Modernizing Authentication — What It Takes to Transform Secure Access
While mobile device management solutions are often purchased and implemented by companies with thousands of employees, MDM offers plenty of benefits for smaller companies as well, including two businesses interviewed by eSecurity Planet.
In the first of two articles, we looked at Massachusetts-based Needham Bank. The financial institution, which has five branches and over 100 staff serving 34,000 customers, implemented an MDM solution to better leverage improved management capabilities that came with Apple's iOS 4, but it also took advantage of other MDM features including telecom expense management.
In this article, we profile GPM, a California-based pavement construction and maintenance company with a customer base of community associations, commercial property management firms, developers and engineers throughout Ventura, Los Angeles and Santa Barbara counties. GPM employs about 70 people at its headquarters in Santa Paula and around the state.
Until the beginning of 2012, GPM's involvement with mobile devices was limited to providing about a dozen smartphones to key staff members. At that time the company decided to equip its 33-person sales staff with Android or iOS-based tablets to use when working in the field, to create cost estimates for jobs at potential customer sites and to send the estimates back to a company database over the mobile data network.https://o1.qnsr.com/log/p.gif?;n=203;c=204634421;s=15939;x=7936;f=201702151714490;u=j;z=TIMESTAMP;a=20304455;e=i
"With this move into tablets, we decided that we needed a way to manage them in the field and to make sure that the data they contained was kept secure at all times," explained Lance Tully, GPM's business systems manager.
MDM Support a Key Criteria
The challenge was compounded by the fact that Tully did not want to install any management software on GPM premises. "One of our goals as a company is to move everything out of the office into the cloud so that we have no servers to manage or software upgrades to carry out," he said. "So when we went looking for an MDM, the ability to run it in the cloud was one of our key requirements."
Tully surveyed the mobile device management market in early 2012 and quickly identified two leading MDM vendors that offered a cloud-based service in addition to on-premise MDM solutions. Both had competitive products, but after two months of testing he selected the cloud service from Atlanta-based AirWatch.
Tully lacked previous experience with MDM systems and, because there were no major differences in functionality between the two systems, the decision was based on the fact that AirWatch provided solid documentation and support. "We needed extra help, and we felt AirWatch's sales people went the extra mile," he explained.
AirWatch's cloud-based service supports all major mobile operating systems including iOS, Android, Windows Phone, Blackberry and Symbian, and can scale from a single device to over 100,000. Its standard SLA provides solution uptime greater than 99.9 percent, and the company provides an option to transfer to an on-premise deployment at any time. Pricing is based on a monthly subscription for each device under management.
MDM Benefits: Asset Recovery and More
The main motivation behind GPM implementing an MDM was to keep corporate (and customer) data secure. Although the MDM ensures that all data stored on staff tablets is encrypted, Tully said the most valuable mobile device management feature is the ability to ensure that all devices lock automatically after one minute and can only be unlocked with a PIN. If staffers forget PINs, they can be reset remotely using the AirWatch MDM. With only 33 devices under management, this does not place an undue burden on Tully, he said.
The MDM also enables the company to keep track of their tablet assets by checking on GPS locations once an hour. On one occasion, a tablet was reported lost and was immediately wiped via the MDM; it was subsequently recovered using GPS information captured by the MDM.
After exploring the MDM's features, Tully realized that many of the device restrictions that it could impose would prove useful. "We restrict the use of YouTube to preserve our data plans," said Tully. "We also restrict in-app purchases, because we have had issues of employees' children inadvertently buying credits for Angry Birds on the company's tablet."
Other restrictions that Tully has imposed include jailbreak detection, preventing employees syncing their devices with Google Apps while roaming and blocking adult content.
Despite the solid documentation from AirWatch, Tully says the complexity of MDM products such as this one has made it difficult to use to its maximum potential. "I feel that there are probably a lot of features in AirWatch that are very valuable that I am missing out on. I wish there was a good solid training program for administrators," he said.
For organizations implementing mobile device management for the first time, Tully warns the process can turn out to be more time consuming than it appears at first sight.
It took Tully about three weeks to deploy the AirWatch system, but he believes the same deployment could be done in just a few days with the knowledge of the system that he now has. "It did take quite a bit of time to get going because I was a newbie, and it took a while just to learn the system," he explained. "But the documentation was good, so it wasn't frustrating."
MDM Lessons Learned
Some lessons GPM learned from its MDM implementation:
- Implementing a mobile device management system can be complicated for administrators with no previous experience
- The availability of good documentation, support and training should play a major part in MDM vendor evaluations
- Unless your administrators are sufficiently trained in the use of the MDM, paying for features that you are not aware of or do not know how to use is probably inevitable
As with any technology purchase, potential return on investment will factor into buying decisions. Our mobile device management ROI calculator can help.
Paul Rubens has been covering enterprise technology for over 20 years. In that time he has written for leading UK and international publications including The Economist, The Times, Financial Times, the BBC, Computing and ServerWatch.e