BYOD/PC

BYOD at a Glance

Now that employees have won the battle of the personal smartphone at work, some are now thinking about how they’d like to use their beautiful, light, powerful laptop for work too — and not worry about deleting personal files (music, movies, photos, home budget spreadsheets) when they move on to their next job. This moves the organization from BYOD to BYOD/PC. On the flip side, some organizations see a future where the company-supplied PC goes the way of the company car, further reducing capital expenditures.

The key to success is in providing a secure, containerized workspace for easy IT management, security policy enforcement, and an offline capability that is separate from the user’s personal space.

Moka5 is the only solution available today that offers a single infrastructure for centrally managing locally-executed virtual workspaces on Windows, Macs, and BareMetal. This eliminates the need for massive datacenter infrastructure, enables easy offline use of the virtual desktop, and can operate on low-bandwidth / high-latency network connections.

With Moka5, BYOD/PC host computers are NEVER allowed on the corporate network – only the authorized workspace inside the secure container connects through the existing corporate VPN infrastructure (just the same as a physical laptop does today) to access protected servers and internal resources like an Intranet. Containers are deployed through an Active Directory-integrated self service portal making on boarding secure, simple and low cost. Once deployed, M5 Players check in periodically with the M5 Management Server through a reverse proxy for policy and software updates.

Benefits of the Moka5 for BYOD/PC Programs:

  • Single image management. Manage and secure a single corporate workspace instead of 100’s, 1,000s, or 10,000s of endpoints, regardless of who owns the device and whether it is a Windows or a Mac PC.
  • Rejuvenation. Reduce IT support costs with ability for end users to quickly reset to a clean workspace without losing their work files.
  • Revoke / wipe. IT can remotely disable access or wipe LivePC containers or set a “time bomb” to automatically revoke access to or completely wipe a container.
  • 100% patch compliance. Disk-level delta updates to the container itself ensures all updates to the image (new software, patches, OS config changes) are applied correctly, the first time.
  • Locally executed. Unlike VDI, everything takes place on the user’s computer for better performance and seamless transitions between online and offline use.
  • Built-in anti-malware. Constantly monitor for key loggers and screen scrapers with built-in anti-malware, ensuring these cannot compromise the container without interfering with anti-malware tools on the host computer or inside the workspace.
  • Built-in data leak prevention. Policy-enforced container keeps corporate data separate from personal files, including the ability to prevent copy/paste, white list USB devices, and control printing.
  • Built-in disk encryption. AES 256 encryption of the container ensures compliance with data security standards and privacy regulations, equivalent to whole disk encryption of a corporate-managed computer.
  • Tamper-resistance and copy protection. Keep the corporate workspace from being moved or edited.
  • Reliable access control. LDAP/AD integration, two-factor authentication support ensures that you can use your existing access control processes.
  • Self-service provisioning. Users download the corporate workspace from anywhere through a secure web portal and can be initially provisioned and authenticated without network access (since they won’t have their secure corporate workspace to access the network until after the provisioning).
  • User-friendly download controls. Only push updates to users that need them, enable users to delay downloads if they need to, and ensure adequate hardware prior to download to minimize difficulties for mobile employees.