Main Menu Dept. of Technology Services Search

Rate

The services listed in the Product Features and Description section of this document are included, in part or full, as described: Incorporated in Security Rate (See the security rate under the Network Services section of the DTS Rates page for the current fiscal year)

Order Product/Service

See Ordering and Provisioning section

Enterprise Mobility Management (EMM)

The State of Utah has implemented an enterprise mobility management (EMM) system to manage, monitor, and secure access to State resources by mobile devices, per State policy.

The term mobile device, as used in this product description, means a portable handheld computing device (i.e., tablets and smartphones). As defined in the Department of Technology Services (DTS) Enterprise Mobile Device Policy, the term includes “Any mobile computing device, mobile phone, tablet computer, or laptop computer that accesses and stores information.” Mobile devices may differ from their larger counterparts in the following areas:

  1. Mobile devices are more likely to have built-in cellular wireless capabilities.
  2. Supported mobile devices typically utilize the Android or iOS operating systems.
  3. Mobile devices utilize touch screen and voice as primary input methods.

EMM combines the capabilities of both mobile device management (MDM) and mobile application management (MAM). EMM is also device agnostic, so it can be leveraged to manage more than just mobile devices.

While, by definition, MDM services allow for the management, tracking, and securing of enrolled devices, MAM addresses access to business applications and content. These combined capabilities in an EMM system can greatly enhance an agency’s security posture.

Hours of Support

Application

Support Hours

Days of Week

Enterprise Mobility Management

Business hours (i.e., 8:00 a.m. – 5:00 p.m.)

Monday through Friday

Note: The following list of features is dependent on a device’s built-in capabilities. Some features may not be applicable to all devices. Self service support options are available 24 x 7. However, live support for EMM services are available during the business hours shown above.

Management and support of mobile devices at the sub organizational unit (OU) level will need to be reviewed by DTS with the agency in order to ensure that adequate support, maintenance, and billing is possible.

Product Features and Descriptions

Supported Platforms

Android: Manages Samsung and Motorola mobile devices
Apple iOS: Manages iPhone and iPad devices

See section 3.6 of the Enterprise Mobile Device Policy.

Single Device Enrollment

  • Allows self-service enrollment for end users who want to use the State’s network services
  • Automates user authentication and device assignment
  • Enforces acceptance of End User License Agreement(s)

Bulk Device Enrollment

Stages devices prior to assignment to simplify the enrollment process. Apple’s Device Enrollment Program (DEP) is utilized for bulk enrollment of Apple devices.

Knox and Zero Touch are utilized for bulk enrollment of android devices.

Mobile Device Inventory

Provides mobile device inventory for devices procured through DTS

Self-Service Portal

  • Provides self-service support capabilities without DTS involvement
  • Enables an end user to clear the user’s passcode and locate the user’s device

Broadcast Messages

Sends a customized message to an end user’s device

Cloud Support

  • Stores documents in a cloud-based content management console that is fully encrypted
  • Uploads documents individually or through a bulk import
  • Supports multiple document types, including Office documents, iWork documents, PDFs, JPGs, etc.
  • Organizes content using custom document categories and metadata
  • Tracks document versions and update history
  • Shows which users have downloaded a file and when the file was last viewed

Device Tracking

Enables users to find or track devices that are equipped with location services or GPS

Note: This is an optional feature that is enabled/disabled through location services and GPS on the mobile device.

Application (App) Support

  • Distributes managed (enterprise or agency) apps wirelessly with minimal user interaction
  • Provides per-app VPN tunneling with enterprise network
  • Integrates directly with public app stores, like Apple iTunes Store and Google Play Store, to provide agency-approved or public apps
  • Secures the distribution of apps based on groups with unique requirements and access
  • Provides an enterprise app catalog where users can view, install, and update apps approved by an agency or the State
  • Provides an agency app catalog of agency-developed apps
  • Restricts native apps on a device by way of an approved/unapproved
  • Installs, updates, and removes managed apps from a device remotely

Policy Enforcement

Enforces custom agency license and policy agreements that require acceptance during enrollment

Enterprise policies include, but are not limited to:

  • Passcode policies
    • Implement passcode enforcement with the ability to lock access after failed attempts
  • Device restriction policies
    • Require a device passcode with configurable complexity, length, lock, and wipe rules
    • Enforce full device and storage card encryption according to agency policy
    • Lock down an end user’s ability to use specific device features, apps, and web browsing
  • Customizable policies
    • Configure settings and policies based on ownership in line with agency or State (or both) policies
    • Set up enrollment restrictions to block users or devices based on platform, version, etc.
  • Required software installed
    • Force the installation of agency required software, which will include anti-virus software.

Mobile Device Management

Provides agencies any combination of the following three administrative roles:

  • Help Desk role: Allows users to perform enterprise and/or full device wipe and locate all devices (if location services are enabled) that are registered within the agency’s organizational unit defined in MDM
  • Read Only role: Allows users to view the properties of devices registered within the agency’s organizational unit. However, users cannot make any changes to the device
  • Report Viewer role: Allows users to run predefined reports against the devices registered within the agency’s organizational unit

Provides agencies the following options for managing and supporting their devices:

  • Manage and support their own devices with the access provided by the aforementioned administrative roles
  • Partner with DTS in managing and supporting their devices
  • Defer to DTS to manage and support their devices

Document Management

  • Configures what data is collected and who can view it for different device groups
  • Authenticates users before allowing them to view and download agency documents
  • Defines effective dates and expiration dates for EMM system managed content
  • Defines settings for document transfers over cellular or Wi-Fi networks
  • Enables users to view documents offline or only while online
  • Stores approved content for offline viewing
  • Updates all documents with a single click

Device Security

  • Sends commands on demand to devices to request info or to lock or wipe a device
  • Retires devices as needed (i.e., unenrolls device from agency environment, removes State data if device is a non-corporate-owned device or wipes the device if the device is corporate owned)
  • Disables access to corporate apps if an end user leaves or loses their device
  • Implements passcode enforcement with the ability to lock access after failed attempts
  • Encrypts data in transit and data stored within an enterprise

Agency Content Protection

  • Isolates personal and corporate data on a personal device
  • Provides privacy settings to prevent viewing of personal data
  • Removes corporate access and data for noncompliant devices

App Purchasing

Facilitates purchasing of app licenses for use on mobile devices

Features Not Included

App Purchasing

The following app purchasing functions are not included:

  • Tracking Volume Purchase Program (VPP) orders, including order date number and status
  • Monitoring licenses purchased, redeemed, and remaining for each order
  • Associating orders to a purchase order number, agency, and/or ELCID
  • Uploading, storing, and distributing redemption codes to authorized users
  • Confirming the redemption of codes and successful installation of apps

App Use Training

Training on the use of any app is not included.

Device Training

Training on the use of a device is not included.

Mobile App Development

Developing mobile apps is not part of this service.

Backup

Backing up of the data of any type of device is not included.

App Publishing

App publishing is not included in this product.

Rates and Billing

Feature

Description

Base Rate

EMM Services

The services listed in the Product Features and Description section of this document are included, in part or full, as described. 

Incorporated in Security Rate (See the security rate under the Network Services section of the DTS Rates page for the current fiscal year)

Ordering and Provisioning

Some features of EMM must be ordered by the agency and provisioned by DTS for that agency. To order specific EMM services, such as Application Support and Agency Content Protection, an agency manager will need to perform the following:

  • Download and complete the EMM Advanced Services Order Form.
  • Perform the following steps to submit a ServiceNow request with a copy of the completed EMM Advanced Services Order Form attached:
    • Open a web browser and go to: https://dts.utah.gov.
    • Click Get Help.
    • Click Online Support.
    • Click the paper clip (Manage Attachments) in the upper right-hand corner of the page.
    • Click the Choose File button.
    • Find and select the completed EMM Advanced Services Order Form.
    • Click the X in the upper right-hand corner of the Attachments window to close the window.
    • Complete the rest of the fields on the Create New Incident page.

Click the Submit button in the lower right-hand corner of the page.

DTS Responsibilities

  • DTS is responsible for maintaining a 99% uptime of the EMM system during business hours, as defined at the top of this product description. Any needed support of the EMM system outside of business hours will require a negotiated special billing agreement.
  • DTS is also responsible for:
    • maintaining the EMM system,
    • setting up EMM services for agencies, 
    • completing needed changes to any agency EMM services,
    • performing backups of the EMM system and any subparts used to support it, 
    • completing updates and upgrades to the EMM system and all of its components, 
    • maintaining the servers and the operating systems hosting the EMM system, and 
    • managing and maintaining the MSSQL DB component of the EMM system.

Agency Responsibilities

  • documenting, monitoring, communicating, and enforcing any agency security policies that modify or are in addition to enterprise policies;
  • detailing how any customized part of the MDM services requested by the agency are to be used and how they are to be managed;
  • reporting any loss of services or outages to DTS;
  • managing content outside of the MAM services;
  • managing and supporting unsupported devices; and
  • approving or disapproving third-party applications deployed via EMM for compliance with agency security regulations and requirements.

DTS Service Levels and Metrics

In an effort to improve service to our customer agencies, DTS will measure and report on the following enterprise metric goals:

  • Application Availability
  • Resolution Time
  • Initial Response
  • First Contact Resolution 
  • Customer Satisfaction Surveys and Reporting

Application Availability

Application availability measures DTS’s efforts to ensure that agency key business applications meet the percentage of availability goals identified in each agency’s service level agreement. DTS will determine application availability based upon the collective measurement of the configuration items (both hardware and software) that are required in order to support the agency business services applications. These metrics will be reported each month, by agency, and will be presented in a cumulative report showing DTS’s efforts over several months. These reports will then be posted on the DTS Metrics Web page at https://dts.utah.gov/metrics/index.php

Metric Description

Target Percentage of Application Availability*

EMM

99% during business hours

Table Note: *Times exclude those tickets in a “Pending” status waiting for a known bug fix.

Resolution Time

Resolution time measures DTS’s efforts to resolve customer incidents within the timelines set below based on urgent, high, medium, and low priorities. These metrics will be reported each month, by agency, and will be presented in a cumulative report showing DTS’s efforts over several months. These reports will then be posted on the DTS Metrics Web page at https://dts.utah.gov/metrics/index.php

Total Time to Resolution 

Target Percentage of Tickets Meeting
Priority Timelines

Low priority: 6 business hours

90%

Medium priority: 4 business hours

90%

High priority: 3 clock hours

90%

Critical priority: 3 clock hours

90%

Initial Response

Initial response measures DTS’s efforts to respond to customer incidents within the timelines set below based on urgent, high, medium, and low priorities. These metrics will be reported each month, by agency, and will be presented in a cumulative report showing DTS’s efforts over several months. These reports will then be posted on the DTS Metrics Web page at https://dts.utah.gov/metrics/index.php.  

Time to Initial Response

Target Percentage of Tickets Meeting
Priority Timelines

Low priority: 1 business hour

85%

Medium priority: 1 business hour

85%

High priority: 1 clock hour

90%

Critical priority: 30 clock minutes

95%

First Contact Resolution

First contact resolution measures DTS’s efforts to resolve customer incidents on a customer’s initial contact with either our help desk or a technical specialist. These metrics will be reported each month, by agency, and will be presented in a cumulative report showing DTS’s efforts over several months. These reports will then be posted on the DTS Metrics Web page at https://dts.utah.gov/metrics/index.php

Metric Description

Target Percentage of Reported Incidents Resolved on Initial Contact

First Contact Resolution

65% 

Customer Satisfaction Surveys and Reporting 

All users/customers whose technical incidents are resolved by DTS staff will be given the opportunity to respond to an online survey regarding their level of satisfaction with the support received from DTS. Responding to the survey is voluntary. 

The chart below identifies DTS enterprise goals for customer satisfaction. Cumulative monthly reports will be created displaying the level of customer satisfaction with DTS support. These reports will then be posted on the DTS Metrics Web page at https://dts.utah.gov/metrics/index.php

Metric Description

Target Levels of
Customer Satisfaction

Average level of satisfaction with resolution efforts

≥ 4.5 on a scale of 0–5

Percentage of respondents expressing satisfaction (vs. dissatisfaction)

93% of respondents satisfied