The information contained in this document represents the current view of Corp. on the issues discussed as of the date of publication. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information presented after the date of publication. This guide is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. Complying with all applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form, by any means (electronic, mechanical, photocopying, recording or otherwise), or for any purpose, without the express written permission of Microsoft. Microsoft may have patents, patent applications, trademarks, copyrights or other intellectual property rights covering subject matter in this document. Except as expressly provided in any written license agreement from Microsoft, the furnishing of this document does not give you any license to these patents, trademarks, copyrights or other intellectual property. Data plan and/or Wi-Fi access required for some 8 features. Carrier fees may apply. Availability of some features and services may vary by app, area, language, phone, carrier, and/or service plan. © 2013 Microsoft Corp. All rights reserved. With BYOD (Bring Your Own Device) becoming the industry norm, it is important for IT departments to choose a platform that appeals to consumers and will delight their end users. Windows Phone is rapidly winning the hearts of consumers and gathering industry accolades.

Consumers love Windows Phone Both and Windows Phone 8 devices are receiving high praise from consumers. Windows Phone 8 was rated the #1 OS by all readers of PC magazine and the Lumia 920 was rated the #1 phone by AT&T readers of PC Magazine.

PC Magazine 2013 Reader’s Choice Award

Windows Phone Accolades and Awards • 4 of the top 9 across all carriers on Amazon.com are Windows Phone 8 devices • The won the 2012 Engadget Readers Choice Award • The Windows Phone 8X by HTC won the Red Dot Design Award for 2013

Your favorite apps, and over 130,000 more Windows Phone has the apps and games you want from brands you love. The Windows Phone store has 130,000+ apps and 48 of the top 50 apps on competing platforms. Get apps for personal use such as Flixster, Cut the Rope®, and Pandora. Or get apps for work such as, Evernote, Box, and LinkedIn. Only Windows Phone has Live Apps that bring you the info you want, right on your start screen. With Windows Phone 8 we made certain that IT professionals could have peace of mind and effortlessly integrate with their Exchange, SharePoint, Lync and Office 365 infrastructure to lower their TCO. We ensured end users had the best possible Office, Outlook and Lync experience on their Windows Phone 8 devices. And we ensured that developers could use the Visual Studio and .NET tools they are already familiar with to develop code that would run on PCs, tablets and smartphones.

Windows Phone Gaining Momentum Among CIOs • In a recent poll by Aberdeen Group, CIOs revealed that they plan to deploy mobile apps for Windows Phone and Windows tablets more than any other platform over the next 12 months. • Windows Phone has also seen significant growth over the past year, at the expense of BlackBerry. • A report by Strategy Analytics indicates that Windows Phone surpassed BlackBerry in Q4 2012 to become the #3 smartphone platform in the US. 13

11 12

9 10

7 8

6

5

3 4

1 2

The 13 Layers of Security on Windows Phone 8 Below is an explanation of the security provided by the 13 numbered boxes in the security architecture diagram above: 1. All Windows Phone 8 devices have to meet specific hardware requirements. This not only guarantees a base-level user experience, it limits the hardware-related security attack vectors. 2. Windows Phone 8 is the only smartphone platform that has a (TPM) 2.0 chip embedded on every device. The TPM chip is a huge boost to security – it protects encryption keys, contains a crypto processing engine, and is a foundational element of a secure boot chain. 3. Windows Phone 8 uses the Unified Extensible Interface (UEFI) Secure Boot industry standard. UEFI is the new BIOS. In a UEFI Secure Boot process the firmware, the bootloader, the kernel and kernel extensions, are all cryptographically signed. This makes it easy to detect when any of these layers has been tampered with. If any layer in this boot process has been maliciously altered, the device won’t boot. 4. The crypto signing goes beyond the kernel – the entire OS and every single app on the system is code-signed to guarantee a chain of trust from the hardware all the way up. This is not necessarily the case for competing platforms. There is no real concept of a trusted boot chain on Android. And it is well known that the trusted boot chain on iPhone is not entirely trustworthy because every single version of iOS has been jailbroken within days of release. 5. Windows Phone 8 uses the same NT Kernel as and 2012. But it also shares the same driver model, developer platform, security, and networking stack and graphics and media platform. All of these have been tried and tested on more than a billion client and server machines, many running mission-critical workloads. 6. All updates to Windows Phone 8 now come directly from, and only from, Microsoft. This ensures the integrity of the OS. Also all security fixes follow the same rigorous standards set by the Microsoft Security Response Center or MSRC for our client and server products. 7. Windows Phone 8 supports alpha-numeric and complex passwords for device-locking. 8. The internal storage on a device can now be fully encrypted using the same BitLocker technology that ships with Windows. The BitLocker encryption key is protected by the TPM 2.0 chip and will only be released if i) the device successfully passes the UEFI Secure Boot process to boot up a trusted OS, and ii) if the encrypted disk is physically located in the original device. This protects data at rest and guards against offline attacks. So it is not possible to take the encrypted storage out and get access to the data by booting from another OS, and it is also not possible to place the encrypted storage in another Windows Phone 8 device to access the data. This protects data at rest and guards against offline attacks. With both device-lock and BitLocker enabled it is extremely difficult to gain unauthorized access to data on the internal storage. 9. Every app runs in its own isolated chamber. Even the OS services run in their own isolated chamber. Each app receives only the capabilities it needs to perform all its use cases. It cannot elevate its privileges at run time, it cannot communicate with other apps on the phone other than through the cloud, and it cannot access memory, data or the keyboard cache used by another app. 10. Even the browser runs in its own sandbox. Windows Phone 8 ships with a locked down version of 10 that does not support plug-ins, and comes with anti-phishing filters built-in. 11. To further protect the data in each app, Windows Phone 8 provides another layer of encryption via the Data Protection API. This is smart technology that uses entropy information already available on the device to automatically generate new encryption keys. This way apps do not have to worry about generating, storing and managing new keys. Each app also automatically receives its own decryption key when it first runs. 12. However, no amount of encryption will prevent an authenticated user on a trusted device from sharing data with unintended parties, willingly or unwillingly. This makes Information Rights Management (IRM) critical and Windows Phone is the only smartphone platform that has IRM built-in to prevent data leakage. 13. Finally, data synchronization with most cloud services like Office 365 and on-premise servers like Exchange and SharePoint is done via the latest SSL 3.0 technology with AES 128 or 256 encryption. This protects data in transit. Note on TPM and UEFI Secure Boot standards Microsoft is a strong believer in open standards for security, like UEFI Secure Boot and TPM. Standards have numerous advantages over proprietary methods used by other smartphone platforms. Standards go through a transparent development process, survive rigorous open review from the best security minds across multiple organizations, and help ensure broad support across companies. The list of 100+ companies that define the TPM specifications can be found here and the firms behind the UEFI specifications can be found here. Windows Phone 8 integrates with your existing Microsoft infrastructure. Right out of the box, Windows Phone seamlessly works with Microsoft products you know and already own, such as Exchange, Office, SharePoint, Lync and Office 365 – no need to purchase additional third-party software.

Typical incremental software & administration cost required to leverage SharePoint, Office and Exchange functionality on1,000 smartphones

Third-party software for SharePoint

BES server software and admin cost

Third-party software for Office

Maximize Value from Existing Microsoft Investments The built-in IRM client on Windows Phone helps you maximize value from your existing investments because it uses the Active Directory Rights Management Service already available with your Windows Servers. Exchange ActiveSync is also built-in and supported and this is how Microsoft IT manages more than 70,000 BYOD Windows Phone devices. Additionally, a built-in management client is available so you can use your existing Management software such as MobileIron, AirWatch, Citrix XenMobile, Symantec or Windows InTune and System Center 2012 SP1. Finally, to further lower your TCO, Windows Phone 8 comes with full-fidelity mobile versions of Office so you can make the most of your existing investments in Exchange, SharePoint, Lync and Office 365. Windows Phone 8 gives you the best Outlook and Exchange experience, the best mobile versions of Office, and the best communication and collaboration experiences with Lync and SharePoint. Android WP 8 iOS 6 BB 10 Feature available Feature not available Feature available with conditions 4.0

Setup, Lock Fast Office 365 setup with simple input of ID and screen, and password Start screen Resizable live tiles to access more information

Notifications on lock screen 1 2 1

Outlook e-mail, Pin frequently accessed e-mail folders to the Start calendar, and screen contacts Same integrated mail and calendar as Outlook on PC

Access and search for e-mails on the Exchange Server 3

Read protected e-mail (IRM)

Office View, edit, and comment on Word, Excel, and 4 5 6 documents PowerPoint documents

“Places” panel for easy access to docs opened via email, or stored on SharePoint, SkyDrive or the phone

Read protected IRM documents

“Thumbnail” view to easily navigate long ppt decks

Lync Make VoIP and HD video Lync calls, and receive Lync 7 communication calls like standard voice calls

Multitask during Lync call - read email, view/edit/save 7 docs, access SharePoint sites, use other apps etc.

Attend Lync meetings with audio, video, and web 7 conferencing with one click from Outlook

SharePoint Sync documents across devices. Edit on one device and sites continue working right where you left off

Download documents for offline access and editing; 8 9 upload changes when you are back online

Search for content on SharePoint team sites, lists or document libraries

Write and edit documents with colleagues at the same time

Pin SharePoint sites to the Start screen for easy access

1. Not open to third party developers 6. Documents To Go included 2. Requires setup through widgets 7. No Lync app for BB 10 3. Requires BlackBerry Enterprise Server (BES) 8. Access and view only, no editing 4. View only 9. Supported only by a few devices 5. Supported only by a few devices Common Development Foundation for Client and Mobile Computing Historically, apps for client computing devices like PCs, and desktops have been developed separately from apps for mobile computing devices like smartphones and tablets. But as more client computing devices get touch screens and mobile broadband radios, and more mobile computing devices take on client computing workloads, it is going to be critical for you to be able to share code between the mobile and client computing worlds. From an app development perspective there is deep commonality between Windows Phone 8, Windows 8 and Windows RT. In fact, Windows Phone 8, Windows 8 and Windows RT share several components in a common development foundation that makes it easy to port apps across different form factors on the Windows platform. First, Windows Phone 8, Windows 8 and Windows RT share a common development environment and tools with Visual Studio and .NET. Second, they also share the same driver model, security model, and managed code Common Language Runtime (CLR). Finally, Windows Phone 8, Windows 8 and Windows RT all support native code and have the exact same API set for Networking, File System, Input, Sensors, Graphics and Media, Audio, and Commerce. Flexibility with 3 Development Models App developers also have flexibility in how they develop apps and can choose from 3 development models. They can write an app that uses whatever combination they desire between managed code, native code and HTML/JavaScript code. And they can run a lot of that code across Windows Phone 8, Windows 8 and Windows RT because of the common foundation. So porting apps and business functionality across your mobile and client computing worlds becomes a lot faster. This will be a critical capability needed by businesses as the worlds of mobile and client computing converge. There are a number of programs available to help you transition your organization to Windows Phone. Your team can provide more information and help you get started.

Frequently Asked Questions What support options are available for businesses? The “Get technical support” section on http://support.microsoft.com/gp/windows-phone-8 lists a variety of Windows Phone 8 technical support options available to businesses. Where can I learn more about Microsoft’s Support Lifecycle policy? The most common questions on this topic have been answered on http://support.microsoft.com/gp/lifepolicy Will Windows Phone 8 devices be upgradeable to the next version of the Windows Phone OS? Yes, Windows Phone 8 devices will be able to upgrade to the next version of Windows Phone OS when it is launched. Where can I get an in-depth overview of Windows Phone 8 for businesses? The Windows Phone 8 Reviewers Guide goes into considerable depth for all the areas covered by this document.