MaaS360.com > White Paper

Mobile Device Management Glossary MaaS360.com > Glossary Management Glossary

ActiveSync Exchange ActiveSync (EAS) is a Microsoft technology that allows mobile users to access their Microsoft Exchange mailboxes and use email, calendar, contacts and tasks applications on their mobile devices. Administrators can control which devices have access to the Exchange Server. EAS works with a wide variety of mobile operating systems, including , , iOS, Android, and Palm WebOS. http://www.microsoft.com/exchange/2010/en/us/mobility.aspx; http://en.wikipedia.org/wiki/Exchange_ActiveSync Android Android is a mobile developed by Google and managed by the (OHA) and the Android Open Source Project (AOSP). It runs on from many manufacturers, including Acer, HTC, Huawei, LG, Motorola, Samsung Electronics, and Sony Ericsson. As of September 2010 Android was estimated to be #1 in US market share for mobile operating systems (44%) and #2 in global market share (25%). Over 100,000 apps are available for Android through Google’s Android Market (estimates from Canalys). http://www.android.com/; http://en.wikipedia.org/wiki/Android_(operating_system); http://www.gartner.com/it/page.jsp?id=1466313; http://www.canalys.com/pr/2010/ r2010111.html APNS The Apple Push Notification Service (APNS) is a mobile service created by Apple that (Apple Push “pushes” notifications and alerts from applications on servers to , iPads and iPods. Notification http://en.wikipedia.org/wiki/APNS Service)

Apple Root The Apple Root Certificate Authority (CA) manages the generation, Certificate distribution and administration of encryption keys for the Apple Public Key Authority Infrastructure (PKI). It facilitates encrypted secure communications between web servers and mobile devices. See Certificate Authority. http://www.apple.com/certificateauthority/

BES The BlackBerry Enterprise Server (BES) is a middleware package (BlackBerry from Research In Motion that synchronizes emails, calendaring information Enterprise and contacts between BlackBerry devices and messaging servers such as Microsoft Exchange and IBM Lotus Notes. It also connects BlackBerry Server) devices with enterprise applications. BES includes a range of management and security features to help email administrators. http://us.blackberry.com/apps-software/business/server/full/; http://en.wikipedia.org/wiki/BlackBerry_Enterprise_Server Certificate A certificate authority (CA) is a trusted organization that issues digital certificates.

Authority Digital certificates are used with Public Key Infrastructure (PKI) technology to facilitate encrypted secure communications between web servers and endpoints such as mobile devices, laptops and PCs. When an endpoint contacts the server it requests a digital

certificate with information about the owner of the web site and a public key. The endpoint sends the certificate to the Certificate Authority, who validates that it comes from the purported source (e.g. the user’s employer or the user’s bank). The endpoint uses the public key to establish an encrypted connection with the server. Third party certificate authorities include VeriSign, Entrust and GoDaddy. Enterprises and government agencies can set up their own CAs. http://en.wikipedia.org/wiki/Certificate_authority; http://www.verisign.com/ssl/index. html; http://www.entrust.com/pki/index.htm

2 MaaS360.com > Glossary Mobile Device Management Glossary

Cloud A cloud extender is a cloud-based service, for example a database or a backup service, Extender which can interact with and extend the functionality of other cloud-based services and applications. Configuration A configuration profile is a set of parameters used to configure a mobile device for a user Profile or group of users. The parameters might include minimum requirements for the passcode, information on how to connect to the corporate email server, virtual private network (VPN) settings, and authorized Wi-Fi networks. Device Device encryption is the ability to encrypt selected files or all of the files on a device to Encryption protect them from unauthorized access if the device is lost or stolen. Typically the user must enter a PIN before the device will decrypt and display encrypted files. Enterprise An App Store is an online service that allows users to browse a web site and download App Store applications to their smartphones. The most widely-known app stores are from vendors such as Apple (iTunes Store), Google (Android Market) and Microsoft (Windows Marketplace for Mobile).

An Enterprise App Store is an app store created by a single enterprise or government agency to distribute apps developed in-house or authorized and supported by the IT group. iDEP The iOS Developer Enterprise Program (iDEP) is an Apple program to encourage corporate (iOS Developer and government software developers to create inhouse mobile applications for the iOS Enterprise operating system. These applications are for internal use and do not get published on the public App Store. Program) http://developer.apple.com/programs/ios/enterprise/ iOS iOS, formerly known as “iPhone OS,” is a developed by Apple for the iPhone, iPad, iPod Touch and Apple TV.

It runs exclusively on devices manufactured by Apple. As of September 2010 iOS was estimated to be #2 in US market share for mobile operating systems (26%), with 17% market share worldwide (estimates from Canalys). Over 300,000 apps are available in

Apple’s App Store. http://www.apple.com/ios/; http://en.wikipedia.org/wiki/IOS_(Apple);. http://www.gartner.com/it/page.jsp?id=1466313; http://www.canalys.com/pr/2010/ r2010111.html Line of In general usage “line of business” (or “LOB”) refers to products, services or marketing Business campaigns targeted at one or more specific vertical industries.

In the context of mobility, mobile line of business applications are solutions designed for industry-specific needs that run on mobile devices. Examples include inventory management in retail, mobile route accounting in shipping and logistics, patient data acquisition in healthcare, and sales force automation in many industries.

3 MaaS360.com > Glossary Mobile Device Management Glossary

Lock/Unlock Lock is an MDM (Mobile Device Management) feature that allows administrators or users to prevent anyone from using a mobile device or seeing data stored on it. Remote Lock is usually accomplished by sending an SMS message from a server to the device. Locking can also be enforced locally, for example if the wrong passcode is entered too many times. An Unlock command removes the lock. All MDM systems provide an over-the-air Lock feature for administrators, and some also provide self-service locking and unlocking for users through a web portal. Lotus Notes IBM Lotus Notes Traveler is a “push” email product for IBM that provides access from Traveler mobile devices to email and Personal Information Management (PIM) applications for Lotus Notes users. It allows mobile users to access IBM Lotus Domino servers and use e-mail, calendar, contacts, journal and to-do applications on their mobile devices. Lotus Notes Traveler supports Apple iOS, Android, Windows Mobile, and Symbian devices.

Lotus Notes Traveler also provides some MDM features for Lotus Notes users, such as remote wipe, passcode policy management, and event monitoring. http://www-01.ibm.com/software/lotus/products/notes/traveler.html; http://en.wikipedia.org/wiki/IBM_Lotus_Notes_Traveler MeeGo MeeGo is a mobile operating system designed for smartphones, tablets, netbooks, and consumer information appliances such as web-connected televisions and in-vehicle infotainment devices. It is a -based open source project managed by the Linux Foundation and driven by Intel and Nokia. MeeGo is intended to span a wide range of mobile and non-mobile computing devices, including tablet computers, but in 2010 had not yet been released on a . http://meego.com/about; http://en.wikipedia.org/wiki/MeeGo; http://www.zdnet.co.uk/news/mobile-devices/2010/12/01/nokia--will-not- displacesymbian-as-enterprise-os-40091029/ MDM Mobile Device Management (MDM) systems are used to provision, monitor, manage, secure, (Mobile Device support and secure mobile devices. Most MDM systems include a server-based management Management) component and an agent or app that runs on each device. Some systems are vendor- specific (e.g., work only with iOS or RIM BlackBerry devices), while others span multiple operating systems and manufacturers (e.g. iOS, Android, Windows Mobile and Symbian). . Most MDM solutions are premises-based, although cloud-based alternatives are emerging. Typical features of MDM systems include:

• Tracking of devices by serial number, user name, manufacturer and operating system. • Inventory of software and hardware on devices. • Management of passcode policies. • The ability to distribute and manage Wi-Fi and VPN policies. • Remote “over-the-air” configuration and provisioning. • Remote wipe, lock and unlock. • The ability to block or disable cameras, browsers and access to app stores. • Reporting on the status and configuration of devices. http://en.wikipedia.org/wiki/Mobile_device_management; http://www.informationweek.com/news/mobility/business/showArticle. html?articleID=228500207

4 MaaS360.com > Glossary Mobile Device Management Glossary

MSM Mobile Service Management (MSM) products gather network, server and application health (Mobile Service and performance data in order to provide end-to-end monitoring of mobile applications. Management) This allows an administrator to track when users are having trouble connecting, or are getting slow performance on email and mobile applications. Some MSM vendors are branching out by adding MDM features to their solutions. OTA Over-the-air (OTA) configuration, also known as over-the-air programming and over-the- Configuration air provisioning (OTAP), is the ability to configure and assign policies to remote mobile devices solely through a wireless connection. OTA configuration eliminates the need for IT administrators or support personnel to physical touch devices in order to prepare them for email and corporate applications. This is particularly important when there are many distributed users, and when users purchase their own devices.

OTA configuration can also refer to distributing software and application updates to mobile devices. http://en.wikipedia.org/wiki/Over-the-air_programming Passcode A passcode is a string of characters or numbers used to authenticate a user to a device. Most mobile devices can be configured with passcode policies, for example a requirement that passcodes have a minimum number of characters, or include at least one alphabetic and one numeric character, or be changed within a certain time period. Provisioning A provisioning profile is a file installed on mobile devices, especially iPhones, that allows Profile specific in-house applications to be installed and executed. Administrators can use provisioning profiles to restrict applications to specific devices. QNX QNX is a -like real-time operating system used primarily for embedded systems. It is a good fit for embedded systems with limited space because it is small and, as a -based OS, functionality not required for a specific system can be turned off. It was acquired by Research in Motion and is the basis of the new BlackBerry Tablet OS. RIM has indicated that it a version of QNX will ultimately replace the BlackBerry OS. http://en.wikipedia.org/wiki/Qnx; http://www.intomobile.com/2010/09/28/blackberry-os- qnxhandheld-confirmed-rim/

SCEP The Simple Certificate Enrollment Protocol (SCEP) is an industry standard protocol designed to simplify the issuing and revocation of digital. certificates. It allows administrators to securely issue certificates to large numbers of network devices using an automatic enrollment technique. See Certificate Authority. http://en.wikipedia.org/wiki/Simple_Certificate_Enrollment_Protocol; http://www.ucertify.com/article/what-is-simple-certificate-enrollment-protocol-scep.html

5 MaaS360.com > Glossary Mobile Device Management Glossary

Secure Secure messaging technology provides for secure communications between email users Messaging regardless of whether they are using email clients or browser-based email systems. Typically messages and attachments are stored entirely on servers, so they are not vulnerable to attacks on endpoint systems. Messages sent over the network are encrypted using SSL, S/MIME, TLS (Transport Layer Security) or other encryption technologies. Servers are provided with spam blocking, malware detection and data leak prevention (DLP) capabilities. http://en.wikipedia.org/wiki/Secure_messaging; http://imagesrv.gartner.com/ mediaproducts/pdf/microsoft/issue1_secure_web_final.pdf Selective Selective wipe is the ability to delete corporate email, data, policies and apps from Wipe mobile devices without affecting personal email and files. Selective wipe is especially important in organizations where employees provide their own smartphones and devices, because these users would not accept having their personal data removed when they leave the organization. See Wipe. Smartphones Smartphones are handheld devices that include a computing operating system as well as wireless communications capabilities. They allow users to exchange email as well as run mobile applications or “apps.” The leading manufacturers, in order of worldwide shipments (3Q 2010) are: Nokia, Samsung, LG, Apple, Research In Motion, Sony Ericsson, Motorola, HTC, ZTE, Huawei Technologies. The leading mobile operating systems, in order of worldwide shipments (3Q 2010) are: Symbian, Android, iOS, Research In Motion, Microsoft Windows Mobile, and Linux (estimates from Gartner). http://en.wikipedia.org/wiki/Smart_phone; http://en.wikipedia.org/wiki/Mobile_ operating_system; http://www.gartner.com/it/page.jsp?id=1466313; http://www.canalys.com/pr/2010/r2010111.html Symbian OS Symbian OS is a mobile operating system developed by Symbian Ltd. (acquired by Nokia) and managed by the , a non-profit open source organization. It runs on smartphones from many manufacturers, including Fujitsu, Mitsubishi, Motorola, Nokia, Samsung, Sharp, Siemens and Sony Ericsson. As of September 2010 Symbian was estimated to be #1 in worldwide share for mobile operating systems (37%), although only #3 in the United States, after Android and Apple iOS (estimates from Gartner). http://www.symbian.org/; http://www.gartner.com/it/page.jsp?id=1466313; http://www.canalys.com/pr/2010/r2010111.html

6 MaaS360.com > Glossary Mobile Device Management Glossary

Tablet A “” or “tablet” is a book-sized computer with a flat touch screen that Computer uses a stylus, digital pen, or fingertip as the primary input device.

Most tablets run modified versions of traditional desktop operating systems on Intel chips, but newer entries like the Apple iPad use mobile operating systems and chips based on the simplified ARM architecture.

Apple dominated the category in 2010, but other vendors in or expected to enter the market include Hewlett Packard, RIM, Dell, Acer, Samsung and Lenovo. http://en.wikipedia.org/wiki/Tablet_computer; http://en.wikipedia.org/wiki/ARM_ architecture; http://www.isuppli.com/Display-Materials-and-Systems/News/Pages/Apple- Set-to-Dominate-Tablet-Market-Through.aspx; http://news.cens.com/cens/html/en/news/ news_inner_33947.html TEM Telecom Expense Management (TEM) products track all types of telecom spending and (Telecom allow enterprises to reduce operating costs and negotiate better agreements with their Expense vendors and service providers. TEM systems typically track services and equipment inventory, usage and charges, match them against contracts and invoices, and highlight Management) excessive charges from service providers and out-of-control cost categories. Some TEM vendors are branching out by adding MDM features to their solutions, and some MDM vendors are adding TEM features to their products. http://www.temia.org/; http://en.wikipedia.org/wiki/Telecom_Expense_Management Windows Mobile Windows Mobile is a mobile operating system developed by Microsoft and used in smartphones and mobile devices. It is a successor to Windows CE, but will be replaced in the future by . It runs on smartphones from manufacturers including HTC, LG and Samsung Electronics. As of September 2010 Windows Mobile was estimated to be only #5 in worldwide mobile operating systems, with a 3% market share (estimate from Canalys and Gartner). See Windows Phone 7. http://en.wikipedia.org/wiki/Windows_mobile; http://www.microsoft.com/windowsphone/ enus/default.aspx; http://www.gartner.com/it/page.jsp?id=1466313; http://www.canalys.com/pr/2010/r2010111.html Windows Windows Phone 7 is a mobile operating system developed by Microsoft and used in Phone 7 smartphones and mobile devices. It is a successor to Windows Mobile. It was released in selected countries in October and November 2010. It has been announced for smartphones from manufacturers including, Dell, Hewlett Packard, HTC, LG, Samsung Electronics and Sony Ericsson. Microsoft has indicated that Windows Phone 7 is designed primarily for the consumer market rather than for enterprise applications. http://www.microsoft.com/windowsphone/en-us/default.aspx; http://en.wikipedia.org/wiki/Windows_Phone_7 Wipe Wipe is an MDM (Mobile Device Management) feature that allows administrators or users to delete all of the data on a mobile device. If a device is lost or stolen, wipe prevents sensitive data from being misappropriated. Wipe is usually accomplished by sending an SMS message from a server to the device. All MDM systems provide an over-the-air wipe feature for administrators, and some also provide self-service wipe for device owners through a web portal. Not all mobile devices support wipe. See also Selective Wipe.

7 MaaS360.com > Glossary Mobile Device Management Glossary

MaaS360 helps IT administrators provision, manage, and secure today’s expanding suite of mobile devices, including iOS and Android devices Secure all Mobile Device Platforms MaaS360 supports all major smartphone and tablet platforms including iOS, Android, Windows Phone, BlackBerry, Symbian, Windows Mobile, and Palm WebOS.

Embrace Employee-owned devices MaaS360 provides workflows to discover, enroll, manage, and report on personally owned devices as part of your mobile device operations.

Simple Device Enrollment and Approval MaaS360 provides auto-quarantine and alerts for IT personnel to approve all new devices, and additionally provides for user self-enrollment into your mobile device management program.

The New Challenges of Mobile Device Management Businesses and employees are using mobile devices in ways not envisioned as recently as a year ago. Personal device ownership and usage in the enterprise is growing rapidly. Most organizations are supporting over four different smartphone platforms, which are quickly becoming the computing platform of choice. This is requiring IT organizations to enhance their mobile device management capabilities to be on par with desktop management and security, including establishing provisioning, configuration, management, and security operations that ensure user productivity while preserving compliance with IT policies.

8 MaaS360.com > Glossary Mobile Device Management Glossary

MaaS360 for Mobile Devices Product Line MaaS360 offers four key components of Mobile Device Management (MDM) as a set of flexible entitlements providing comprehensive and flexible security and management for mobile devices.

Enterprise Mobility Management Platform

MOBILE DEVICE MANAGEMENT DESKTOP MANAGEMENT MANAGED MOBILITY

ActiveSync Manager MaaS360 MDM or Lotus Notes Traveler for iOS Devices (All Devices)

MaaS360 BlackBerry MaaS360 MDM for Server (BES) Integrator Android Devices

INFRASTRUCTURE DEVICES Corporate Mail and Data Mobility Intelligence™ Dashboard & Reports

Download MDM Data Sheet Get Started

About MaaS360 MaaS360 the leader in mobile device management, is the creator and developer of cloud-based Mobility as a Service (MaaS) solutions. The company’s MaaS360 platform enables IT to manage laptops, desktops and smartphones, such as the Android and iPhone, as well as tablet devices such as the iPad, in one window, one system. The company’s MaaS360 mobility infrastructure and subscription services have revolutionized how enterprises and business users share and secure information over the Internet. The MaaS360 platform ensures reliable, secure and compliant mobile working for employees, while delivering unprecedented Mobility Intelligence™ to senior management and IT operations. MaaS360 is a recognized leader in mobile device management, helping both Global 2000 companies and smaller businesses cost-effectively support expanding mobile workforces and use mobile devices to remain competitive in today’s economy. Additional information about MaaS360 is available at http://www.maas360.com.

All brands and their products, featured or referred to within this document, are trademarks or registered trademarks of For More Information their respective holders and should be noted as such. To learn more about our technology and services visit www.maaS360.com. 1787 Sentry Parkway West, Building 18, Suite 200 | Blue Bell, PA 19422 Phone 215.664.1600 | Fax 215.664.1601 | [email protected]

WP_201108_0030 9