MDM tools getting better at supporting companies' mobile strategies
Mobile device management solutions are keeping pace with the changes in how, why and what employees do on their mobile devices, says Richard Broeke, national sales manager at Securicom.
A robust, intelligent mobile device management (MDM) solution is at the heart of successful mobility strategies. In order to truly harness the business benefits of mobility, companies need to have MDM capabilities that go beyond traditional mobile security and basic administrative tasks.
"Companies' employees nowadays are doing more than just checking e-mails on the go. With the burgeoning use of enterprise applications that give a company's employees access to corporate data from their mobile devices, managing access and security on those devices is becoming increasingly important for business. Companies have to consider the implications of unsecured devices accessing company resources and storing and transferring business data.
"Fortunately, MDM solutions are keeping pace with the changes in how, why and what employees do on their mobile devices. In fact, MDM is probably one of the fastest-evolving aspects of IT. Technologies have moved beyond the administrative-type features to a point where they are now able to provide meaningful support for companies' mobile ambitions to make mobile work for them. This is a positive trend for IT administrators," explains Richard Broeke, national sales manager from managed IT security vendor, Securicom.
"Newer capabilities mean that they can control the entire life cycle of devices, from commissioning to decommissioning. Even in a BYOD scenario, a credible, enterprise-grade MDM solution gives companies the power to configure and provision devices, enforce security software updates, manage access to company resources from mobile devices, set usage policies around what users can do with certain file types, monitor device compliance with security policies, and decommission devices, among other things," explains Broeke.
As with e-mail, he says organisations need to implement a sound mobile device security policy, which stipulates the requirements for securing mobile devices, including company-owned and employees' personal smartphones and tablets used for work purposes.
"Like we saw with e-mail, it is essential that ground rules are established. This is to ensure that the company's security requirements are being met while at the same time acknowledging employees' rights to privacy. A mobile security policy obviously needs to be enforced with an appropriate, effective MDM solution," says Broeke.
On the effectiveness and appropriateness of MDM solutions, Broeke says companies need to perform a risk analysis before selecting a solution. The risks that the business faces with the widespread use of mobile devices should be documented. For one company, protecting regulated data might be the main priority, while others might deem controlling access to the corporate network via mobile devices as more important. Once the priorities are established, companies can begin matching available technologies to those needs.
Some of the considerations include:
* The user matrix – which employees are using mobile devices for work purposes? What is the profile of the users? What kinds of information does each user profile need to access?
* The device matrix – what devices are they using? What devices, if any, should be disallowed?
* Device deployment – how are mobile devices deployed to users? Are they owned by the company or their employees' own devices?
* Connectivity – how will employees connect to the network and how can this be secured?
* Device security – how will content be secured and how can regular updates be enforced?
* Device decommissioning – processes for deactivating or decommissioning devices, should they be lost or stolen, or should the employee leave the company?
* Access control – how to check the validity of users and control the level of access employees have to business information from mobile devices?
* Application control – what sort of applications can be downloaded onto mobile devices that are used for work purposes and to store business information?
* Monitoring – how to gain visibility of usage behaviour and the security status of mobile devices?
* Data loss prevention – what type of information can be downloaded and stored on mobile devices?
"There are also other boxes that need to be ticked. For instance, can the MDM solutions support the organisations' existing applications, such as e-mail platforms or a business process management app? Also, can the solution support different mobile operating systems? This is particularly relevant in a BYOD environment.
"Another important aspect to consider is the management console. It should offer a holistic, centralised view of the mobile device ecosystem, and a complete set of tools aligned with the organisation's requirements and mobile strategy. The administrator must be able to quickly apply new policies, track devices through the geo-positioning feature, lock-down and wipe clean stolen devices, apply security updates, and monitor if the devices are being used in compliance with the security policy.
"Not all MDM solutions are created equal. Not all of them offer the wide range of capabilities that are quickly becoming standard requirements. And, some management dashboards just don't have the tools or offer the visibility that the administrator needs.
"The dynamic mobile management market means new features are always being added. Make sure your MDM solution is at the cusp," advises Broeke.
He concludes saying that opting for a managed, cloud-based MDM solution is probably the easiest and most effective way for companies to cost-effectively access best-of-breed capabilities and enjoy access to qualified support.