Introduction and MDM vendors
The huge uptake of smartphones and tablets, coupled with ready access to fast mobile connections to the internet, has delivered a perfect storm of opportunities, but also challenges to the small business community in particular.
Commenting in the last Solutions Review, Elizabeth O’Dowd said: “What makes an enterprise mobility solution even more important is the value it holds for the future of your enterprise. Computers are only becoming smaller; laptops are considered mobile devices to most of the top solutions, not just smartphones.
“Sooner than you realise, mobile devices in the enterprise will be a necessity as the lifestyle of the workplace begins to change. Ignore this and not only will you have less efficient workers than your competitors, but employees will seek to work other places with more favourable and modern work environments.”
For your business, the age of the PC is well and truly over. The new era is more about collaboration, decentralisation and the further adoption of mobile devices as BYOD (Bring Your Own Device) accelerates.
“BYOD strategies are the most radical change to the economics and the culture of client computing in business in decades,” said David Willis, vice president and distinguished analyst at Gartner. “The benefits of BYOD include creating new mobile workforce opportunities, increasing employee satisfaction, and reducing or avoiding costs.”
Indeed, Gartner believes next year will see half of all employers expecting their workforces to bring their own mobile devices to work.
All businesses will need to develop their own Mobile Device Management (MDM) platform. In essence, these give your business the tools it needs to ensure mobile devices are used efficiently across your business in a completely secure environment.
Having an MDM operating in your business offers a number of key advantages:
All the devices being used across your business are known and trackedOnly authorised devices can connect to your company networkAnyone connecting to your network from a public Wi-Fi access point is either authorised to do so, or blockedDevices have security systems installed that separate the business applications on the user’s device from their personal information and appsLost or stolen devices can be remotely wiped of any sensitive dataSome services are cloud-based (AirWatch is a good example) and offer low-cost entry for smaller enterprises
Commenting, Trent Fierro, director of security and software solutions marketing at Aruba, a Hewlett Packard Enterprise company, said: “Our advice to any enterprise is to address BYOD and mobility in phases. Determine where data loss can cause the most damage, which groups are most susceptible and how vulnerable the business is.
“Don’t expect BYOD to go away, so create a plan that defines user roles, roles for devices and what happens when rules are met and when they are not. Measure where user and IT benefits improve, as well as the organization’s security posture and then move forward to solve the next use case.”
When you are looking for an MDM vendor ask these questions:
1. Is the MDM platform neutral?
This is important to ensure all operating systems are supported. In an ideal world all of your staff would use the same mobile devices from identical vendors, but in the real world you need to ensure your MDM can offer multi-OS management support.
2. Does the MDM support various configurations?
Thanks to the advent of apps, every device that could be used across your business has a different profile. A good MDM should be able to take this into consideration and modify its protocols accordingly.
3. Is the MDM based on a legacy system?
MDMs that have been specifically built to meet their purpose are preferable to an MDM that is a modification of an existing technology. This will ensure your MDM vendor understands your pressure points, is paying attention to the mobile ecosystem, and is developing their platform to cope with new technologies as they appear.
For the small business community, consider these options:
The bottom line for all small business owners is that the use of mobile devices in their business is only going to expand. Developing an MDM service now ensures you can manage these devices securely today and into the future.
Todd Carothers, executive VP of Product and Marketing, CounterPath told techradar pro: “Having worked with leaders in the MDM/EMM (Enterprise Mobility Management) market I find that there are two primary reasons businesses don’t leverage these products.
“The first is cost versus benefit, with businesses often reluctant to invest in a product or service because it doesn’t see the immediate, palpable benefits. The second is the lack of perceived need, although this is slowly changing as we see a rise in security breaches and increased awareness as a result.”
Security matters and staying in control
In its ‘Enabling Secure BYOD’ report Fortinet states: “BYOD is another battle in the war between security and usability. End users from the CEO down to line workers want the ability to use personal devices for work purposes, their belief being that personal devices are more powerful, flexible, and usable than those offered by corporate.”
Business owners need to look at how their existing security policies can be amended to ensure the high levels of data security their organisations enjoy can be maintained when BYOD devices are used. Modifications to a security policy can include:
The use of VDI (Virtual Desktop Infrastructure) to allow BYOD devices to securely access business servers without any cross-pollination of data that could include malicious codeA decision as to the level of access that BYOD devices will have to a corporate network. Businesses want to allow BYOD, but limits should be set and communicated to BYOD usersThe storage and transportation of sensitive data on personal devices can be allowed, but within certain limits set after consultation across users to ensure a balance can be struck between day-to-day needs for data access, and the overall business security policy that includes compliance with data protection regulationsMobile Device Management may at first glance seem to be the solution to BYOD security issues, but IT managers and CIOs should look closely at how MDM can be used to control a device environment that includes BYODEndpoint security becomes even more important to maintain within a BYOD environment. Remote wiping of data, and on-board antivirus protection become essential, as infection can easily occur via a user’s home network that their device will connect toUsing a private cloud environment to protect BYOD users and provide a single management console for IT managers should be considered
BYOD security is clearly an area that small businesses in particular have yet to fully get to grips with. Research by Decisive Analytics stated: “Most companies (83%) require employees to install software to secure and manage their personal devices when used for work purposes. We asked the companies that do not require security software why they did not require it.
“Surprisingly, the most common responses were: ‘We only allow trusted users to connect to the network’ (25.7%), and ‘We are not concerned about security on these devices’ (15.6%). Some say they have not had a security software solution (13.8%) or are still researching a security solution (12.8%). User rejection (11%), perceived high cost (10%), and perceived complexity (3.7%) were less frequently mentioned.”
The rapid expansion of BYOD has run ahead of business security policies that tend to be rooted in traditional desktop deployments, with notebook VPNs providing robust security for employees that do work remotely.
Staying in control
For small businesses in particular the convergence of technologies that has culminated in the phenomenon we know as BYOD needs to be controlled as it expands across their organisations.
James Lyne, global head of security research at Sophos told techradar pro:
“For some time now I’ve predicted the coalescence of mobile and traditional computing platforms, as they grow to have more similar application models and use cases. We are at a very interesting point in security where there are a wide range of new devices being deployed – from mobile to Internet of Things.
He continued: “So far many of these devices have been found lacking by security researchers but few have been the focus of cybercriminals, I suspect as they hold less interesting data than the traditional computing device. It could be a very short time indeed until that changes, leading attackers to focus on technologies that have a significantly weaker security infrastructure.
“Ultimately, small businesses need to make sure they work with a security provider that can protect them at every point appropriately and can continue to do so as new devices enter their networks.”
How much control your business has over the mobile devices it uses in and outside of the office environment is also a pressing question that needs to be answered
Nassar Hussain, Managing Director for Europe and South Africa at SOTI advises: “Locking everything down will only prove counter-productive. Employees need flexibility to use their mobile devices in ways that accelerate their productivity, but there are some basic security policies that need to be implemented to protect small business data and the networks those devices have access to.
“If the correct procedures and prevention mechanisms are put in place to address mobile security concerns, and you have employees exercising best practices and open communication between the user and the business’ security expectations, you will see a lot of potential threats being avoided.”
Managing the mobile technologies that now proliferate across your business needs planning to understand how these devices are being used. With this information you can develop a detailed policy that enables your business to use these technologies safely and reap the rewards that they clearly offer.