In any organization, Windows devices form the crux of the corporate workforce with Windows apps forming the primary foundation. Windows apps, can be Store-based(those available for download on the Internet) or Enterprise-based(those specific to an organization) as well as MSI software, which is to be installed on Desktops and Laptops. In such cases, IT admins are bound to feel tedious installing these apps(usually the same app) across multiple devices and/or device types. The problem gets further compounded, when you realize these apps need to be updated and in certain cases, uninstalled as well. MDM eases this processs through Windows App Managment. MDM supports:
Let us understand about each of these in detail:
The middle ground, can be achieved by using Enterprise Single Sign On(SSO). SSO covers the best of both worlds, ensuring data security while improving the ease of data access, for the users.
Before we can delve deep into Single Sign On(SSO), here are the disadvantages of not using one:
For IT admins
All of the above disadvantages can be overcome by using Single Sign On(SSO). We'll see what are the other benefits of using a Single Sign On(SSO):
MDM supports Single Sign On using Kerberos, a network authentication protocol which secures the passcodes by encrypting them using DES(Data Encryption Standard).
So, any apps and/or internal websites supporting Kerberos authentication in your organization can support Single Sign On(SSO).
Improving on the ease and security of Single Sign On, is the No Sign On or Zero Sign On method, whereby the employees needn't enter their passcode even once to access services. This can be achieved if the authentication is certificate-based. MDM supports Certificate-based authentication(CBA) using Simple Certificate Enrollment Protocol(SCEP)