Mobile Device Management: Your Phone or Mine?

My phone currently sits in my pocket, and as I write this blog, it vibrates silently — reassuring me that I have not lost it, providing updates from friends and family and reminding me of emails and chats I still need to respond to.

Because of the inherent convenience and increased productivity they provide, our phones have become indispensable.

It’s no wonder company leadership typically embraces the idea of a mobile-enabled workforce. However, mobile access should be tempered by the current security landscape, where the perimeter has shifted to the cloud. Security teams should take note that even with large investments, over $75B last year alone, 66% of companies are still reporting data breach and impact events.

Whether employees use corporate-owned or BYOD, the initial response most companies have, is to remove company assets from the device and bar access, eliminating the access that fosters employee productivity. As a result, employees lose the convenience of access to corporate resources, and the company loses its benefit from the increased productivity that a mobile-enabled workforce creates.

An effective mobile device management (MDM) solution can alleviate security issues, covering both corporate-owned and BYOD devices with separate policies sets for each segment. Establishing separate policies allows “lock down” of corporate-owned devices as needed, and the ability to control company-related applications and data without impacting personal data or usage on personal devices.

This can be enhanced by leveraging additional policies allowed via enterprise mobility management (EMM) functions of the major mobile operating systems.

  • Android’s aptly named “Android for work” allows fine tuning of policies and containerization of data and applications within the device
  • Apple has policy controls as well, in addition its device enrollment program (DEP) that helps companies “own” devices and their volume purchase program (VPP) that allows easier rollout of applications (paid and free) to users with or without apple IDs.

To maintain the convenience and productivity gains of a mobile-enabled workforce, it is important to think about the impact on the end users. Many have come to expect and rely on the ease of use and access that their phones provide them to business-critical applications and information — changes to the devices, can cause anxiety and frustration.

Centrify Enterprise Mobility Management

As a customer success manager, I’ve guided many companies through the process of implementing Centrify’s enterprise mobility management, I can attest to the importance of a well-planned and communicated rollout.

Communicating not just what will happen, but also what security benefits it provides to the company will alleviate the panic and the associated feeling that the company is going to become an Orwellian “Big Brother.” For example, this increased security allows IT to

  • See the location of device so that it can be tracked in case of loss
  • Wipe the device due to loss, transition or reissue which protects the employee as well as the company
  • Enforce device passcode settings so that uniform requirements are adhered to across the organization
  • Prompt for multi-factor authentication (MFA) to prevent unauthorized use
  • Restrict application/information access, which alleviates individual employees needing to be concerned about these policies

The positive benefits to employees, are often exactly what they have been hoping for — making their lives easier or providing more control over their corporate identity.

  • Fewer passwords, or even zero sign on (ZSO)
  • Easy MFA options with a device that’s always by their side
  • Self-service abilities to unlock themselves and reset their passwords
  • Access to corporate email and Wi-Fi via certificate resident on the phone
  • Easy way to download corporate applications

Learn more about how to secure mobile devices in the workplace with this webinar