Link to home
Start Free TrialLog in
Avatar of alexwhite19800
alexwhite19800

asked on

Identity Management & Mobile Apps

Currently for mobile we use a third party solution (BlackBerry Dynamics) for enterprise mobility. This is a containerised solution for BYOD, where there is a secure email app and browser.

Users are set up on a BlackBerry Dynamics server, have their own password and so on.

I'm reading more and more that identity management and protecting the corporate data itself is becoming the future rather than containerisation. This would help us towards a more native experience. VMWare Workspace ONE is supposedly a platform that can achieve this, but I'm wondering how this works.

Can someone explain?
ASKER CERTIFIED SOLUTION
Avatar of btan
btan

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of alexwhite19800
alexwhite19800

ASKER

Thanks. I thought identity management meant that I could use, for example, the native Salesforce app but when I log in, the fact that I'm logging into this using me@mycorporatedomain.com meant that the data could be secured (e.g. prevent copy and paste, encrypt data at rest/in transit) via Airwatch's connection to the Salesforce common identity management.

So, essentially, because more and more apps are going to use a common identify provider, we can use more and more native applications providing that the common identity provider was integrated with our Active Directory (which will increasingly become more and more integrated with Azure AD)?
Yes one common identity provider as true source and all apps managed centrally via ONE.

Workspace ONE provides an abstraction layer between directory and policy, so that access policy management can be centralized for all applications across multiple clouds and on-premises. For those  already bridging AD and Azure AD with ADFS or PingFederate, Workspace ONE leverages those investments and still provides device posture-based conditional access controls.

https://blogs.vmware.com/euc/2016/08/office-365-workspace-one.html

There are more from one such as DLP, Multifactor authentication etc

https://blogs.vmware.com/euc/2016/10/workspace-one-office-365.html
Thanks!

I looked at the video in the second link very interesting....

1. When viewing MS Office apps within WS1, we can prevent copy and paste for example. Does this require Intune?

2. I notice that the user has to download a profile, which implies MDM. Is this true?
1. No need. It is in ONE.
This quarter, our EUC team will release new data leakage capabilities within Workspace ONE’s already broad set of features. Leveraging these powerful new product enhancements, organizations can finally streamline the deployment of Office 365 and set the right policies for secure access to apps and data.
The new Workspace ONE update will allow “open-in” policy enforcement across any third-party app, including Office 365, on any device. This will intercept and filter network communications going to cloud-based resources, allowing the Workspace ONE policy engine to block this type of data leakage. Even if a user connects a personal content repository to their Office 365 apps, Workspace ONE blocks copying of corporate data to those content repositories.
 
2. The profile is part of ONE Workspace User Environment Manager. It aims to simplify profile and policy management with personalized access across devices and locations for end-users.
https://blogs.vmware.com/euc/2015/02/understanding-vmware-workspace-environment-management-wem-welcoming-immidio.html