What to Look for in Mobile Device Management Systems
What to Look for in Mobile Device Management SystemsTools developed before the time of bring your own device (BYOD) does not address the specific challenges of smartphones and tablets.
Mobile devices can be the most liberating advance in information technology in years or the biggest pain you’ve had to deal with in your career.
If you tend to agree with the first premise, you are probably one of many professionals who have come to depend on their smartphones and tablets for routine business work and managing your personal life. If you tend to cringe and think of management and security concerns when you see someone working on their tablet from a coffee shop then you probably make your living managing IT infrastructure, keeping it secure or keeping it running in some other way.
One of the challenges IT professionals have faced with mobile device is that tools developed before the time of BYOD do not address the specific challenges of smartphones and tablets.That has changed though. Mobile device management systems (MDM), and the related mobile application management (MAM) platforms, are providing tools for enforcing policies and practices you need to mitigate the risks associated with increased mobile device use.
Here are some factors to consider when you evaluate mobile device management systems.
Security is at the top of the list when it comes to mobile device management.For starters you may want to restrict access to your network to devices that are registered to an employee. MDMs should streamline the registration process by taking advantage of enterprise directories for identity information and offering self-service portals for the registration process.
An MDM can ideally query mobile devices to determine configurations, installed apps, and other information about the state of the device. This information can be used to verify the device complies with your policies and, if not, restrict or block access to information resources. When certificates are used to authenticate devices, consider how well your MDM options supports certificate distribution and other management operations.
Protecting privacy and confidentiality of an organization’s data is a common top priority. Protecting against data loss begins with a well defined policy and data classification scheme, but you will need tools to enforce that policy. An MDM should be able to enforce your device encryption policy and if necessary remotely wipe a lost or stolen device.
Requiring device encryption may be an area that causes problems when it comes to employee owned devices. An employee might find that their favorite app no longer works once she enables full device encryption. Since the device is owned by the employee they may decide not to use full device encryption. Since your organization is responsible for protecting its data, you may block that device from accessing your network.
A better option may be to restrict the types of operations a device can perform with enterprise applications. For example, an insufficiently protected tablet may be restricted to running enterprise applications in a virtual desktop environment that does not enable the user to download data to the tablet.Role-based access controls enforced by an MDM can help implement this type of restriction.
If you want to restrict the types of apps that users can run on their mobile devices, you can take a two-pronged approach.
First, you can implement a white list/black list approach and have the MDM enforce the use of approved apps.Second, you can implement an enterprise app store that makes it easier for employees to discover, install and keep up-to-date approved apps.
Dan SullivanDan Sullivan is an author, systems architect, and consultant with over 20 years of IT experience with engagements in systems architecture, enterprise security, advanced analytics and business intelligence. He has worked in a broad range of industries, including financial services, manufacturing, pharmaceuticals, software development, government, retail, gas and oil production, power generation, life sciences, and education. Dan has written 16 books and numerous articles and white papers about topics ranging from data warehousing, Cloud Computing and advanced analytics to security management, collaboration, and text mining.
See here for all of Dan's Tom's IT Pro articles.