Windows Phone 8 in the Enterprise

bpmurr · Mar 6, 2013

I'm in the process of evaluating Windows Phone 8 to offer on my company's BYOD program. I'm currently using a Lumia 920 for testing and XenMobile by Citrix is our MDM suite. We currently allow iOS devices and Samsung Android devices. I'm running into a problem with Windows Phone.

The devices will be owned by the employee and I want to be able to wipe all data company related data from the device. However, I want them to retain all personal data. I've connected to the XenMobile server using the company apps section. When I go to do a selective wipe it wipes the company apps connection but leaves the Exchange mailbox active. This doesn't make a lot of sense to me. On both the iOS and Android side if I do a selective wipe it also gets ride of the Exchange mailbox. On Windows Phone 8 see the following message.

Anyone deploy Windows Phone 8 successfully in their corporate environment and able to wipe all company data including mail without wiping out personal data? Thanks!

bpmurr · Mar 6, 2013

83 views not one post. I guess that speaks volumes about the lack of Windows Phone 8 deployments in the Enterprise space. From the additional research I've done it seems this is a limitation of Microsoft's remote wipe feature. Not sure what Microsoft was thinking with this one. I highly doubt many employees at my company will opt for a Windows Phone 8 device knowing if they leave the company their entire phone would have to be wiped. I can't believe they're so far behind Apple in this arena.

BeaverJuicer · Mar 6, 2013

To my knowledge...
What you would need to do is remove the Exchange account from the phone. This can be done from the phone, or by simply changing the password on the Exchange server. When an email account is removed from the phone, things like contacts, emails, calendar appointments, etc that were associated with that account will be removed.

All that warning says, is that IT Policies (not emails, etc) associated with Exchange Server will remain in place until the user deletes the account... This just gives them extra incentive to remove the aforementioned account.

And as an FYI regarding your second post... Just keep in mind that you catch more bees with honey. This is primarily an end user forum. 84 views over the course of the day is nothing, and your question targets a very select audience.

bpmurr · Mar 6, 2013

BeaverJuicer said:
To my knowledge...
What you would need to do is remove the Exchange account from the phone. This can be done from the phone, or by simply changing the password on the Exchange server. When an email account is removed from the phone, things like contacts, emails, calendar appointments, etc that were associated with that account will be removed.

All that warning says, is that IT Policies (not emails, etc) associated with Exchange Server will remain in place until the user deletes the account... This just gives them extra incentive to remove the aforementioned account.

And as an FYI regarding your second post... Just keep in mind that you catch more bees with honey. This is primarily an end user forum. 84 views over the course of the day is nothing, and your question targets a very select audience.

Well if you do a selective wipe it doesn't remove the Exchange email account. It's still active until you disable their AD account. Even after it's disabled they would still have access to any existing email on the device. You're then relying on that person to delete the account themselves and not use any of that information. That won't fly with my enterprise security team. It's disappointing because I was pushing really hard to get Windows Phone 8 approved for BYOD use.

realwarder · Mar 6, 2013

Can you not remotely wipe the unit?

summer600 · Mar 6, 2013

Not wanting to be a view only reader

I Binged and found this post: Newswire / Capricode Introduces the First Features for Windows Phone 8 - Software - Capricode Ltd | NewswireToday which mentions selective wipe with IronShield also removes the email account. Could it be that selective wipe is implemented differently by different vendor?

Ordeith · Mar 6, 2013

You can control a Windows Phone through System Center. Use Microsoft Tools for Microsoft products.
Additionally, it is a real Exchange client supporting EAS with encrpytion, you are able to use Exchange to perform the wipe
Perform a Remote Wipe on a Mobile Phone: Exchange 2013 Help

Phone Guy 4567 · Mar 6, 2013

bpmurr said:
Well if you do a selective wipe it doesn't remove the Exchange email account. It's still active until you disable their AD account. Even after it's disabled they would still have access to any existing email on the device. You're then relying on that person to delete the account themselves and not use any of that information. That won't fly with my enterprise security team. It's disappointing because I was pushing really hard to get Windows Phone 8 approved for BYOD use.

I would never push hard for any platform, since there is no upside for me. There is a big potential downside if they give in to my pushing and it all goes wrong.

slashd0t · Mar 6, 2013

As someone who works for a vendor that makes an MDM product, I can share that Microsoft doesn't give MDM vendors much in the way of API's for management... It's frustrating.

lipper2000 · Mar 6, 2013

You really need to enquire on the Microsoft tech sites specifically for IT professionals...
You might get the odd person here that knows the backend stuff but most of us are just end users....

GReeN SCoRPioN 8K · Mar 7, 2013

I am also Testing the MDM Features of WP8 and can Confirm that Exchange E-Mail will not Deleted by a "Selective Wipe".

But in my test the User werent able to Sync with the Exchange anymore. Maybe that Depend on your MDM Solution cuase we use a other Software...

Update: After a few more test we are able to "Retire" the Device in our MDM and Everything including Exchange is Deleted! So its no a Microsoft Problem its maybe a Problem of your MDM Solution!

bpmurr · Mar 7, 2013

GReeN SCoRPioN 8K said:
I am also Testing the MDM Features of WP8 and can Confirm that Exchange E-Mail will not Deleted by a "Selective Wipe".

But in my test the User werent able to Sync with the Exchange anymore. Maybe that Depend on your MDM Solution cuase we use a other Software...

Update: After a few more test we are able to "Retire" the Device in our MDM and Everything including Exchange is Deleted! So its no a Microsoft Problem its maybe a Problem of your MDM Solution!

Would you mind tell me what MDM solution you're using?

bpmurr · Mar 7, 2013

Ordeith said:
You can control a Windows Phone through System Center. Use Microsoft Tools for Microsoft products.
Additionally, it is a real Exchange client supporting EAS with encrpytion, you are able to use Exchange to perform the wipe
Perform a Remote Wipe on a Mobile Phone: Exchange 2013 Help

We'd like to have the the platforms managed in one location. XenMobile formally Zenprise before Citrix bought them has very robust management of iOS devices. We might have to management the Windows Devices separately because I'd like to also offer RT and Windows 8 tablets on the BYOD program.

tk-093 · Mar 7, 2013

Have you spoken to Citrix support as to why it doesn't work?

bpmurr · Mar 7, 2013

tk-093 said:
Have you spoken to Citrix support as to why it doesn't work?

Yes, they said it's a limitation imposed by Microsoft. They have a put in a request with Microsoft to add this feature in the next release. Hence why I'm interested in the name of the company Green Scorpion 8k is using.

slashd0t · Mar 7, 2013

bpmurr said:
Yes, they said it's a limitation imposed by Microsoft. They have a put in a request with Microsoft to add this feature in the next release. Hence why I'm interested in the name of the company Green Scorpion 8k is using.

Again, I work for a company that makes MDM products (I work on that product

) and Zenrprise/Citrix is correct. Microsoft has limited their MDM API's to essentially remote wipe and passlock enforcement. It's sad really.

airwolf878 · Mar 7, 2013

bpmurr said:
We'd like to have the the platforms managed in one location. XenMobile formally Zenprise before Citrix bought them has very robust management of iOS devices. We might have to management the Windows Devices separately because I'd like to also offer RT and Windows 8 tablets on the BYOD program.

Check out the Microsoft Intune service. It covers all WP8, Win8 and RT devices, as well as iOS and Android.

Peter Boev · Mar 8, 2013

bpmurr said:
Would you mind tell me what MDM solution you're using?

My guess would be Intune, seeing that the device is being ''retired''. My experience with Intune confirms that the Exchange account would be removed completely upon device retirement, without wiping the personal data on it.

I guess that MS gave a competitive advantage to their own system in this regard.

bpmurr · Mar 11, 2013

Peter Boev said:
My guess would be Intune, seeing that the device is being ''retired''. My experience with Intune confirms that the Exchange account would be removed completely upon device retirement, without wiping the personal data on it.

I guess that MS gave a competitive advantage to their own system in this regard.

Interesting, I'll have to check it out.

GReeN SCoRPioN 8K · Mar 13, 2013

Sorry for late answer...

API's are Limited (Which is realy sad and i hope gets better by updates soon) but with a Retire you can "Selective Wipe" your Device! i have done this a lot of times now!

To my Knowledge there are only 2 Big MDM Solutions (Expept of Microsofts Intune) out there which can Handle WP8 correct. (But also there are Problems and not all is working fine)
One is MobileIron and the other is Airwatch.

Windows Phone 8 in the Enterprise

New member

New member

New member

New member

New member

New member

New member

New member

New member

New member

Member

New member

New member

New member

New member

New member

New member

New member

New member

Member

Similar threads

Forum statistics

Share this page