NYPD Rolls Out iPhone 7 and 7 Plus Handsets to Manhattan Officers, Replacing Windows Phones

[LotusLord]

And where are the Macs?

Coming in at a slower clip. We've got 4, and will likely be adding a few more minis this year for caching at the various offices. Apple sent a team of people here last year to meet with us and really seemed to want our business on the computer side as well as the iOS device side, but we're pretty entrenched in Windows on the server and desktop.

 

[Philmycracken]

Ah, Samsung. Fascinating. I have the S8+. So does my husband. I have minimal loaded software and he has a lot loaded on. We’ve both battled recurring intermittent lag on our devices, and I’ve read comments of other people enduring the same, so I did not think it would be a great choice for law enforcement...but then I am gradually discovering that my new IPhone 8 Plus is not chugging along so smoothly on iOS 11 so that levels the playing field a bit more for me, personally. I wonder how the administrators would handle policy regarding the secure folder. Does Samsung provide better service and support to its business customers than Apple?

I haven't experienced and performance degradation on my S8. Its been pretty solid. Our organization uses a VMWare MDM to manage security policies and manage email, i.e. Boxer. More of the policies are enforceable on iOS than Android, such as the ability to enforce log-in passkey requirements. In the grand scheme, that's a minimal sacrifice. In spite of the MDM, the droids are still highly customizable and Enterprise applications run seamlessly. My wife still has her work iPhone 7 and its on its last leg. My previous device was a Windows Phone. After being extremely satisfied for three years, the last year was painful and had to finally relent. After observing my wife's experience with her iPhones, I opted for Android. Now she wants one. Vendors are really emphasizing their Android compatibility and integration with their devices. I didn't see that a year or two ago, it was all iOS. The change over has been significant. I think it will be even more dramatic in the years to come. particularly in the law enforcement space.

 

[5105973]

I haven't experienced and performance degradation on my S8. Its been pretty solid. Our organization uses a VMWare MDM to manage security policies and manage email, i.e. Boxer. More of the policies are enforceable on iOS than Android, such as the ability to enforce log-in passkey requirements. In the grand scheme, that's a minimal sacrifice. In spite of the MDM, the droids are still highly customizable and Enterprise applications run seamlessly. My wife still has her work iPhone 7 and its on its last leg. My previous device was a Windows Phone. After being extremely satisfied for three years, the last year was painful and had to finally relent. After observing my wife's experience with her iPhones, I opted for Android. Now she wants one. Vendors are really emphasizing their Android compatibility and integration with their devices. I didn't see that a year or two ago, it was all iOS. The change over has been significant. I think it will be even more dramatic in the years to come. particularly in the law enforcement space.

Whoa, iPhone 7 is only around a year old, so what’s happening with your wife’s iPhone 7?

What factors do you see playing a role in the shift away from iOS in enterprise in general and law enforcement in particular?

Does the ability to set up a secure folder on Samsung phones pose any kind of problem or issue for your administrators? Or is that folder visible and able to be kept under compliance in the VMWare MDM environment? I’m a bit fuzzy on that. My understanding is the encryption and sequestering of that folder is a little too good and “what happens in Secure Folder stays in Secure Folder”.

Samsung’s own Knox Workspace enables granular control over devices to ensure compliance to company policies, but if my understanding is correct, Secure Folder falls outside of even their ability to exercise granular control over the usage and content of Secure Folder.

Secure Folder is a really insane feature not a whole lot of people talk about on forums like this one. I am a suburban soccer mom, if you will, so my grasp on its capabilities and limitations, as well as its place in enterprise environments is weak, to put it kindly. So please pardon me if my questions are too elementary. And I do thank you for taking the time to chat with me as you have. Anyway, it’s actually because I am a mom that Secure Folder grabbed my attention and interest the way it has. Putting a stop to monkey business seems hardwired into my psyche.

At one of my favorite employers, which was long long ago in a galaxy far, far away, among the many things I did there was was become acting liaison to a security consultant and I helped him set up the security framework that identified and trapped an embezzler. Everything was so primitive then and most of what I did was site and procedure analysis, not the kind of high level computer security that people think of now when they think of corporate security. I was helping to secure physical documents and equipment. What there was of cyber security was something even I was able to have a hand in, even though I would go home and struggle to program my VCR to record my soaps.

 

[Philmycracken]

Whoa, iPhone 7 is only around a year old, so what’s happening with your wife’s iPhone 7?

What factors do you see playing a role in the shift away from iOS in enterprise in general and law enforcement in particular?

Does the ability to set up a secure folder on Samsung phones pose any kind of problem or issue for your administrators? Or is that folder visible and able to be kept under compliance in the VMWare MDM environment? I’m a bit fuzzy on that. My understanding is the encryption and sequestering of that folder is a little too good and “what happens in Secure Folder stays in Secure Folder”.

Samsung’s own Knox Workspace enables granular control over devices to ensure compliance to company policies, but if my understanding is correct, Secure Folder falls outside of even their ability to exercise granular control over the usage and content of Secure Folder.

Secure Folder is a really insane feature not a whole lot of people talk about on forums like this one. I am a suburban soccer mom, if you will, so my grasp on its capabilities and limitations, as well as its place in enterprise environments is weak, to put it kindly. So please pardon me if my questions are too elementary. And I do thank you for taking the time to chat with me as you have. Anyway, it’s actually because I am a mom that Secure Folder grabbed my attention and interest the way it has. Putting a stop to monkey business seems hardwired into my psyche.

At one of my favorite employers, which was long long ago in a galaxy far, far away, among the many things I did there was was become acting liaison to a security consultant and I helped him set up the security framework that identified and trapped an embezzler. Everything was so primitive then and most of what I did was site and procedure analysis, not the kind of high level computer security that people think of now when they think of corporate security. I was helping to secure physical documents and equipment. What there was of cyber security was something even I was able to have a hand in, even though I would go home and struggle to program my VCR to record my soaps.

Correction - She has a i6. I fat fingered it. The touch screen is failing, shuts off on its own, battery is terrible, and the camera for some reason takes very blurry pictures. This started just last week. Odd because it always took great pictures.

We also use a VMware browser and VMware Content Locker. This enables access through the firewall and we can open/access content located on our IntraNet and personal "work" folders. Attachments received in Boxer can only be opened in the content locker. Further, it can only be emailed from the content locker as an attachment using Boxer - one at a time...oye. Its a bit to get used to, but it works, sort of. However, our agency still has active sync "active". We are also migrating to O365. This makes setup outside the VM effortless and tempting to most users. So the entire process can be circumvented and usually is by many users. You are only as strong as your weakest link. The MDM is a half ass attempt at security. I think Android is inherently less secure than iOS but the problem with the VMware on iOS was, contacts not syncing, calendar updates not syncing, email send and receive delays, and messages disappearing. Doesn't seem to be an issue with the Android version. The set-up it is easy for the most part. Once your profile is loaded on the VM server, it keys off of Active Directory during configuration. The entire process takes about 10 mins per device. fairly easy to administrate. Anyway, not sure if this was what you were looking for. There are obviously a number of MDM's our there and why we use VMWare instead of Enterprise Mobility, I have no idea. We are a MS shop so that would only make sense. Ill assume someone is getting a kickback

 

[5105973]

Correction - She has a i6. I fat fingered it. The touch screen is failing, shuts off on its own, battery is terrible, and the camera for some reason takes very blurry pictures. This started just last week. Odd because it always took great pictures.

We also use a VMware browser and VMware Content Locker. This enables access through the firewall and we can open/access content located on our IntraNet and personal "work" folders. Attachments received in Boxer can only be opened in the content locker. Further, it can only be emailed from the content locker as an attachment using Boxer - one at a time...oye. Its a bit to get used to, but it works, sort of. However, our agency still has active sync "active". We are also migrating to O365. This makes setup outside the VM effortless and tempting to most users. So the entire process can be circumvented and usually is by many users. You are only as strong as your weakest link. The MDM is a half ass attempt at security. I think Android is inherently less secure than iOS but the problem with the VMware on iOS was, contacts not syncing, calendar updates not syncing, email send and receive delays, and messages disappearing. Doesn't seem to be an issue with the Android version. The set-up it is easy for the most part. Once your profile is loaded on the VM server, it keys off of Active Directory during configuration. The entire process takes about 10 mins per device. fairly easy to administrate. Anyway, not sure if this was what you were looking for. There are obviously a number of MDM's our there and why we use VMWare instead of Enterprise Mobility, I have no idea. We are a MS shop so that would only make sense. Ill assume someone is getting a kickback

Thanks for getting back to me. Wow, I can see why you’ve taken a dim view of iPhones. That’s a whole lot of syncing failures for crucial data.

If y’all do go on over to Android and specifically Samsungs, I wonder if Knox Workspace will give you the control and flexibility you’re looking for without inciting frustrated employees to circumvent your security protocols. I can see where it might fall short of your current setup. But it’s an intriguing option. https://www.samsungknox.com/en/solutions/it-solutions/knox-workspace

Lol, as a non business customer I can’t say I’m a huge fan of Samsung. My interest in Android leans toward the Google Pixel. But I have to say I find what Samsung has done with Knox and the whole Secure Folder concept to be fascinating, insofar as I understand it.

 

[I7guy]

I find it fascinating that in the enterprise space where it’s been alleged Apple is losing ground, NYPD is going iphone.

 

[Philmycracken]

Fascinating that you find that fascinating.

 

[DeepIn2U]

Correction - She has a i6. I fat fingered it. The touch screen is failing, shuts off on its own, battery is terrible, and the camera for some reason takes very blurry pictures. This started just last week. Odd because it always took great pictures.

We also use a VMware browser and VMware Content Locker. This enables access through the firewall and we can open/access content located on our IntraNet and personal "work" folders. Attachments received in Boxer can only be opened in the content locker. Further, it can only be emailed from the content locker as an attachment using Boxer - one at a time...oye. Its a bit to get used to, but it works, sort of. However, our agency still has active sync "active". We are also migrating to O365. This makes setup outside the VM effortless and tempting to most users. So the entire process can be circumvented and usually is by many users. You are only as strong as your weakest link. The MDM is a half ass attempt at security. I think Android is inherently less secure than iOS but the problem with the VMware on iOS was, contacts not syncing, calendar updates not syncing, email send and receive delays, and messages disappearing. Doesn't seem to be an issue with the Android version. The set-up it is easy for the most part. Once your profile is loaded on the VM server, it keys off of Active Directory during configuration. The entire process takes about 10 mins per device. fairly easy to administrate. Anyway, not sure if this was what you were looking for. There are obviously a number of MDM's our there and why we use VMWare instead of Enterprise Mobility, I have no idea. We are a MS shop so that would only make sense. Ill assume someone is getting a kickback

The issues you’ve mentioned with VMware’s AirWatch (which existed for years before VMWares acquisition has to do with servers internally, ports and your Exchange server or ActiveSync implementation. 3 companies I worked for never had issues with contacts synching. Check your Outlook and see just those affected where their contacts are setup and how many categories in contacts is listed. Should be only 1 contact listing not multiple. I’m tired so can’t explain this fully. I hope you get the gist of what I mean.

AirWatch does secure containerization and is an EMM not a simplistic MDM else Boxer wouldn’t exist. Their pretty high up compared to many in the market according to the magic quadrant and its relevant.

O365 you can lock down what end users can screw around with ... glad you’re not the admin thinking they will just get around this cause your skills as an admin should be a LOT better to negate that train of thought.

My issue with Androids in particular is how their lack for end user privacy should be by default. Instead every permission an app was setup to want has to be accepted. Only after install can you disable a few permissions but then the app may not work at all without anallor nothing install and configuration. Moreover, now Android with external microSd card should be used in an enterprise. That security is gone - yes even with KNOX2/3 because almost every mobile enterprise admin feels using the card is a good thing. Cards are auto mounted with special permissions in Android. Bad idea.

Customizable UI and apps is a huge benefit to Android. Corporate apps may be made faster.

Many services are available via corporate servers and environments. The devices are terminals while corporate servers and storage is what makes things happen. Access determined there and at the firewall.