- 09-05-2013, 05:54 AM #1
I'm trying to find a way to block my WP8-users from using Skydrive. I know I can disable all that automatic uploads and so on, but I found no way to prevent a user from re-enabling Skydrive...
We're evaluating WP8 as a replacement for our BBs and iOS-devices, and we have the company policy that company data is not allowed to be put into ANY kinds of cloud services. On my iOS-devices I have the possibility (over Apples MDM Api) to completely block the iCloud, so the user cannot even configure, much less use it.
Is there something like this on WP8 ?
Thanks for your replies in advance ! :)
09-05-2013, 06:05 AM #2
- 2,578 Posts
You can't. I can't find anything over at windowsphone.com for this.
A possible workaround is to prevent your employees from signing into their Microsoft Account.I'm also over at the Moriya Shrine! Go there if you're also a fan of Touhou. After all, it is a small community, like WP, right?
- 09-05-2013, 06:21 AM #3
I'm not up on my enterprise tech speak as I used to be but I'm guessing you've already seen this?
What is Windows Intune? PC and mobile device management cloud solution
Windows Phone for business | Phone management | Windows Phone (United States)
I would recommend that if you can't find the information online to contact MS and see if you can get your answers. I don't see a reason why you can't do what you want. From what little I read you have the ability to block SD card usage so I don't see Skydrive being an issue as blocking cloud services is a common thing on large enterprise infrastructure. Even though MS and other companies are pushing the cloud services.Only two things are infinite, the universe and human stupidity, and I'm not sure about the former. - Albert Einstein
- 09-05-2013, 07:14 AM #4
Thanks for your replies !
Sadly Windows Intune also has no solution to this problem, I checked the configuration options for WP8 in the documentation, and it just supports the same functions like all other Mobile Device Management products also support.
I just found the documentation for the Enterprise Device Management Protocol for WP8, and it really seems that there are no options for this. Also nothing for the configuration of WiFi-profiles, VPNs, and so on.
Damn, and I already thought those Lumias 920 would be the perfect solution for us, but it seems like WP8 just isn't ready for the enterprise yet. :(
Thanks for your help again !
Last edited by Scherooom; 09-05-2013 at 07:15 AM. Reason: typo :)
09-05-2013, 09:30 AM #5
- 149 Posts
Why not set up their accounts and you, or your IT dept., knows their passwords. Make it a company policy that they cannot change their account info. Inform them that you have the right to inspect their SkyDrive and if any company info is found there it is cause for disciplinary action.
Edited to add:
Or is it possible to have all the phones connected to the same Microsoft account? Haven't looked into this but would allow you to monitor the SkyDrive storage easier.
- 09-05-2013, 09:39 AM #6
I take it your company isn't on Office365. If they were you would set up the phone with their O365 account and then Skydrive would be associated with that account.
Cloud computing isn't going away so I'd encourage your company to embrace it not fight it.
09-05-2013, 09:43 AM #7
- 192 Posts
09-05-2013, 09:50 AM #8
- 896 Posts
There is a kind of hope in Windows 8.1, which has controls to disable SkyDrive
How to Disable SkyDrive Integration in Windows 8.1 Preview
It may be that Windows Phone 8.1 could have the same administration feature. In the meantime, it may be possible to firewall SkyDrive's servers, but this wouldn't work over 3G/4G and would lead to the phone being error-prone/unstable (since SkyDrive is baked-in).
There's no simple answer here that I can see, but you need to talk with your MS technical account manager regarding your concerns and whether waiting for WP8.1 will meet your company's security requirements.Pete_______________________________
HTC 8X | Surface RT | Xbox | Office 365
- 09-05-2013, 10:17 AM #9
Security of company data is a major concern for large enterprises. You can't say to some large multi billion company, that's just tough, this is the way it is. They'll just laugh at you and use someone else.Only two things are infinite, the universe and human stupidity, and I'm not sure about the former. - Albert Einstein
- 09-05-2013, 10:54 AM #14
- 09-05-2013, 10:59 AM #15Only two things are infinite, the universe and human stupidity, and I'm not sure about the former. - Albert Einstein
- 09-05-2013, 11:06 AM #17
For us in regulated industries (financial services, healthcare, etc.) it's not so much that we think we can prevent data leaks, but it's having tools in place that you can point to in court and say, "See, we are following all your lame laws the best we can." Kinda like a CYA thing. They also help prevent accidential leakage of data. For example a lost laptop/smartphone, or accidently attaching that document of SSN's and sending it to an external email address instead of an internal one. People who actually WANT to steal info, will steal info.
09-05-2013, 11:53 AM #20
- 896 Posts
Not to mention the loss of earnings caused by
a) Customers loss of confidence in how their data is used
b) The potential for competitors to gain access to data/strategic plansPete_______________________________
HTC 8X | Surface RT | Xbox | Office 365
- 09-06-2013, 07:32 AM #21
Hi everybody and thanks for your answers !
@tk-093: I totally agree with you, it's not about 100% security, its more about "we did everything we could". You're also right about the fact that for example only blocking iCloud on iOS devices doesn't restrict the users to install DropBox, Skydrive or some other cloud app from the appstore. But what you can do (and what we did) is create App-Blacklists in your MDM (most of them support this). For example I have a blacklist in place that continuously checks all devices if there's an app with "DropBox" in its name on a device. If this is the case I just contact the user and ask them to remove it. You could also automatically impose restrictions on the device if it violates any of your company policies, for example blocking it's access to ActiveSync or whatever.
Oh, and because you asked: We are using Afaria to manage around 1500 iOS devices, works pretty well since Afaria version 7. I also worked with Mobile Iron in the past and took a look at AirWatch, in the end they all do the same.
You could build something like these by just creating the policies you need with the iOS Configuration Utility. These are just XML files, and all you need to do is to put them on a webserver so the mobile devices can get them from there. Of course you wouldn't have any user management and so on, but thats why there are "ready-to-run" MDM systems on the market.
Well, then we'll just wait for 8.1 in the hopes that MS will build a competetive MDM API into Windows Phone. Omitting this would be stupid imho, as they currently self-restrict their chances to get a real marketshare in enterprises with Windows Phone.
Thanks again guys !
- By CDRIVE MEDIA ART in forum Windows Phone GamesReplies: 5Last Post: 09-09-2013, 01:58 AM
- By gsquared in forum The "Off Topic" LoungeReplies: 11Last Post: 09-05-2013, 08:08 PM
- By antiochian2010 in forum Nokia Lumia 1020Replies: 2Last Post: 09-04-2013, 04:04 PM
- By Eveline H in forum Nokia Lumia 820Replies: 2Last Post: 09-04-2013, 09:23 AM
- By deathnes39 in forum Nokia Lumia 520Replies: 3Last Post: 09-04-2013, 09:06 AM