By Jean-Pierre Walle
Often I sit down with a company looking for a mobile device management solution to oversee a Bring Your Own Device programme only to discover they don’t have any policies guiding the use of personal smartphones or tablets at work. In my research, 72 per cent of organisations do not have defined policies for BYOD.
MDM tools are the vehicles by which you enforce company policies for BYOD; they do not set these policies for you. Fortunately, Datacom mobility experts can help organisations develop these policies in the early stages of their BYOD programmes. But this is just the first step. There are other boxes to tick before you choose a MDM tool for your workforce. Most crucial are deciding how you want your MDM solution to handle security, provisioning and configuration, user support, enrolling new users and exiting former ones, personal data and end-point protection.
Do you auto-lock your devices? Less than 10 per cent of people who bring their own devices to work use auto-lock, according to an ESET/Harris Interactive study conducted earlier this year. If a device isn’t locked – the most basic security measure –, no MDM solution will be able to protect it. Before you even entertain managing devices, you must ensure every employee enables auto-lock on their mobile device. Start with your own phone or tablet so you lead by example.
Which device types will you support? This is the million-dollar question for many organisations and being choosy can reduce the chance of too many devices taking over the workplace. You will need to consider platforms, operating systems, models and versions to get a sense of how much support you will need to allow through your MDM solution. You might also consider blocking unauthorised, modified or jail-broken devices. If you’re struggling with choosing which devices to support, Datacom mobility experts can tell you which devices are more manageable than others.
How will you classify and manage assets? You can group mobile devices by operating system or version, classify them based on whether they have been provisioned or decommissioned and monitor specific physical details and device location. You also have choices related to integrating this inventory with your other hardware assets. You can elect to report on these assets, tracking any compliance status and policy violations.
How will you activate the MDM solution on each device? IT can do this physically on each device or you can allow desktop or mail gateway sync. Datacom also offers organisations the ability to conduct over-the-air enrolment and configuration. Keep in mind how you want to remove users who leave the organisation.
How will devices be configured? You can choose to self-service provision, which personalises devices, activates security policies and sets up the network connection.
How do you want to secure the device? What sort of password policy do you want for personal devices? How many characters will be required and how many login attempts are allowed before it must be reset? MDM services offered through Datacom also allow two-factor authentication and may be able to leverage native device encryption depending on the device OS. Your BYOD policies will guide much of the end-point protection you leverage.
How do you want to secure the data? This item is separate from device security, as how you protect the data is ultimately what will keep corporate information safe should a device be compromised. You can elect to do a remote data wipe if you find the device has been left in a public place, operated by another user or lost.
What restrictions will you enforce? It’s possible to restrict access to music downloading applications, cameras and non-enterprise applications and block document sync.
How will you monitor apps? MDM services allow you to keep an inventory of which apps have been installed, lock access to the app store and host custom enterprise apps. You can also offer enterprise software via downloading, web links or access to third-party stores.
Who will help users when they need it? MDM tools can be configured so users can help themselves for easy tasks such as password reset. You can also allow your help desk to interact with remote users through settings on certain MDM products.
Jean-Pierre Walle has over 23 years of experience in IT and telecommunications. He currently serves as a Business Unit Manager for Datacom NZ, a role in which he oversees End-User Services. His teams specialise in managed services for mobile device management, 24×7, global remote desktop support and end-to-end service for SME/SMB customers. In addition to managing these teams, Jean-Pierre oversees the service delivery, P&L and development aspects of these managed services. He is also an ITIL® practitioner.