Building an Effective Mobile Device Management Strategy for a User-centric Mobile Enterprise

Similar documents
Guideline on Safe BYOD Management

SOLUTION BRIEF Enterprise Mobility Management. Critical Elements of an Enterprise Mobility Management Suite

Mobile Device Management for CFAES

Consumerization. Managing the BYOD trend successfully. Harish Krishnan, General Manager, Wipro Mobility Solutions

Cisco Mobile Collaboration Management Service

If you can't beat them - secure them

McAfee Enterprise Mobility Management Versus Microsoft Exchange ActiveSync

Mobile Madness or BYOD Security?

The ForeScout Difference

DRIVING ENTERPRISE MOBILITY. Enterprise Mobility Solutions

Security and Compliance challenges in Mobile environment

Yes MAM: How Mobile Device Management Plus Mobile Application Management Protects and Addresses BYOD

ForeScout MDM Enterprise

The flexible workplace: Unlocking value in the bring your own device era

Five Steps to Android Readiness

Managing Mobile Devices in a Device-Agnostic World Finding and Enforcing a Policy That Makes Business Sense

Mobile Device Management

A guide to enterprise mobile device management.

The Maximum Security Marriage:

How to Successfully Roll Out an Android BYOD Program

6 Things To Think About Before Implementing BYOD

Bell Mobile Device Management (MDM)

Symantec Mobile Management 7.1

Symantec Mobile Management for Configuration Manager 7.2

IT Resource Management vs. User Empowerment

Vision on Mobile Security and BYOD BYOD Seminar

DECISION MAKER S GUIDE: DEVELOPING A BRING YOUR OWN DEVICE STRATEGY

Symantec Mobile Management 7.2

Chris Boykin VP of Professional Services

BYOD THE SMALL BUSINESS GUIDE TO BRING YOUR OWN DEVICE

CDW PARTNER REVIEW GUIDE MOBILE DEVICE MANAGEMENT

IT Self Service and BYOD Markku A Suistola

Auditing the Security and Management of Smart Devices. ISACA Dallas Meeting February 13, 2014

Cloud Backup and Recovery for Endpoint Devices

IT Resource Management & Mobile Data Protection vs. User Empowerment

Securing Enterprise Mobility for Greater Competitive Advantage

Simplifying Desktop Mgmt With Novell ZENworks

Btech IT SECURITY SERVICES. Financial Mobility Balancing Security and Success

Where are Organizations Today? The Cloud. The Current and Future State of IT When, Where, and How To Leverage the Cloud. The Cloud and the Players

Symantec Mobile Management 7.1

expanding web single sign-on to cloud and mobile environments agility made possible

OWA vs. MDM. Once important area to consider is the impact on security and compliance policies by users bringing their own devices (BYOD) to work.

Answers to these questions will determine which mobile device types and operating systems can be allowed to access enterprise data.

Athena Mobile Device Management from Symantec

Mobility in Claims Management

Authentication Strategy: Balancing Security and Convenience

How To Support Bring Your Own Device (Byod)

Trust Digital Best Practices

BEST PRACTICES IN BYOD

ios Enterprise Deployment Overview

Choosing an MDM Platform

EXECUTIVE SUMMARY Cloud Backup for Endpoint Devices

10 BEST PRACTICES FOR MOBILE DEVICE MANAGEMENT (MDM)

Say Yes to BYOD How Fortinet Enables You to Protect Your Network from the Risk of Mobile Devices WHITE PAPER

How To Protect The Agency From Hackers On A Cell Phone Or Tablet Device

Introducing KASPERSKY ENDPOINT SECURITY FOR BUSINESS.! Guyton Thorne! Sr. Manager System Engineering!

Symantec Mobile Management Suite

Architecture of Enterprise Mobile Apps

Microsoft Windows Intune: Cloud-based solution

Five Best Practices for Secure Enterprise Content Mobility

How To Protect Your Mobile Devices From Security Threats

Securing end-user mobile devices in the enterprise

BYOD PARTNER QUESTIONS YOU SHOULD ASK BEFORE CHOOSING A. businessresources.t-mobile.com/resources. A Buyer s Guide for Today s IT Decision Maker

Secure Your Mobile Device Access with Cisco BYOD Solutions

ADDING STRONGER AUTHENTICATION for VPN Access Control

Managing Mobility. 10 top tips for Enterprise Mobility Management

IBM Endpoint Manager for Mobile Devices

Agenda. Enterprise challenges. Hybrid identity. Mobile device management. Data protection. Offering details

How To Write A Mobile Device Policy

Transcription:

Building an Effective Mobile Device Management Strategy for a User-centric Mobile Enterprise Jan Wiewiora White Paper

Introduction Users are increasingly relying on smartphones and tablets for work. Recent research reveals that mobile workers put in longer hours 1. Organizations must take advantage of this trend by making it easy for their employees to connect to the enterprise. They must offer employees not only access to information and enterprise resources but also provide a consistent end-user experience whether the employee is working from home, a hotel or the airport. However, IT departments are under pressure of having to protect corporate data while managing, monitoring and supporting the plethora of devices and platforms that are in use today. Leading analysts predict that in the next two years, 90% of organizations will support corporate applications on employees personally owned devices. Clearly, Mobile Device Management (MDM) is quickly becoming a critical necessity for organizations. This paper explores and defines elements that make up an effective Mobile Device Management Strategy. Lock Down is No Longer a Viable Strategy The momentum of the BYOD (Bring Your Own Device) and Consumerization of IT trends is unstoppable. Wireless capabilities continue to expand and mobile applications are being developed faster than enterprise IT can manage. Although many organizations support mobile devices, there are multiple mobile platforms and currently there is no clear leader in the global market. Managing these multiple platforms is an arduous task. Many organizations use MDM tools that are specific to a device platform or that only manage a part of the lifecycle (e.g., device lock or wipe), resulting in the adoption of fragmented toolsets. CIOs also know that employees continue to use consumer services, such as apps, tools, and websites on devices that carry corporate data. Lockdown is no longer a viable strategy since it discourages employees from being highly productive mobile users. Users will simply refuse to allow their personal devices to become difficult to use. How then can organizations deliver a consistent user-experience while maintaining a single, manageable corporate identity for all end users? How can IT departments protect corporate data? The answer lies in crafting an effective MDM and data strategy. While many organizations focus on software management, inventory management, policy management, etc, very few organizations manage the entire lifecycle across multiple platforms and devices. The Building Blocks A good enterprise mobile strategy should help an organization incorporate new business processes, optimize costs, define a clear mobility vision and roadmap for the future and minimize risk. The key elements of such a strategy include: A holistic mobility framework Strong security policies Full lifecycle device management Let us take a closer look at how and why these three elements should be the foundation of an MDM plan. 1 http://www.readwriteweb.com/enterprise/2011/08/mobile-workers-put-in-longer-h.php

A Holistic Mobility Framework A holistic mobility framework cannot exist in silos. It must take into consideration business demands and IT requirements. It must include a plan for managing not only devices but also enterprise applications that run on those devices. A recommended first step is to participate in a mobile assessment. Among many considerations organizations need to evaluate are: What current IT investments need to be preserved? Which cost-effective mobile applications make most business sense to develop? How do you secure devices, data and apps? What access and storage boundaries must be created to protect crown jewel systems and enable easy access to low-risk threshold applications? What type of policies, governance and support do enterprises need when offering new mobile device technology? With a thorough assessment process, organizations can identify best-use cases for mobile technology and develop a long-term strategy to solve specific challenges. This will enable an organization to roll out features and solutions based on high-priority needs, as well as avoid engaging in unnecessary and time-consuming proofs of concept. Improving business process efficiency and increasing productivity are the primary goals of many mobile enablement initiatives. To achieve these goals, organizations should establish policies, processes and protocols that define how mobile devices can securely participate in the corporate environment. For instance, when it comes to the question of buying or owning the device, many companies take a hybrid approach. Typically, organizations will allow employees to buy and use the mobile device of their choice whether it s an iphone, Android or BlackBerry, or even an ipad or any other tablet and then reimburse them for corporate usage. But as organizations install enterprise mobile apps on those user-owned devices, they must consider how, and to what extent, they will support the hardware that runs the software. If an employee has an issue with the mobile apps, he or she will need telephone support at the very least. But if the app is encountering problems with the device and in-house support cannot resolve the issue without seeing the device, it may require the employee to send the device to the organization for repair. The organization must decide whether it wants to take on the cost of such support, as well as what guarantees and alternatives it will offer to the employee who is leaving his device with the company for a day or more. Finally, an effective mobility framework cannot ignore the user. A user-centric approach will help an organization deploy and manage corporate applications for mobile devices in a manner that allows users to be policy complaint and remain productive. User security training is paramount. Users need to understand their part in securing enterprise data.

Operating Safely and Securely Although the latest mobile platforms are built with security in mind, they may be ineffective when it comes to protecting enterprise assets that run on devices targeted at the consumer market. What complicates mobility is the fact that currently mobile devices operate with an environment that is often times not within the control of enterprise IT. There is regular interaction with third party applications whose security position is virtually unknown to the IT department. For instance, many employees sync mobile devices with their home PCs to back up personal data or important device settings, or employees use a public cloud-based service for transferring or storing data. In both scenarios, sensitive corporate data lies outside enterprise firewalls and other protective systems. It is exposed to web-based and network-based attacks or malware threats. A strong security policy can help minimize these security threats. Enterprises must seek security solutions that offer advanced security protection and can quickly thwart evolving security threats. Another important approach to mobile security is to establish strong password protection policies. Data encryption technology must be utilized to safeguard any sensitive data that is loaded on mobile devices. Security threats can also be reduced by enforcing compliance-based security policies that secure corporate content by remotely tracking, locking and wiping data on the mobile devices. Mobile devices have become the latest fraud frontier for identity theft. Their increasing ubiquity, their increasing adoption as a medium for commercial and business transactions, and their high propensity for being lost and stolen have made them the prime target of attackers. It follows naturally then, that although securing the device is important, securing the user is a greater imperative. Secure authentication eliminates the risk of identity theft, offers high authentication fidelity and enhances customer convenience. Providing a biometric-based multi-factor authentication (MFA) solution on mobile devices could be considered. The authentication process comprises something you have (a smart phone), something you know (a PIN/passphrase), something you are (multi-modal biometrics, e.g., face, voice), and somewhere you are (GPS) to confirm that the end user is genuine.

Successful Device Management Determining how to manage and support mobile devices is the cornerstone of a sound device management strategy. It must begin with defining a technical policy based on business input. Enterprises must seek to support and manage multiple devices across platforms and operating systems. In fact, Gartner advises organizations to embrace managed diversity. Managed diversity is an MDM approach that enables IT to secure and optimize a wide range of consumer devices beyond just Apple ios devices. This includes, but is not limited to, Android devices, Windows Mobile devices, and BlackBerry devices. In turn, these devices are securely enabled for practical business use, whether through email, apps or document exchange. While it is not easy to accommodate mobile devices into standard IT environments, the following processes can ease the transition that is an essential part of the change. Look for common approaches and consistency, from multiple devices to multiple apps and multiple points of services. This will help provide a single and consistent end-user experience. Establish a minimum level of capabilities a device must provide. Not all older devices can be supported with similar security. Establish procedures for procurement and servicing of devices as well as streamline device deployment and provisioning. Provide self-service provisioning whenever possible. Black-listing and/or white-listing mobile apps should be considered based on security needs. Streamline and automate mobile asset and inventory management Give users a single service desk to access help quickly with any end point device (PC, phone, PDA, or tablet). Alternatively, organizations can partner with vendors to provide and implement MDM tools that will give organizations an integrated real-time view of all mobile devices deployed across the organization. A vendor with the right experience and expertise can also help organizations develop policies that are well suited to their business. Conclusion The world of work has become very personal and it is up to IT to keep it professional. That does not have to mean locking down the organization s computing environment with burdensome processes, implementing overly restrictive policies or banning all mobile devices. Enterprise CIOs must include MDM as one of their top IT priorities, and move away from the view of controlling mobility to a more flexible approach that supports a variety of mobile devices found in organizations. By taking these steps, organizations can meet end users needs while protecting corporate information.

About Unisys Mobility Solutions With Unisys Mobility Solutions clients can: improve employee productivity by rearchitecting processes for the mobile environment, increase customer engagement with immersive and secure mobile applications, reduce operational cost by enabling users with devices of their choice, manage risk by providing user-based, secure access to corporate assets. Our services range from assessment services to mobile application development and management as well security services for a mobile enterprise. About The Author: Jan Wiewiora is Chief Systems Architect in the Chief Technology Office within Unisys Federal Systems. Jan has worked at Unisys for 36 years in different areas of responsibility from early mainframe development to implementing mobile solutions that are used by clients today. Jan is currently involved with the Mobility Solutions program within Unisys Federal Systems, helping Unisys account teams integrate mobility into their account plans. Jan also works with Unisys client agencies to promote a better understanding of mobility and promote Unisys capabilities around device management, application development and security. He is a member of the American Council for Technology -Industry Advisory Council (Advanced Mobility Working Group), where government and industry joint teams work toward best practices for implementing mobility. Jan is a CISSP with in-depth knowledge of logical and physical security. Read his blog posts at http://blogs.unisys.com/index.php/author/janwiewiora/ 2012 Unisys Corporation. All rights reserved. Specifications are subject to change without notice. Unisys and the Unisys logo are registered trademarks of Unisys Corporation. All other brands and products referenced herein are acknowledged to be trademarks or registered trademarks of their respective holders. 06/12 UGSI158-12

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information