Managed services and solutions for mobile device management (MDM) have evolved far beyond basic lock and wipe capabilities. Enterprises facing mobility management challenges require a system built on a secure foundation. A comprehensive mobile security framework stands on four key enterprise mobility points: devices, apps, data, and the network.
1) The Mobile Devices
Naturally, MDM starts with the devices, both user-owned (BYOD) and organization-issued. The key question for IT service support personnel is whether or not they can monitor, control, and protect a wide range of mobile devices. Laptops, tablets, and smart phones with an array of operating systems have become essential to the modern enterprise, and they present unique new challenges.
Mobile IT security begins with visibility into all the devices connected to the network. Everything connected should be identified and categorized using several data points starting with, but not limited to MAC and IP addresses. Devices should be audited on a regular basis for ownership (BYOD or corporate), operating systems, installed apps, and location, i.e. roaming or stationary. Also, they should have the latest anti-virus and anti-malware software installed.
Devices should be centrally configured for pass codes and encryption to detect and block non-compliant devices, and any devices out of compliance should be blocked from network access. Policies should be in place to promptly report lost or stolen devices, and they should be wiped and locked from the managed network. This also applies to devices whose users leave the organization.
2) The Apps
We love our apps. In fact, we couldn’t work without them. Access to e-mail, the Internet and our documents is essential, but keeping them secure is a headache for IT departments. Apps are diverse and many don’t share the same security frameworks. Inventory here is essential. Identify all installed apps and check for compliance with privacy and access policies as well as connectivity and data controls.
Depending on the enterprise’s mobility requirements, organizations must provide a plethora of mobile, web, SaaS (software-as-a-service), Windows and data center apps. Some managed IT solutions have included enterprise-unified app stores, where all of these apps are available to qualified users in one place. The IT challenge is to secure custom and third-party apps centrally, and apply policy controls. Users must also be denied access to apps and data after departing the organization.
3) Mobile Data Security
File sharing across multiple devices has become essential to many enterprises. This has enhanced efficiency, allowing users to access the latest data anywhere, anytime. Unfortunately, this has led to more data leakage events, malware outbreaks, and system compromises. Encrypting data and controlling access to data sharing apps, while allowing users to benefit from them, is a huge enterprise IT challenge.
User friendly, cloud-based storage tools, such as Dropbox and Google Drive, have become increasingly popular, but present enterprises with data security challenges. Hence, many IT solutions for mobile data security have abandoned the one-size-fits-all approach and adopted a tiered system, providing full-stack data access only to those employees with a "need to know." Other workers may only have access to a few task-specific apps.
All mobile data should be encrypted while at rest and in transit. Data leakage can be minimized with secure, encrypted data storage containers. Naturally, the data should be wiped upon user departure or device loss.
4) The Network
Any MDM solution must address network security. Certainly, protecting the enterprise network from viruses and malware delivered via the mobile route is a top priority. IT managers must continuously monitor and control network access, based on device status and user profile.
MDM solutions must be enterprise-grade, capable of keeping sensitive information protected behind a firewall and not exposed to the Internet. MDM solutions should be able to easily integrate with the existing IT infrastructure and allow room for future expansion. Managing increased bandwidth needs is another IT mobility challenge.
Perhaps, the last, but certainly not least ingredient in the MDM recipe is the user. All of us are benefiting from these new devices as the enterprise environment continues to evolve.