Enterprise Mobility Security and Management Policies
Today’s countless mobile devices present tangible opportunities to drive measurable and substantial value for the enterprise. Field service workers, executives on the go, sales reps, and project managers all have a need for mobile access to email, applications, enterprise data and files. There’s no question that the advent of the iPad, iPhone and other mobile devices brings substantial benefits to the enterprise. However, these benefits also come with new security risks that enterprise IT departments must be ever vigilant about, lest critical data be compromised.
In addition to escalating mobile device use, the bring-your-own-device (BYOD) trend in the workplace continues to grow. While this trend is an incredible boon for employee satisfaction, as well as enterprise productivity and IT-cost savings when it comes to hardware, service and support, it presents additional challenges on top of those inherent to mobile devices.
Empowering employees with mobile solutions while also maintaining the necessary control and security over corporate data and assets requires a strong mobility policy is put in place and supported by solutions that provide device management, data access and protection, and applications that deliver employees the capabilities they need to do their jobs.
There are many aspects to consider when developing enterprise mobility policies from the ground up. This post focuses on mobile security and management, but before you even go down that road, you’ll need a firm grasp of your company’s high-level mobility goals. The applications and services that you provide for your users will largely depend on the problems you’re trying to solve or the efficiencies you’re attempting to achieve through mobility. Considerations must also be taken based on whether you are managing only company-owned devices, employee-owned devices, or a combination of both.
Once the core requirements of your mobility plan have been determined, you can move on to assembling the policies and tools that will allow you to secure and manage your mobile community.
Some initial questions include:
- Will you be requiring all devices that access corporate resources be managed by an IT-controlled mobile device management (MDM) system?
MDM brings many benefits: device-level tracking and remote wipe; automated configuration of VPN; SSL certificates and email account settings; remote installation and management of corporate-developed mobile apps; restriction of device capabilities; and much more. You’ll want to put a lot of thought into the wide array of restrictions and configuration that MDM allows you to put in place, then tailor these settings to more than one user community if necessary. If you intend to use remote wipe capabilities, you’ll likely want to have your users sign an acknowledgement that you reserve this right, especially in the case of employee-owned devices.
- Who will be responsible for onboarding mobile users and supporting them on an ongoing basis?
- Once configured with basic access to email, calendar and contacts, how will your users access the corporate data and files they need to perform their work, while maintaining the security of these valuable assets?
Your users will need access to data and applications. With the consideration of users’ requirements and any regulations that your organization must comply with, you’ll need to determine the types of data and tasks you can permit on mobile device. You’ll then need solutions to facilitate these tasks. Will they be provided by access to mobile-optimized intranet portals, in-house developed native mobile apps, or might a mobile file management (MFM) solution that provides access to content on existing corporate file servers, NAS, or within SharePoint meet your document access and collaboration needs?
Emerging technologies that benefit the mobile workforce are a boon for enterprise productivity. Ensuring the security threats these technologies bring with them do not compromise critical corporate assets is all about empowering IT departments, as well as employees, with tools that address security concerns, yet give employees the access and usability they’ve come to expect. While the considerations addressed here are really just the tip of the iceberg, understanding your enterprise mobility audience and goals, along with informed planning of your mobility policies, will go a long way towards enabling a successful mobility pilot program and eventual full mobility rollout.
Do you have an enterprise mobility plan in place? Share now!