MDM features vs. native mobile security



Similar documents
Solution Spotlight BEST PRACTICES FOR DEVELOPING MOBILE CLOUD APPS REVEALED

Hybrid cloud computing explained

E-Guide HOW THE VMWARE SOFTWARE DEFINED DATA CENTER WORKS: AN IAAS EXAMPLE

Benefits of virtualizing your network

E-Guide SIX ENTERPRISE CLOUD STORAGE AND FILE-SHARING SERVICES TO CONSIDER

E-Guide WHAT IT MANAGERS NEED TO KNOW ABOUT RISKY FILE-SHARING

E-Guide CLOUD COMPUTING FACTS MAY UNCLENCH SERVER HUGGERS HOLD

Software Defined Networking Goes Well Beyond the Data Center

Evaluating SaaS vs. on premise for ERP systems

Preparing for the cloud: Understanding the infrastructure impacts Eight essential tips for a successful cloud migration

E-Guide CONSIDERATIONS FOR EFFECTIVE SOFTWARE LICENSE MANAGEMENT

Securing the SIEM system: Control access, prioritize availability

E-Guide UNDERSTANDING PCI MOBILE PAYMENT PROCESSING SECURITY GUIDELINES

HOW TO SELECT THE BEST SOLID- STATE STORAGE ARRAY FOR YOUR ENVIRONMENT

Is Your Data Safe in the Cloud?

IT Resource Management vs. User Empowerment

3 common cloud challenges eradicated with hybrid cloud

How To Protect Your Online Backup From Being Hacked

E-Guide NETWORKING MONITORING BEST PRACTICES: SETTING A NETWORK PERFORMANCE BASELINE

How To Manage A Mobile Device Management (Mdm) Solution

Security. Mobile Device FOR. by Rich Campagna, Subbu Iyer, and Ashwin Krishnan. John Wiley & Sons, Inc. Foreword by Mark Bauhaus.

What We Do: Simplify Enterprise Mobility

E-Guide MANAGING AND MONITORING HYBRID CLOUD RESOURCE POOLS: 3 STEPS TO ENSURE OPTIMUM APPLICATION PERFORMANCE

5 free Exchange add-ons you should consider Eliminating administration pain points on a budget

Solve BYOD with! Workspace as a Service!

BRING YOUR OWN DEVICE

Choosing an MDM Platform

GUIDELINES FOR EVALUATING PROCUREMENT SOFTWARE

LTO tape technology continues to evolve with LTO 5

Managing Data Center Growth Explore Your Options

HOW MICROSOFT AZURE AD USERS CAN EMPLOY SSO

BUYING PROCESS FOR ALL-FLASH SOLID-STATE STORAGE ARRAYS

Cloud Security Certification Guide What certification is right for you?

How to Define SIEM Strategy, Management and Success in the Enterprise

Hyper-V 3.0: Creating new virtual data center design options Top four methods for deployment

Athena Mobile Device Management from Symantec

Kaspersky Security for Mobile

Chris Boykin VP of Professional Services

How To Protect Your Mobile Devices From Security Threats

How To Manage A Corporate Device Ownership (Byod) On A Corporate Network (For Employees) On An Iphone Or Ipad Or Ipa (For Non-Usenet) On Your Personal Device

IBM Endpoint Manager for Mobile Devices

Virtualization backup tools: How the field stacks up

Symantec Mobile Management Suite

E-Guide MOBILE DEVICE MANAGEMENT CHECKLIST

Answers to these questions will determine which mobile device types and operating systems can be allowed to access enterprise data.

How To Support Bring Your Own Device (Byod)

5 ways to leverage the free VMware hypervisor Key tips for working around the VMware cost barrier

Key Requirements of Enterprise Mobility Management Solutions

RFI Template for Enterprise MDM Solutions

Best practices for mobile data protection

E-Guide HOW A TOP E-COMMERCE STRATEGY LEADS TO STRONG SALES

BEST PRACTICES FOR MANAGING THE EVOLUTION OF EHRS

Sophos Mobile Control - Competitive Overview

CHOOSING AN MDM PLATFORM

E-Guide THE LATEST IN SAN AND NAS STORAGE TRENDS

The Do s and Don ts of Server Virtualization Back to basics tips for Australian IT professionals

ShareFile for enterprises

ENTERPRISE MOBILITY USE CASES AND SOLUTIONS

Everything You Need to Know About Effective Mobile Device Management. mastering the mobile workplace

IT Resource Management & Mobile Data Protection vs. User Empowerment

Transcription:

vs. : Mobile device management or MDM plays a critical role in, but should always trump native security features of mobile devices? Lisa Phifer weighs in on how to choose the best approach for your workforce. vs. : Striking a balance By Lisa Phifer Mobile device management (MDM) products can play a big role in mobile security by provisioning and enforcing mobile native security measures embedded in smartphones and tablets. But some MDM products blur the boundary between "governing" and "doing" by delivering integrated security measures such as secure messaging or VPN to replace the native security measures baked into each device. Which approach is a better fit for your workforce? Let's take a look at the pros and cons of each. : Going above and beyond Baked-in can complement native by protecting data at rest, data in motion, or by promoting device integrity. Some MDM-integrated capabilities date back to when mobile operating systems such as Win CE were largely devoid of native security. More recent examples of such integrated measures are the innovations to minimize bringyour-own-device (BYOD) risks. Here are some common examples: Mobile content management: Today, many mobile devices support hardware encryption, but some still do not. In addition, co-mingling of business and personal content makes it harder to reliably wipe sensitive data without negatively affecting the user. To enable safe, productive use, IT should consider pushing business documents over the air to stored in encrypted containers on the device that Page 2 of 6

vs. : enable offline access while preventing data leakage. A growing number of MDM products from vendors such as AirWatch LLC and Fiberlink Communications Corp., can provision, update and, (when necessary), wipe this type of "document locker" and its contents to protect data at rest. Integrated secure messaging: Every smartphone includes email, contact and calendar apps that synchronize messages, attachments, etc. with carrier or cloud services. Devices commonly support Exchange ActiveSync (EAS)-based enterprise messaging, but supported security policies vary by device make/model. On BYODs, IT should seek to insulate business data where risk warrants by separating business and personal contacts or preventing attachments from being forwarded. To create a consistent deviceindependent environment, some MDM vendors, including Good Technology Inc., Denmark's Excitor A/S and Sybase Inc., incorporate secure messaging apps. These non-native apps can be used to safely access enterprise mail, contacts, calendars and tasks, while IT can easily provision and remove them via MDM. Integrated VPN/firewall: Every mobile OS includes a potpourri of native VPN clients, but the odds of finding your chosen VPN in every device without third-party client installation are slim. Moreover, unlike laptops, smartphones and tablets don't include host firewall capabilities. To eliminate gaps in VPN coverage while deflecting unwanted traffic, some MDM agents (such as those from Mobile Active Defense, Symantec Corp., and Zenprise Inc.) include their own VPN/firewall, protecting all data-in-motion without relying on native VPNs. Antimalware: Contemporary mobile operating systems take steps like application sandboxing to deter malware, but they do not include native virus scanners. Some MDM features (specifically those from McAfee Inc. and Symantec Corp.) fill this gap by building antimalware measures into MDM agents. Jailbreak and blacklisted Page 3 of 6

application detection is common; a few agents also provide onaccess or on-demand virus scanners. vs. : vs. native security: A Balancing act Complementary security measures can be beneficial, but do you really need native and MDM-integrated security? When both measures are present, how can you decide which to use to implement enterprise security policies? Let's consider some of the tradeoffs. Platform independence versus separation of duties: MDMintegrated security measures level the playing field, creating a uniformly safe environment on a wide variety of consumer-grade devices. On the other hand, for integrated security measures, the fox is watching the henhouse. If you have a requirement for separation of duties, MDM should not both deliver and enforce security. Trusted environment versus usability: By closing gaps in native security, MDM-integrated containers and messaging apps create a trustworthy environment in which to conduct business. This secure workspace makes it easier to control, monitor and cleanly remove business data and apps. But forcing workers to interact differently with business data and apps can also create confusion and sap productivity. Assess risk by user/group and device to decide which cases warrant this extra security is worth the cost. Simplicity of deployment versus best of breed: MDM-integrated security measures tend to simplify deployment and total cost of ownership. If your workforce requires a third-party VPN/firewall or antimalware, getting these features "for free" with MDM is handy. However, if your MDM's integrated VPN or antimalware approach diverges from those used on laptops or desktops, consistency may dictate use of another vendor's third-party solution. Focus versus extensibility: MDM-integrated messaging applies compensating controls and associated policies to business assets only. IT can operate freely within that space for example, backing Page 4 of 6

vs. : up or removing containers as needed because those assets belong to the employer, not the employee. But, unlike native security, this laser-like focus prevents easy extension to other applications. For some workers, a hybrid approach may be preferred for example, secure messaging for robust protection of key business assets, accompanied by native measures such as full device encryption to protect everything else. Ideally, MDM-integrated measures should not force IT s hand -- look for products that empower the enterprise to decide when and where to apply native and/or integrated security measures as appropriate to reflect business risk, device capabilities and security policies. About the Author: Lisa Phifer owns Core Competence Inc., a consulting firm specializing in business use of emerging Internet technologies. Lisa has been involved in the design, implementation and evaluation of internetworking, security and management products for 30 years. At Core Competence, she has advised large and small companies regarding security needs, product assessment and the use of emerging technologies and best practices. Page 5 of 6

vs. : Free resources for technology professionals TechTarget publishes targeted technology media that address your need for information and resources for researching products, developing strategy and making cost-effective purchase decisions. Our network of technology-specific Web sites gives you access to industry experts, independent content and analysis and the Web s largest library of vendor-provided white papers, webcasts, podcasts, videos, virtual trade shows, research reports and more drawing on the rich R&D resources of technology providers to address market trends, challenges and solutions. Our live events and virtual seminars give you access to vendor neutral, expert commentary and advice on the issues and challenges you face daily. Our social community IT Knowledge Exchange allows you to share real world information in real time with peers and experts. What makes TechTarget unique? TechTarget is squarely focused on the enterprise IT space. Our team of editors and network of industry experts provide the richest, most relevant content to IT professionals and management. We leverage the immediacy of the Web, the networking and face-to-face opportunities of events and virtual events, and the ability to interact with peers all to create compelling and actionable information for enterprise IT professionals across all industries and markets. Related TechTarget Websites Page 6 of 6

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information