Businesses face numerous security challenges arising from changes in employee device use. Eighty-seven percent of companies depend on employees being able to access business apps from their personal devices, and 59% have fully established bring-your-own-device (BYOD) policies. An increasing number of employees work remotely some or all of the time and access company networks using a variety of devices running different operating systems and applications.
Without clear visibility and strong security policies, managing these diverse network environments can become overwhelming. Mobile device management (MDM) might be the answer for businesses in which BYOD is a necessity or remote employees make up a significant portion of the workforce.
Understanding Mobile Device Management
MDM acts as an important component of mobility management and is quickly becoming a necessary companion to other key security practices, such as identity and access management (IAM). It involves two main elements:
• Security software, called the MDM agent
• An MDM server, which is often cloud-based
Policies to govern how devices access a company’s network are created by the IT department on the server side and deployed via the software. Software can be installed on most types of employee devices, including laptops, tablets, smartphones and some internet of things (IoT) devices. This simplifies the enforcement of security and use policies by giving the IT department greater control over network access and providing the tools to monitor and manage personal devices used for work purposes.
With 71% of workers spending over two hours per week accessing company info on their mobile devices, such control is necessary to ensure data remains secure. MDM makes it possible to track the status, location and activities of devices in and out of the office, detect unusual activity indicative of unauthorized access and take preventative measures to reduce the risk of breaches.
Managing Devices for Better Network Security
Although some companies opt to provide employees with separate work devices rather than use MDM, employees are generally more comfortable using their own smartphones or tablets and more productive when working with platforms they recognize. These devices often lack the level of malware protection required to keep them secure on business networks, but MDM bridges the gap by providing IT departments with better visibility and detailed access data.
Proper management starts with a company policy detailing appropriate use of devices connected to the network, which can provide the foundation for setting up rules via the MDM agent, including whitelisted and blacklisted applications. Businesses may also provide work applications through company-specific storefronts from which employees can download the tools they need without the risk of accidentally bringing in malware from infected programs obtained through public app stores.
Benefits and Drawbacks
Implementing MDM allows companies to offer more remote work opportunities without worrying about potential security risks, which creates a flexible environment in which employees are free to access apps and data at any time. Businesses can choose the best software for projects and workflows and deploy it securely to ensure communication and collaboration occur with ease.
From an IT perspective, MDM simplifies the enforcement of security measures like encryption, application updates and data backups. Automating key processes, including device provisioning, reduces workload while maintaining strong security. Remote wiping removes private and proprietary data if devices are lost or stolen. Together, these features minimize the potential for data theft and ensure fast restoration of critical business data in the event of loss or compromise.
However, proper implementation and execution of MDM requires experienced IT staff, and business owners can’t rely solely on MDM to secure their networks. There’s still the risk of credentials being stolen and systems hacked if misplaced devices aren’t wiped quickly enough, and employees can pick up malware outside the office and accidentally introduce it into the enterprise network environment.
Challenges of MDM Implementation and Management
Employee resistance may be the biggest challenge to MDM. Staff members may not be comfortable with employers monitoring and possibly restricting the use of their devices, and some may resort to rooting or jailbreaking in an attempt to work around MDM policies.
To prevent excessive restriction, business management must clarify their security needs based on how employees are already using devices on corporate networks and how use is likely to change over time. This can be difficult for companies with large remote workforces and businesses lacking detailed security policies. Ideally, MDM should be integrated into an existing protocol and deployed in a way designed to benefit employees and the company as a whole.
Although implementing MDM can allow for better management of personal devices and improved network security, it can’t stand alone. IT teams must work with business owners to establish robust security policies in which MDM is integrated with identity management, access control and appropriate provisioning to prevent unauthorized use of enterprise systems.