As soon as mobile devices penetrate an organization, regardless of whether they’re company-owned or brought in by employees, there’s a new chink in the corporate security armour. Data is no longer protected behind the firewall, it’s wandering around on smartphones and tablets, at the mercy of careless or forgetful users who may not take adequate precautions to protect it.
That’s where mobile device management (MDM) software enters the picture.
MDM software has come a long way from the early platform-specific clunkers of yore. Today’s MDM, from stalwarts like Air Watch by VMware, which has been somewhat cross-platform for years to BlackBerry Enterprise Server 12 (BES12), which started life as a single platform solution and now manages all mobile devices, takes care of all of the details that an overworked administrator needs to attend to.
What does an MDM product take care of? To begin with, in conjunction with appropriate policies, a well-managed MDM product can keep both company-owned and BYOD devices secure. It monitors connected devices to ensure they’re properly updated and comply with policies; for example, it ensures that they all are secured by passwords or PINs, and that the operating systems receive all security patches. It can include an enterprise app store to provide approved apps to devices. And should a device be lost or stolen, the MDM solution can remotely erase corporate data from it.
For employee-owned devices, MDM can create and manage a corporate partition on some platforms, preserving the employee’s privacy without compromising business assets. , for example, which works on Apple, Android, and BlackBerry phones, and with multiple MDM solutions, even allows enterprises to assign a separate work phone number, and re-assign it to another employee device at any time, while not interfering with the employee’s personal phone use.
Until recently, Android devices in particular have been difficult to secure. The operating system was not designed to separate business and personal data, to be managed remotely, or to be properly secured. This year, Google introduced Android for Work, a new technology embedded in Android 5.x (Lollipop) and available as an add-on app in KitKat, to make Android devices more enterprise-friendly. It has partnered with most of the major MDM vendors to build support for devices offering Android for Work into their products, allowing them to manage, monitor, and update their Android devices as easily as they can do with the enterprise gold standard, BlackBerry.
Of course, running an MDM system in-house means additional work for IT that may not have been resourced for. It needs a server, which must be managed itself, as well as licenses for the MDM product and possibly for agents loaded on the devices. There may be extra work for the corporate service desk as well, assisting users with issues with their devices.
Enterprises that don’t want to manage their own MDM infrastructure can still get the benefits through managed services. Rogers, for example, offers everything from basic MDM, including a mobility help desk, through to full services encompassing not only MDM, but device acquisition, asset management, provisioning, and telecom expense management.
Whether handled in-house or as a service, MDM is a necessity for enterprises embracing mobility. And in our mobile-first world, that is everyone.