Tips for Choosing Mobile Device Management Tools

By Lauren Fritsky

Mobile device management is often touted as a cure-all for handling the consumerisation of IT, and for good reason. MDM software can help IT departments better secure and manage a variety of devices, including controlling how employees access certain applications and corporate data. Like most technology solutions, getting the most out of these tools depends on what specific needs your organisation has regarding mobile device use at work. Here are a few areas to consider before you choose an MDM solution.

Determine the core features required

Your device management options are almost as vast as the number of devices you could allow in your workplace. Organisations working with Datacom have used a number of different MDM solutions – it all depends on which features are most relevant to your organisation. Some device management tools focus more on policy or application management while others have extra security functions, such as data containers. There are other mobile device management options which carry extra features such as automated enrolment, enhanced reporting capabilities and integration. You also have the option of hosting the solution onsite, in the cloud or using a third party service through a managed services provider.

Pick the devices to support

Key in choosing a mobile device management solution is determining which devices and operating systems to support in addition to whether you will allow employee-owned devices and company-issued ones to co-exist. MDM functions vary based on device operating system, make and model and in how much access the IT department has to native settings. Mobile operating system fragmentation is also creating challenges that increasingly require IT to choose which devices and features to allow so they don’t have to perform manual setup on a regular basis.

Consider the depth of security

Most mobile device management systems will include elements such as authentication, encryption, virus checks and data wipe. Certain MDMs can use native APIs to manage devices used remotely, and you also have the option of tacking on third-party features for added security. Data wipe sounds like a final, harsh solution to dealing with compromised devices, but certain management tools actually target only corporate data, not the complete device. If you do institute a complete data wipe policy for compromised devices, Datacom recommends letting users know this is a possibility so they can ensure they back up their personal data.

Manage your assets

One of the riskier things that can happen when you allow a flurry of devices into the organisation is losing track of what data and business applications are being stored on them. Regardless of which type of MDM tool you choose, best practice dictates you manage devices from enrolment to deactivation so you can fully monitor all corporate data and applications stored on them. This asset management approach helps IT get a better handle on security, software licenses and application deployment.

Which mobile device management solution has worked at your organisation?

Security in a Bring Your Own Device World

By Lauren Fritsky

The cyber security risks inherent in the Bring Your Own Device trend are ever-present and rapidly multiplying. Sometimes the threat comes from innocently logging into an unsecure wireless network. Other times, a phone is dropped on the sidewalk or left at a café where it may fall into unscrupulous hands. In other scenarios, employees knowingly compromise corporate data and put their company’s integrity, financial stability and reputation at risk.

So how do you allow mobility to sweep through your organisation’s doors without putting everything and everyone inside it at risk? Richard Byfield, managing director of Datacom’s Technical Security Services (TSS), says achieving a more secure Bring Your Own Device program requires organisations to:

•    Centrally configure, monitor and manage smartphones and tablets
•    Ensure mobile infrastructure, devices and apps start, and remain, in a trusted and compliant state
•    Protect devices from corporate data loss while preventing security breaches and non-compliance scenarios
•    Securely deploy and manage corporate apps, data and documents
•    Mitigate the risks associated with devices operating in a compromised state or within an environment that could expose it to threat
•    Address regulatory compliance and produce up-to-date auditable compliance reports

Byfield is speaking on Bring Your Own Device cyber security at a live panel for AusCERT2012, hosted and streamed by ZDNet, in Queensland beginning today and ending Friday. AusCERT event organisers handpicked expert speakers from around the world to discuss the various security risks related to mobility and the best solutions being used to mitigate them.

Read our other posts on mobility and cyber security:

Respecting Privacy: Keeping Data Confidential in the Cloud

Mobile Employees and Cyber Security Go Hand in Hand

A Bring Your Own Device User Policy Checklist

3 Steps to Managing Bring Your Own Device at Your Business

The Headaches Inherent in the ‘Consumerisation of IT’

A Bring Your Own Device User Policy Checklist

If you’ve already developed a Bring Your Own Device strategy at your enterprise, the next step is crafting a user policy for your workforce. While you should customise the plan to address your specific business needs and concerns, a few checklist items will get you thinking about the “must-haves” to include.

Will your entire workforce be eligible for BYOD?

Consider if you will restrict access to certain groups, departments or positions or if certain users will only have access to specific applications. Will employees need approval from their managers to access certain corporate functions? BYOD is becoming the norm rather than the exception, so communication is a key part of wider acceptance for any organisation.

Can your employees bring in any device for which they are individually liable?

Outline a list of devices you will approve and include any support limitations that may emerge for certain devices. A decision on how you want your users to access your environment is a critical component of any BYOD strategy.

To which corporate applications will you grant access and what will be acceptable use?

You could put limits on certain services or use password protection for some applications. Include how you will monitor services such as social networking sites that may be used for work or personal reasons. Technologies such as Citrix XenDesktop or VMware View can give your users the best of both worlds: their desktop remains as is whilst the corporate desktop is provisioned into the device.

How much support will you give?

Will IT staff only be charged with connecting personal devices to the company network, including email and intranet, and then the employee maintains all other support needs, such as smartphone repairs? What also happens once that machine is off network – who will support the users’ home requirements so that they can continue to access the corporate environment, 24/7?

Will you give a stipend for use of company applications?

If yes, decide how much, how often and how you will handle employees who go over their usage limits.

How will you protect data integrity?

Plan password requirements – for instance, how many characters should they include and how often should they be reset? Will you lock a user out of corporate applications if they log in with the wrong password a certain number of times?

What are the ramifications for violating the user policy?

A series of warnings, restricted access or probationary periods are options to consider. For the more serious cases, a suspension of user rights and access times may also be appropriate.

How will you handle security breaches, malware attacks or the loss or theft of a device?

Datacom has seen enterprises use a variety of mobile device management software and endpoint security solutions to wipe all or only the corporate portions of a personal device. If an organisation chooses to use a data wiping procedure, ensure the users know what this means, as the loss of personal data (photographs or financial data) could be devastating. Remember to institute a reporting policy that tells employees how long they have to tell IT about a stolen or compromised device.

How will you decommission a device?

This includes circumstances such as an employee wanting to use a new personal device or employee termination. When using Citrix XenDesktop or VMware View remote access technologies, decommission can be as simple as disabling access for that client.

Julian Buckley is the Business Manager of Professional Services for Datacom in QLD.  Julian leads a team of solution architects, project managers and consulting engineers that evangelise, design, scope, deliver and implement purpose-built, client-focused infrastructure and virtualisation solutions for our customers. His team in QLD focuses on long-term relationships with clients, building end-to-end enterprise ICT architecture for corporate, education and government clients across Microsoft, Citrix and VMware technology sets.  A local leader in virtualisation in the QLD market, Julian’s team can help all clients achieve greater return on investment, reliability and performance through best practice, industry-leading solutions.

The Headaches Inherent in the ‘Consumerisation of IT’

By Michael Harman

As summer break ended for Australian employees, new issues emerged for IT professionals.

While holiday gifts previously stayed at home, now millions bring their Kindle Fires, Galaxy 2s, iPhone 4Ss or the newest Windows 7 phones into the office. About mid-January, many IT departments found themselves responding to requests from eager employees to the tune of “I’d like my work email on my iPad, please.”

The “Consumerisation of IT” has exploded. While new mobility offers huge opportunities for today’s employees and businesses, it’s created some serious IT headaches.

With quick access to email and work documents that can be used practically anywhere, smartphones can be susceptible to breaches and quick downloading of personal data.

Also, the explosion of mobile devices has led to a proliferation of several popular operating systems. iOS, Android, Windows, Symbian and Blackberry are all widely used and IT departments need a functional knowledge of all of them and how to work them into the enterprise.

The loss of control is worrying to IT departments. With mobility, it seems you can no longer specify when files can be retrieved, turn off access, and wipe phones when they’re misplaced. It seems you can no longer become fantastically literate on a specific piece of hardware or operating system.

Fortunately, there are a wide variety of solutions available to help manage the additional risks that come with the increasing number of new devices.

Mobile device management (MDM) software helps companies monitor, manage and secure mobile devices within one network, reducing support costs and limiting risk. Endpoint security solutions specifically secure devices against malware, intrusion and data loss, both on and off the company network. Updated remote management and data wipe software can lock access to specific data or remove it completely in case of a lost or stolen personal device.

Mobile devices will continue to advance, and so will the technology IT departments use to manage them.

As IT professionals, we’re in the business of enabling increased innovation and productivity to the business, and mobile devices help us help the workforce do just that. It’s up to us to adapt and address this lack of control – these new IT headaches – so users have access while the business is secure.

+++

About Michael Harman

Michael Harman is the Director of Datacom Systems, New South Wales, responsible for the overall strategy and leadership of the company. With an ICT career extending over 24 years, Michael has experience leading the engagement of large, complex IT projects that span multiple geographies. Michael is passionate about all things technology, keeping his pulse on emerging trends in order to solve the unique business challenges of NSW businesses through leading innovation.