Many corporations now allow their workers to bring their own devices such as cellphones and tablets to the office. But this can backfire if the appropriate mobile device management (MDM) policies are not properly enacted. As an InformationWeek Analytics 2011 Strategic Security Survey has found, only one in three respondents deploy MDM as part of a comprehensive security policy, a point also noticed by Forrester Research.
Although some organizations have resorted to prohibiting employees' use of their own devices for work-related activities, the trend line is moving in the opposite direction and a far better plan is to figure out the best MDM policy as soon as possible.
Setting up Your Mobile Device Management PoliciesCurrently, many companies have not yet set up security policies specific to employee-owned devices, or if they have, the standards are bare-boned and lack the necessary stringency. For employee-liable devices, what's required is a set of well thought out, consistent and properly applied MDM policies.
Some organizations start out by deploying policies to employee-owned devices through Microsoft Exchange ActiveSync, which offers limited security policy capability. But to implement secure and compliant polices, an MDM solution with an agent resident on the device is required to accommodate features such as in-house deployment of enterprise applications, documents and media to control user access to enterprise applications and data, and, comprehensive hardware, software and health reporting.
To select the proper MDM solution, an organization should ask each vendor questions such as:
Does it integrate with industry standard management platforms?
Can employee-owned devices be readily identified and grouped to assign policies?
How does the end-user obtain the MDM device agent for the device?
Are there mechanisms for IT to control which users are allowed to enroll the device in MDM?
How are policies applied to the device and how are conflicts resolved?
With lost/stolen devices, how is lock and wipe confirmation handled and reported?
Availability of compliance reports?
Companies that take the time to ensure that only authenticated devices are allowed to connect to the network and establish and enforce MDM policies will be the most successful in integrating employee-owned devices into the network.
Beyond MDMThe growing popularity of bringing personal devices to work ultimately will require IT management to make MDM a core part of their management strategy, as they do now with other assets of the organization. For example, it's been reported that some enterprises have added to solid MDM platforms with custom, mobile versions of internal applications, say, for instance, to find other employees, or to calendar meetings, or establishing an internal page in which users can download corporate applications.
Of course, implementing a sound MDM policy that regards what's best for the organization's application and data security is a must-have as more personal mobile devices continues to proliferate across enterprises. But it should be acknowledged that such policies are living structures that must be responsive to the needs and productivity capabilities of the workforce.