through share point / one drive etc?
Exchange and Sharepoint do not really do anything to protect data on devices, and they really can't, as being accessible by many different means is what they are about. Yes, some basic settings like "encryption required" are there, and you can set password policies and initiate remote wipes (if the device is online), but there is not much more. (And in the case of Exchange the current state of affairs, with the 2013 edition, is still that you have to disable most policy support to enable any device, ironically including MS's own, to access anything, as there is no fully compliant mobile device or OS on the market.)
Products like GT, InTune, MaaS360 etc. address security at multiple levels: connectivity (e.g. enforce VPN tunnels), device health (OS and app updates, availability of virus scanners etc.), app availability (e.g. to block apps from installation that could reduce security, or to stop users from installing own apps altogether), separation of private and business data (and e.g. restrict remote wipes to business data), enforce sandboxing on OSs that don't, time bombing of business content, rights management (e.g. some emails can be read, but not forwarded), higher authentication security (one-time passwords, tokens, biometrics), replacing stock apps with apps that enforce own security and encryption (e.g. to avoid data and credentials from becoming accessible by means of jailbreaking/rooting)... There is an awful lot that needs to be addressed to make data safe.
Exchange and Sharepoint do not really do anything to protect data on devices, and they really can't, as being accessible by many different means is what they are about. Yes, some basic settings like "encryption required" are there, and you can set password policies and initiate remote wipes (if the device is online), but there is not much more. (And in the case of Exchange the current state of affairs, with the 2013 edition, is still that you have to disable most policy support to enable any device, ironically including MS's own, to access anything, as there is no fully compliant mobile device or OS on the market.)
Products like GT, InTune, MaaS360 etc. address security at multiple levels: connectivity (e.g. enforce VPN tunnels), device health (OS and app updates, availability of virus scanners etc.), app availability (e.g. to block apps from installation that could reduce security, or to stop users from installing own apps altogether), separation of private and business data (and e.g. restrict remote wipes to business data), enforce sandboxing on OSs that don't, time bombing of business content, rights management (e.g. some emails can be read, but not forwarded), higher authentication security (one-time passwords, tokens, biometrics), replacing stock apps with apps that enforce own security and encryption (e.g. to avoid data and credentials from becoming accessible by means of jailbreaking/rooting)... There is an awful lot that needs to be addressed to make data safe.
Ok, I have gone through your links and I have a much better understanding now. Thank youir By our elaborate and helpful answers.
This stuff makes what Apple offers out-of-the-box look like child's toys. I suppose the initiative in collaborating strongly is also to cover that angle.
Comments
Can you point me to some of those systems of tomorrow?
Both MS and IBM have tons of pages and whitepapers regarding MDM/EDM, but some starting points:
MS
http://www.microsoft.com/en-us/server-cloud/products/microsoft-intune/
https://www.microsoft.com/en-us/server-cloud/enterprise-mobility/overview.aspx
IBM
http://www.maas360.com/products/mobile-device-management/
http://www-03.ibm.com/press/us/en/pressrelease/47480.wss
In both cases the main points include that systems are not for phone/tablets only, but can manage computers as well. They both also have support for existing management and monitoring infrastructures (like MS System Center Configuration Manager and Operations Manager, or IBM TIvoli) which are widely deployed in large infrastructures (and MS System Center being a de facto standard in virtualized NOCs using Hyper-V). The last link also shows that these companies are even getting ahead of BB in government certifications...
If you want anything more specific, please ask.
What is the advantage of using such software as opposed to using exchange in the mail app, exchanging docs through share point / one drive etc?
Exchange and Sharepoint do not really do anything to protect data on devices, and they really can't, as being accessible by many different means is what they are about. Yes, some basic settings like "encryption required" are there, and you can set password policies and initiate remote wipes (if the device is online), but there is not much more. (And in the case of Exchange the current state of affairs, with the 2013 edition, is still that you have to disable most policy support to enable any device, ironically including MS's own, to access anything, as there is no fully compliant mobile device or OS on the market.)
Products like GT, InTune, MaaS360 etc. address security at multiple levels: connectivity (e.g. enforce VPN tunnels), device health (OS and app updates, availability of virus scanners etc.), app availability (e.g. to block apps from installation that could reduce security, or to stop users from installing own apps altogether), separation of private and business data (and e.g. restrict remote wipes to business data), enforce sandboxing on OSs that don't, time bombing of business content, rights management (e.g. some emails can be read, but not forwarded), higher authentication security (one-time passwords, tokens, biometrics), replacing stock apps with apps that enforce own security and encryption (e.g. to avoid data and credentials from becoming accessible by means of jailbreaking/rooting)... There is an awful lot that needs to be addressed to make data safe.
Ok, I have gone through your links and I have a much better understanding now. Thank youir By our elaborate and helpful answers.
This stuff makes what Apple offers out-of-the-box look like child's toys. I suppose the initiative in collaborating strongly is also to cover that angle.