Mobile Device Management is revolutionizing the smartphone market

By: Scott Christianson

Mobile Device Management is revolutionizing the smartphone market, from Apple iOS and Android devices to laptops and ruggedized mobile devices, it is being used in medical facilities, schools, businesses, and even in the cockpit of the next flight you take.  The concept is not new, Blackberry has offered some of these services to its customers for years, but with the advent of more robust smart devices it has allowed the market to explode.   It is estimated that roughly 60-70 percent of business today will adopt some form of MDM solution in the next few years.

Typically, these solutions are either controlled by an On-Premises solution or Cloud based “SaaS” solution that charges a monthly fee for service.  Not only does MDM allow for email and remote software application installations, but it also allows users to connect securely to corporate networks allowing ANYTIME access to documents, reports and applications.

Many of the terms related to Mobile Device Management will include MDM (Mobile Device Management), MEM (Mobile Email Management), MAM (Mobile Application Management) and BYOD (Bring your own device).

Constant Connection and Security

Some MDM solutions provide features to restrict attachments being sent outside of the corporate email infrastructure while also encrypting messages and data attachments for security purposes.  Other security features include device encryption, data cards (SIMs) encryption and forcing of strict password controls depending upon corporate requirements.   Many providers have enabled the corporate data and software to be wiped (removed) from the device if the device ever becomes lost or stolen, up to the point of wiping the entire device of all corporate and personal data should it be required.

In addition to encrypting messages and attachments, modern MDM solutions can monitor devices for Jail-Breaking iOS devices or Rooting Android devices and can quickly send messages to the Administrator and owner of a device when such occurrence is detected, even up to the point of disabling access to company data, email and changing passwords to lock the device.  Features also include remote locking of a device, add requirements for strong password to unlock the device and the removal of profiles installed on the devices.

Reporting and Management

MDM has leveraged both corporate owned devices and employee-owned devices (BYOD) Bring Your Own Device.  These solutions can monitor device location, telecommunication usage, remotely install software, track, and protect email usage and allow access to company network data.  Other features allow the disabling of Cellular Data when traveling to save costs, locking out features that may compromise security as well as special configurations to place the devices into a Single Device Multi-User mode so the device can be shared among many users in a company.

Mobile Device Strategies

Planning

As more and more companies adopt management of mobile devices it becomes necessary to make all the networking and policy pieces fit so that all devices can benefit from this technology.

1. Determine the corporate policies regarding the company owned and individual owned devices.
2. Determine what security guidelines are required for the devices and which devices can be allowed to participate in the MDM program.
3. Find out if the network infrastructure can support the many firewall rules, certificate services and hardware needed to supply those services.
4. Make a 6-year plan; is the service needed for only one sector of your organization or the entire organization?
5. Decide who will have access to the system; will the service be offered to contractors (temporary workers) or only full-time employees? 
6. Determine who will have ultimate responsibility to maintain the system, remove old devices (devices that have not checked-in) for (X) number of days/weeks.
7. How many devices can any one employee have enrolled on the system?
8. How should your organization integrate account creation; will it be fixed LDAP, SAML, or integrated via Active Directory, GroupWise or through manual account creation?
9. In respect to enrollment, is your directory structure equipped to automatically place any device/individuals into the proper groups without manually administration? 
10. What are the enrollment procedures to participate in the program?
11. Will all devices receive the same applications or will specific devices i.e., Cell Phones vs Tablets receive different applications?
12. Will Apple DEP or VPP programs be involved?
13. What information will be tracked from each device?  Depending upon your specific country or state, privacy laws may restrict the amount and type of data that can be monitored.

Create detailed use policies for your users to sign detailing use, monitoring, access times.  This may help to avoid future legal battles regarding privacy, overtime pay and help to set the user expectations regarding the MDM program.

The above are just a sampling of the questions that should be answered prior to a rollout of an enterprise MDM solution. 

MDM solutions can be an effective way to increase efficiency and profitability through Always-On access to company resources, or poorly planned it can be a Never-Ending Money Pit that requires constant reconfiguration, possible outsourcing and lead to employee frustration and less overall employee acceptance of the program.