Device Management: A Good Start, But Aim Higher for Mobile Security

Tips for a Complete Mobility Solution

Stephen Nardone
Data Center

The flood of smartphones, tablets, and phablets into the enterprise is creating all sorts of management headaches for IT – not just securing and tracking the physical devices, but also safeguarding the data and apps used as part of new mobile workflows.

The number of devices being managed in the enterprise is on the rise, increasing by an impressive 72% over last year, according to the Citrix 2015 Mobile Analytics report. With the influx of mobile devices comes a growing responsibility on the part of IT to strategically manage the content on a device throughout the course of its lifecycle.

Mobile Device Management (MDM), the set of technologies associated with securing the physical device, doesn’t go far enough to address full enterprise-level security, experts contend. They say enterprise mobility management capabilities are required to provide comparable coverage and control over mobile applications and data, limiting security risks and transforming mobile devices into fully responsible citizens on the corporate network.

IT organizations looking to support a more holistic, enterprise approach should target these additional areas of focus:

Cover the MDM basics. You still need to ensure security at the device level. The optimal MDM approach covers a host of basic safeguards, including maintaining a device registry that serves as an inventory of what’s connected to the corporate network; capabilities for remote over-the-air updates for identifying jailbreaks or automatic remote wiping of lost equipment; location tracking of devices; and functions for prohibiting unauthorized actions like downloading malicious malware.

Add Mobile Application Management (MAM) to the mix. This set of functionality takes over where MDM leaves off, providing a variety of safeguards at the application level. This feature set should allow IT to specify what applications can be used (whitelist) or that are not authorized (blacklist); provide a sandbox or container capabilities to segment and encrypt corporate apps from a user’s personal setup; and monitor app usage for tracking purposes. Many companies want to establish internal app stores to govern what can be downloaded to corporate-used mobile devices.

Containerize data and apps. Just like MAM solutions provide a way to cordon off corporate apps from personal apps, there are encrypted container features that enable IT to invoke the same granular protections for storage of highly valued data assets. This type of containerization functionality lets IT establish specific user controls to monitor who gets access to what data as well as what apps get access to data. IT should also be able to delete an entire container in the event data is compromised.

Consider geofencing. This relatively new capability lets IT organizations employ Global Positioning System (GPS) technology to establish location boundaries for mobile apps and data. In this way, IT can automatically restrict traveling users from accessing certain apps or corporate information from their smartphone in certain countries where regulations make them off limits.

Establish formal mobile policies. Don’t leave anything to chance. It’s best to create formal mobile usage policies that cover what hardware and software is authorized; what specific security steps are required; and what, if any, local regulatory requirements should be followed. It often pays to establish a Mobile Center of Excellence to enforce and evolve practices as the mobile experience evolves.

It’s not a one-size fits all strategy. Innovative organizations are choosing to adopt a hybrid model for managing their mobile fleets, combining MDM along with containerization and other emerging strategies. Experts caution technology groups to stay open to new mobile paradigms as the emerging Internet of Things (IoT) broadens the type of possible endpoints.

With mobile madness showing no signs of abating, IT needs to step up its game and make mobility management a serious part of its enterprise plan.