Microsoft hopes BYOD will help bolster Windows Phone 8.1 in enterprise

Compnay Apps settings on a Lumia 920

Microsoft has a vested interest in pushing Windows Phone in enterprise, though according to a recent interview with Stella Chernyak, Senior Director of Product Marketing at Microsoft, they're opening up for mobile device management so other solutions can support Windows Phone 8.1 devices.

BlackBerry is very much in the same boat, having recently announced that in addition to supporting Android, iOS, and, later this year, Windows Phone, they're now allowing other parties to manage their devices. One of the early MDM partners of Microsoft's, AirWatch, is also working with BlackBerry. MobileIron is also on the list of beta partners supporting Windows Phone 8.1.

It's good to see Microsoft shifting to support the bring-your-own-device movement, which basically summarizes the entire state of phones in the workplace nowadays. IT guys need to be able to support a wide and dizzying array of phone types, and Windows Phone needs to be counted alongside them if it wants to get equal spread in the enterprise sphere. How many Windows Phones do you guys see in the workplace? Any of you IT admins that handle Windows Phone rollouts currently?

Source: V3


Reader comments

Microsoft hopes BYOD will help bolster Windows Phone 8.1 in enterprise


It's almost. 2 months since I have my Lumia and still can't have my company email on due to policies. Actually I am using web email to read and reply to my emails. How come that my company server policies accept Iphone without any special setup and Android by simply using touch down app?

That's very strange...

iPHone uses same activesync settings as Windows.  Unless you are using a 3rd party client.

I am not using a third party client as no third party client was found in the store. I've been searching for touchdown app but can't find in store.

Touchdown is available for WP. In the company I work, I help them configure touchdown for WP 7/8 , Droid, IOS, and even Symbian..

That bread and butter is stale. MS doesn't see any new revenue from aging IT systems. The new MS doesn't think this way, but old IT does.

My company only allowed BB and IOS at first but no WP 7.  They actually wiped my phone a couple times when i tried to add corpo email to it...lol.  They finally approved WP 8 this year.  No Android devices though...bwahaha...


EDIT:  Oh, they did allow WM 6.1 and still do...

What does iOS have with regards to enterprise support that Windows Phone 8.x does not?

Both have all nine FIPS 140-2 certifications, so what else do they need?

Actually a lot. WP 8.0 and older were totally unmanageable beyond very basic tasks (ie Remote Wipe). WP 8.1 finally has proper MDM (Mobile Device Management) support.

iOS was/is considered the best in terms of MDM and overall safety. The second was, of course, Android - however it's actually a bag of hurt in terms of MDM Safety and features are very dependent on specific Android OS version of the specific manufacturer of the specific device... Simply put - Android sucks in MDM. WP 8.0 and prior wasn't even in the same league.

WP 8.1 brings a lot and I would say it's now the best in terms of safety and second in features.


Anyway... Our company gives iPhones to high-enough managers and cheap WP to everybody else. Few like me buy personal WP, some uneligible buy personal iPhones and most BYOD are Androids.

Wow, that was very informative. Thank you.

I always thought that due to jailbreaking, iPhones would be a bad choice for BYOD. But I guess you can make sure the phone is not jail broken before you add it to your network.

I wonder why Androids are approved for BYOD even though they suck in MDM.

It's great to hear WP 8.1 is moving forward with MDM.

It is not about features... CEOs do own iPads and iPhones, so they want to use them for business. The IT Department has to deliver if they want or not, security reasons do not count, when your CEO wants it.

Be sure to read the fine print on your company's BYOD policy. Many if not most want control over all the data on your phone. Similarly, they will have access to your personal stuff on your phone. If they're picking up the bill they're also taking over your phone number. Good luck getting that back when you leave the company. You walk away with a blank phone and no phone number.

I don't know of a MDM solution that can access your personal files...
We can perform a wipe or a selective wipe, lock down apps, require passwords or certificates, and in some cases monitor the location data.

My federal organization (5000+) just switched to iPhones from BB, WP not even a dot on anyone's horizon. Also strong support for ios and android for remote vdi, Windows device usage low to non-existent.

That is going change in the next few months. Msft said that, meaning they have the contracts started.

Posted via the WPC App for Android!

well i was messing with some restaurant wifis yesterday and in the router logs found that almost 60% of the conected devices since first power up were iphones and blackberries, the rest were android, no surprise, but i saw a single one displaying the name "windows phone" :P


I believe that a bunch of companies have determined BYOD is more expensive than issuing a device due to costs of support.

Where did you get that belief from?  There is very little support costs here so I would be surprised anyone finding BYOD more expensive.  What companies?

Companies with strict security policies have a nightmare with BYOD. Supporting the seemingly infinite number of devices and OS versions is bad enough, then you compound that with inconsistent support of VPN, various MDM solutions, Email clients, Calendar clients and finally the corporate pissing matches over device support for EAS, LDAP, CalDAV, IMAP and all the other protocols you get a minefield. 

Of course, you also need to train your users to set up their own devices everytime they reset or replace a device and you end up with more IT people supporting BYODs with lower user satisifaction than by shoving Blackberrys down everyones throat.  

If an IT guy spends more than 2 hours supporting a particular user you've already outpaced the cost of having bought them a device of your choosing. No big mystery, in the corporate world a $200 device is next to nothing. 

There is also cost for security. Work for the FED and you only get "Company" devices, there is no BYOD option. Think about it. One bad app on one BYOD device and your network is compromised.

Also, BYOD is very young and security has not caught up with demand. It is very difficult to properly tie User A with Device B and act accordingly. Networks don't think that way, they only identify IP, not ID. You can't very well say oh Jim is logged on via his company laptop give him access level A, if Jim is on his iPhone, give him access level B, if he is on an unknown device, give him Guest access.

The problem is that in many companies the Network guys and the Security guys are two different groups so they are not use to talking together. Products like Cisco ISE are looking to change that, but it will be a long time before that type of technology is pervasive.

For me, what I think is interesting is that Security is JUST starting to become top-of-mind within the Enterprise network. It was always a bolt on, afterthought. Something you put in-line after your network was setup. Now, that is starting to change, and for the better.  It will just take a few years to get there, don't believe all the marketing hype that tells you otherwise.


We have 250 Lumia 625's currently managed by Exchange ActiveSync. We are testing SCCM/InTune. We've previously tested AirWatch, MobileIron, Maas360, and Sophos. We decided to wait for WP8.1 and test all the solutions again before making a decision.

We are not exploring BYOD at this time due to the increased cost.

My organization is planning on using  Office365, the objective being mobile productivity for everyone. Earlier all they allowed was BBs plus the use of 'GOOD For Enterprise' (for getting email on your mobile device as they didn't allow Active Sync for Exchange) if you decided to bring your own device. With BBs going out of fashion and GOOD being terribly bad, the move to Office365 was ineveitable.

Our company has 16,000 employees with byod for IOS, android, and WP via mobile iron. Mobile iron on IOS is seamless, android sucks (enter pin to open device and another pin for the email app every time), WP doesn't work at all fot 8 or 8.1. That sucks for me.

We have mobile iron here and you don't really need it to send/receive company email.  All you need is active sync enabled on your Outlook account. And boom, you have mail.

I manage a client with 8 HTC 8x's and 9 surface Pro's. The execs of that company are in bed with thier IOS's though.

There are some security requirements our company has before they will allow provisioning of Windows phones on our network. With the new WP8.1 update and enhanced enterprise features, does anyone know if WP now supports alphanumeric passcodes? My attempt to search online only shows support for PIN numbers.

Trying to get my Dads company workplace to become Microsoft ONLY. They already use Win 8 and 7 and Microsoft Cloud in the warehouse trying hard to implement Surface Tabs and Wps

We can only hope. In my office, the only reason I get company email is because I manage the servers. Officially, my company has very little interest in Windows Phone via BYOD. I hope that will change after 8.1 is official.

My company is only allowing iOS and Android currently, but I have a feeling that Windows Phones will be approved shortly.

Last job was all BB. I setup my WP device to get email and calendars from the work Exchange server and then setup a forward calls on my BB to my WP. New job has no standard, all BYOD and get it working yourself

I work at a community bank which recently switched from Blackberry to iPhone. For personal use, my department all has iPhones, except for one Android user and me using Windows Phone. And they won't change.

We have 27 WP 8/8.1 devices being managed by MobileIron...tons more Apple/Android. 1 year ago the WP number was 8 devices. No Blackberry though, we cut that cord when our CEO tried a bb10 device and couldn't figure it out.

Of the almost 800 users we have at my company (i managethe wireless account for my company), still got some leftover bb users that didnt want to ugprade, but ordered i think 500 new phones split between iphones/androids starting this past october.  I think two people picked a windows phone :(


iphone/android king of BYOD. 

I don't know anout now, as I haven't worked with Exchange since right before WP7 was released, but at the time, Apple or android did NOT support all the security features for Exchange 2007+, WM6 did. Considering Microsoft's server OS' and apps are big business, it would make sense for them to make WP8+ that much better for the enterprise market.

What I do like though, is the MS has released enterprise apps for IOS and Android, but Apple keeps thier apps to themselves and Google only seems to bother with Android and IOS... For businesses that supply devices and do BYOD, this is great. The business can hand out WP8 devices or if the employee wants to use thier iPhone or Android device AND the network backend is all MS, then everyone can still access everything...

We used to buy Galaxy's but since this year all new bought phones are Lumia's. I believe that's because of the outstanding interaction with Exchange and the hope that Microsoft's Project Siena will become a powerful tool in the near future.

Windows Phones (925, 1020 and 1520) are officially part of our contract if we do a BYOD and you can get a discounted phone under a salary sacrifice or through tax deductions. There is also quite a few Windows Phones particularly amongst the engineers and programmers with a lot of iPhones, the most common Android I see on a regular basis is Galaxies. No really hard numbers but I see at least 10 WP devices a day on a regular basis.

I work for one of the largest IT service providers in the world, so it's probably not that unusual I suppose. I'm UK based and tend to see a lot more WP devices than those across the pond.

Also worth noting I've seen a few companies trialling some Surface devices alongside Lumia's for their field engineers with custom software, it was shelved last year due to a lot of headaches and problems but they are revewing it again when WP 8.1 is officially available to existing devices. They tried iPads but they was too fragile and Android was too costly to secure and lockdown.

How can Microsoft promote WP for enterprises when you can't attach files to email messages?

OneDrive for Business or SharePoint, it's far more bandwidth friendly for everyone to use a resource locker than attach to an e-mail and many consider it bad manners that someone wants to clog up the inbox with attachments.


Attaching a file is a basic functionality of any email client. My company discourages use of file sharing services like Onedrive for business purposes.

You do get that fact that most of us can't just force our business to use 'OneDrive for Business' right?  We're bound by the corporate IT policies and have to work within our existing ecosystem...including blocking all cloud storage...it isn't helpful to say 'use cloud storage'...we simply can't.

The ability to attach files is basic email functionality...and should have worked from day 1.

True, but eventually those rules will have to change because every company uses Cloud Storage in one way or another, even if it simply means to copy files to the home.

I work for a large multi-national company with just under 100k employees around the world. Internal teams use dropbox to distribute ISOs to Asia Pac or Europe because our internal network can deliver multi gig images with reliability. Sales uses dropbox go distribute materials to clients. Our security says it is against policy, but we can track terebytes going over every day.

The fact is, the more restrictive internal policies interfere with a workflow, the more people will find a way around it. In the end, IT won't be able to restrict access to the cloud, they will have to adjust and find the best way to work with it.

Be that OneDrive, Box.net Dropbox, that is for them to decide.


Can't apply that to all companies I'm afraid...and you don't want some data to leave a company's four walls.

Let's suppose, for example, I work for a Debit & Credit card processor, providing the infrastructure that connects the pinpad to your bank for transactions.  The data I might handle would be highly sensitive personal information...do you really want me to be able to copy that off to a thumbdrive to take home?  Or storing that up in the 'Cloud' because it'd be more convienent? 

Our machines are desktops, all usb drives are disabled, save for the mouse, possessing a thumbdrive at work is an immediately fireable offense, and all user usage is tracked, and alerts do flow to our boss if we even attempt to touch any 'questionable' site from a security standpoint.  OneDrive, Google Drive, Dropbox, etc, etc, will never happen...and you don't want it to.

Heck, I saw a guy escorted from the building b/c he emailed something mildly sensitive internally.  There are no issues with phones in the breakrooms, but no Wi-Fi, and they have to be stored away when were at our desk.

But if I worked for such a company, no...you wouldn't want us in the Cloud.


In all fairness to you, yes, in a regular business model, we used Sharepoint so attachements didn't have to flow between sites...and it works well.

Many consider it bad manners to attach files? Yeah i guess that funcitonality was created specifically for people with bad manners to annoy other people with good manners and clog up their inboxes with attachments they "don't need" or "can't delete". This is precisely why MS haven't implemented this functionality in WP8, in fact they feel so strongly about it, they are going to be removing attachment functionality from Outlook on the web and from the Outlook app on Windows as well. I hear Google is also in agreement and isn't far behind.


As far as excuses for the missing attachment functionality go, this is by far the best one. 

There are several reasons:

  • Cost of bandwidth of sending that file. Not just to your company but every company who supplies the necessary bandwidth for that file to be sent.
  • Inbox size, some companies restrict staff to 50mb inboxes. Doesn't take much for that box to overflow.
  • Security some companies have policies that prohbit the receipt  or transmission of attachments.
  • Time, if a person who's waiting for an important document is waiting for an attachment to come down you've inconvenienced them. This is particularly important for those in the field. Yes Outlook has tools to work around this but not everyone is proficient beyond the simple edit and send tools.
  • For you the sender, if you need to make changes you will hae to re-send the document doubling up on bandwidth wasted. Also if you send to the wrong person you've got no way of blocking their receipt of that document
  • Attachments are often put on a low priority queue on the servers, especially if it's a big attachment. This can delay the receipt of the file.

Sure MS has added a basic technology that everyone wants, but it's missing far more such as a Spam filter, calendering/meeting functionality and so on.

It's a basic functionality and it needs to be there, trying to justify its absence is hillarious. Attachments are used by millions of people dalily in both work and personal settings. It's not "rude" it just makes sense. 

I'm not against lockers, but they are not an explanation for why we have missing funcitonality in WP

You can attach one file from the office hub.... Your better off sharing / sending one drive links to shared folders - much easier for collab projects.

The most annoying thing about windows phone. I work with many banks and I can't use onedrive to share files with them because employees of bank cannot access anything outside corporate emails in these banks due to security issues.

I have enrolled with air watch as a single user and admin to support windows phones I sell through o2. The brilliance about this is that I can enroll, download hub and push content to anyone in 30 seconds as well as using WindowsIntune I am all round guru of windows phones

At my job, the president of my division has an iPhone and iPad that he can use to link up with our machines. The manager has a surface and had a 822, but got a note 3 after leaving Verizon, and has windows 8 on his computer. My foreman just got a 925 with the intent of being able to troubleshoot the machines from home as well. I have a 925 but I'm just one level under the foreman so I don't get that ability.....yet.

Well, if MS is truly serious about BYOD, they need to open their mobile devices to Posture control. Work with Cisco AnyConnect for example. Win9 doesn't even allow security vendors to replace the Supplicant layer. So while the want Ent to use their devices, there is limited options on how to secure it.

instead of "hoping" they need to start "acting" to make it more useful for business users and then maybe they'll bring it. things that piss me off WP on the enterprise?

1) RDP and VPN was late and I felt second class. Don't do that to me again. You have the #1 corporate OS in the world, support your phone as a first class citizen. Not to mentioin, their own mobile device management up until recently didn't even bother with WP because the things could not be managed.

2) I don't know if Joe Belfiore always emails pictures of his kids to people, but I sometimes need to...email business materials in the middle of an email and WP only lets you attach pictures. yup. what is this nonsense? clearly it can attach anything. clearly it woldn't be hard to give you a file picker. Clearly somebody needs to get fired at MSFT for keeping this policy since 2011.


+1 - When WP7 was released, they stated they wanted to be the phone for business, that you can provision WP just as they do desktops now on the AD controller.

+1 - Even if it isn't for business, this needs to happen for everyone.

Well said!!

Our formal BYOD policy for smartphones dropped support for new BB's last year and explicity forbids Android -- it's now only iPhone and WP.  We're updating our laptop/hybrid/tablet policy to be only Windows 8+, no Chromebook and freezing all iPad and Mac installations.


I'm the only one at my office using WP8. The device management/security software our IT department uses doesn't support it, so they told me to just set an unlock password until there was a software update...

Everyone else here has an iPhone. In our industry, that's become the norm, so it's what the older and tech-illiterate automatically choose. I imagine if there was wider usage of WP at home, it would start being considered as an option at work.

Being in the IT department of my company, I made sure windows phone was included in the test phase for our Airwatch rollout by offering this phone up as a test object. Otherwise WP would not have been supported. Should I ask Microsoft for free goodies now?

When I enrolled my WP8.0 device with my workplace under settings it installed the MobileIron app.  Recently I upgraded to WP8.1 dev preview and did a hard reset I enrolled with my workplace again.  This time no MI app was installed.  Not really sure why this is and if I lucked out because the device was already registered with MI when it was 8.0.

My company requires SD card encryption with EAS and because windows phone STILL doesn't support it I still can't use it with my company even though we are BYOD :(

I have a 1020 that's the problem! It reports to the server 'no' for SD card encryption which whilst technically true causes the server to reject the sync!

Yeah I tried to convince my IT department of that, even gave them a PowerShell script they could run which would do it for them. But no dice.

Partly I think they just have no interest in doing so, but also it does compromise the server if one of the WP's with an SD card is put on that policy. So the only way to do it then is by device model, of which there are a lot, sometimes several per phone! :(

The worst part is Microsoft's suggested 'fix' is either to allow non-provisional devices and thus compromise the entire server, or to remove the SD card restriction, much as you suggested. Its really not acceptable as a fix, they don't have any interest in doing something about it themselves and so just pass it off as a company problem rather than anything else.

I guess that's one of the drivers for byod. It allows IT to set requirements that the OS and handset must meet instead of tailoring a solution for each OS/Hardware version. BYOD is on the horizon for my org and I'm dreading it. What does your org support?

Technically they don't care what device I use, as long as it supports the requirements it can connect. I've had Symbian ^2 and 3 devices running fine, they also allow android and iOS, and of course blackberry. Only my Lumia 800 and 1020 have had problems connecting, and of course everyone else in my company who has a windows phone of some description.

Hey everyone, is there any news on whether Windows Phone 8.1 will support RSA authentication on VPN? iOS has it so I'm just wondering.......

My employer is BYOD but not many people know that since there arent very many employees that are allowed to bring phones on ground. The only phones i see issued by my employer are the last few remaining blackberries and the iphones that are replacing them. 

Have not been able to connect to the enterprise until 8.1.  That tells you have LATE MS has been to the enterprise.

Unless they have recently added L2TP, I still won't have VPN, MDM or not, it is still not viable for me yet.

I own my own business with 15 staff members and all mobile devices we deploy are Windows Phone/Surface. Oddly, we're stuck on Macs for our point-of-sale system.

It's kind of dissapointing that they only offer some of the enterprise WiFi using MDM, no chance in universities etc.

We are pure Microsoft at work, with Exchange 2013 and a whole array of Microsoft servers including IIS (FYI all Microsoft systems are immune to heartbleed)


Anyway, we have supported Windows phone from way back in olden days, when it was called Windows Phone 7.5. Of course, iphone and android too.

on a side note:

My Nokia 2520 RT tablet is immune to viruses (so far).

I bring my tablet to work and the IT dept loves it because they can easily integrate it with Exchange and the other Microsoft Servers. They are even building a custom modern interface CRM app for our sales team.

I have 10 hour battery life, and it gets to 80% charge in less than an hour. With NFC, USB, LTE, Bluetooth, WIFI, HDMI and SD I'm all set!

It was just announced that the
SanDisk Ultra 128 GB microSDXC UHS-I Card works in the 2520!




I'm curious about the support your org provides for byod. Is it just email configuration and no hardware or complete support? Hows that working for you? Are your users satisfied with your support?

BYOD at my employer was rather crappy. The Bank policy was basically this: bring your own device, pay your own bill, and we will let you use your own device. I have no interest in using my own data plan and minutes for my company if I'm not being reimbursed. They only allow iOS6+ and BB7 or 10. Needless to say, I went with a corporate owned device. They only support BB10.

Posted via the WPC App for Android! on BlackBerry Z30