Effectively Securing Mobile Devices

Effectively Securing Mobile Devices
By

Multi-platform mobile device managers (MDMs) can help IT pros efficiently and safely enable business use of employee-purchased iPhones, iPads and Androids.

IT groups are facing enormous pressure to support consumer-grade employee-owned smartphones and tablets. But there's just no way to cram Androids or iPads into BlackBerry Enterprise Servers and there’s only so much Microsoft Exchange can do for these devices. With regulations growing and mobility exploding, satisfying these can't-refuse requests with one-off exceptions is a losing battle.

Fortunately, mobile device management (MDM) systems can put many bring-your-own (BYO) devices to work quickly. But MDMs are still racing to embrace the latest smartphones and tablets while navigating their limitations. Let's look at how MDMs fit into your network and what they can really do to ease IT pain associated with BYO devices (Figure 1).

MDMs Eases IT Pro PainMDMs Eases IT Pro Pain

Managing Diversity

MDMs are a new twist on a decade-old approach. Until recently, most employers purchased and provisioned standard-issue BlackBerry or Windows Mobile phones for mobile workers. On-going control was exerted over-the-air (OTA) by RIM BlackBerry Enterprise Server (BES) or Microsoft Exchange, creating separate policies and workflows for each mobile OS.

This approach hit a wall when the iPhone and then Android appeared. Demand grew for a "single pane of glass" through which to centrally-provision and maintain an increasingly diverse array of smartphones and tablets. By April 2011, Gartner had identified over 60 vendors offering multi-platform MDM capabilities.

Partial list of MDM vendors: AirWatch, Boxtone, Fiberlink, Good Technology, McAfee, Mobile Active Defense, MobileIron, Odyssey Software, SOTI, Sybase, Symantec, Tangoe, Ubitexx, Zenprise.

Today, many MDMs can manage iOS (4+), Android (2.2+) and Windows Mobile (6.x) devices. Some can also manage Symbian and WebOS devices. Only a few cover Windows Phone 7 or BlackBerry–usually by pass-through to BES or Exchange/Microsoft System Center.

The first step in tapping MDM is therefore to match supported devices to your own smartphone, tablet and ruggedized handheld population. Even if IT cannot dictate BYO device selection, you can set minimum requirements for devices granted business access and IT support. Beware of do-it-all MDMs that focus on breadth at the expense of depth. Seek out MDMs that address today's top needs effectively while demonstrating agility to tackle tomorrow's devices.

Lisa PhiferLisa PhiferLisa Phifer owns Core Competence, a consulting firm focused on business use of emerging network and security technologies. Since 1997, Lisa has reviewed, deployed and tested mobile policies and practices, ranging from wireless/VPN security to device/data defenses.

Comments
verse