Establishing Digital Trust: Don't Sacrifice Security for Convenience
Historically, the push for IT changes came from top-level executives and organizations provided employees with high-end computers that were well beyond the technology people had in their homes. Laptops are a great example of this - they entered the world in a top-down, calculated and directed fashion, which in turn put them under the deployment guidelines and management of IT.
This dynamic has shifted, however, as employees across organizational levels are introducing personal mobile devices into the work place. Unlike laptops, smartphones and tablets have been commoditized almost from their introduction. Rather than an extension of the computing environment, these devices followed a separate technology innovation path, following the cell phone and converging computing technologies.
Like revolting peasants, young employees entering the workplace did not care to listen to existing policy. They brought their personal devices with them and quickly attached them to any and every infrastructure resource they could find or crack. Their motives were not bad; they simply saw no reason not to extend personal productivity into their workplace environment through smartphones and tablets.
If it were only the newest, youngest employees creating this technology risk, it could be stopped by strict enforcement of business rules; the fire-able offense is still a deterrent. But the C-suite also has revolted. Stories about a CEO bringing a new tablet to the IT director’s office and issuing the “get my corporate email on this device” proclamation have become commonplace. Every story then continues with other executives adding their new devices, keeping up with the young technophile employees who have already done so on their own. Once those gates are open, they don’t close.https://o1.qnsr.com/log/p.gif?;n=203;c=204650394;s=9477;x=7936;f=201801171506010;u=j;z=TIMESTAMP;a=20392931;e=i
For IT to protect the environment, increase productivity and give the people what they want, they must implement a sound Mobile Device Management (MDM) strategy that allows IT to create the necessary controls to manage who comes into the house, what they are allowed to do there and what to do if the rules are broken.
Do you need MDM?
If you answer yes to any of the below questions, you do.
- Are there multiple smartphones and/or tablets in the workplace?
- Does the company allow employees to bring their own device or attach their devices to corporate resources such as email? (Or know that employees are doing so, even without permission?)
- Do employees load applications on their devices from any source or marketplace not controlled by the company?
Those seemingly innocuous questions are only the beginning, and it’s only a matter of time before you answer yes to one – if not all – of them.
At the base level, MDM is already available in just about every mobile operating system. There are many MDM vendors in the market place today, but the landscape is fragmented and no business or technology consolidation has taken place – so selecting the right vendor can be a challenge.
Building an MDM Strategy
Here are six questions to consider when building an MDM strategy and choosing a vendor:
Does the MDM solution operate behind the company firewall, a dedicated hosted environment, a multitenant environment or all of the above? Maximize your flexibility here; what works for you this year may not work next year. Many companies are beginning to outsource productivity applications to cloud-based environments such as Google Apps or Business Process Outsourcing vendors. Make sure your selected MDM solutions work in these environments. If security is a primary concern, think about a behind-the-firewall solution and steer clear of multi-tenant hosted solutions that mean you share hardware and software resources with other institutions.
Does the MDM solution allow you flexibility to protect the environment while promoting productivity? Keeping unwanted devices out of the infrastructure while allowing approved devices in is the number one task. If the MDM server does not have this intricate level of blocking, you are at risk. Does the MDM server allow “white-listing” and “black-listing” of applications?
Does the MDM solution provide you with a rule-based framework? In the same way that an IT administrator has active directory security groups that allow or deny access to resources, MDM should do the same. Any aspects of the policy must be apportioned to appropriate segments of the population. This means executives can roam internationally and watch YouTube, while task workers are expected to remain productive and not play games or download uninvited malware. The latter is particularly important in unregulated application stores.
Does the MDM solution work with the other middleware in the infrastructure? Your environment certainly has a mail server, LDAP, database and the other typical infrastructure servers, but it also must interact and even manage complimentary middleware such as BlackBerry Enterprise Server or Good Mobile Messaging Server. Many infrastructures that carry multiple mobile devices and operating systems have these services. This is important from a usage and IT administration scenario. Managing separate pieces of middleware separately will add complexity and cost.
Does the MDM solution give you tools to identify and reduce costs? If you are doing everything right to secure the environment but not reducing costs, you are only winning half the battle. An MDM solution that allows for event monitoring, event triggers and event-based actions can save the company an inordinate amount of telecom spend. Imagine the ability in near real-time to alert management that an employee has exceeded 500 SMS messages, let an employee know they have exceeded their minutes or alert and cut off a device that is roaming internationally. These are just the tip of the iceberg. If your MDM solution has a rules-based framework and event management, the opportunities are immense.
Does your MDM solution fit into your broader strategy to address consumerization? The spread of user-owned smartphones and tablets is only the first phase of the consumerization trend. This trend may have already, or will soon, affect other devices and spread to other areas of the business with the rise of consumer applications, social networking and gamification. Your IT environment will become a more complex mix of corporate and user-owned technologies. When selecting a MDM solution, ask how it supports a larger variety of end user service delivery scenarios. Does it support more than just mobile devices or allow you to secure and manage corporate apps and content without actually managing the device?
Marshall Geyer’s extensive experience in the technology space includes enterprise solutions architecture, federal and defense services, solutions design and assurance and mobile managed services. He currently leads Dell’s network services delivery, which includes consulting, deploying, managing and supporting data center networking.