Mitigating the risks of enterprise mobility
Mobile Device Management is a compelling option for dealing with security and other challenges of enterprise mobility from a device standpoint. By Durba Ghosh
The benefits of enterprise mobility are galore and so are the risks of data leakage. At a time when the line between personal and professional life is blurring, due to round-the-clock connectivity and the proliferation of smart devices, it is crucial for enterprises to safeguard sensitive data that can end up being stored on relatively insecure employee-owned smartphones or tablets. Concepts like Bring Your Own Device (BYOD) pose seemingly intractable challenges for the management of devices.
Mobile Device Management (MDM) services typically manage aspects such as what apps employees can install on their devices, enforce compliance with company policy and ensure the secure deployment of enterprise applications onto mobile devices.
Industry players including Nokia Siemens Networks, Juniper Network, Microsoft and Research in Motion are moving into the MDM space targeting businesses of all shapes and sizes.
Companies are increasingly allowing their employees to converge their work onto various mobile devices. However, there is also the growing concern about the management and regulation of how these devices are used. With over 50% of companies globally contemplating the deployment of mobility solutions at work, BYOD has become an extremely popular concept.
This trend is expected to gain momentum with the penetration of the mobile Internet that allows social media to be leveraged for facilitating collaboration with business partners.
“CIOs are open to MDM and are framing policies around this trend. With unlimited access to app stores, security threats can come through attractive and seemingly trustworthy apps. Management solutions that work across various operating systems are crucial,” said Sajan Paul, Director – Systems Engineering, Juniper Networks India. A blanket ban on applications that are seemingly threatening is against the grain of BYOD, which makes granular control of applications rather important.
The evolution of MDM
Security was the impetus for the first MDM solutions. Companies recognized the need to protect corporate assets on devices and witnessed the headlines and damages to a company’s reputation that could result from a malicious app stealing employee contact information or worse.
Basic MDM solutions continue to focus on preventing unauthorized access to corporate data and avoiding the risk of a public relations fiasco around instances of data breach or theft.
The diversity of devices, operating systems, applications and carrier services has complicated data management. A single, integrated, holistic device lifecycle management solution is required to cover all of the aspects including security, applications, device oversight and expense control. Apart from interoperability, IT is also looking for a solution that can cover security for both company-owned and ‘bring-your-own’ devices.
MDM has evolved to support the real-time management of data and remote access to applications for easier deployment and control on smartphones. Going forward, MDM solutions are expected to manage application security as well.
“Servers can be provisioned with a company’s security framework and the necessary applications. These can be patched directly on mobile devices as the applications run off a central server and are not actually present on the device,” commented Srikanth Karnakota, Director Server and Cloud Business, Microsoft India.
Visibility into mobile device usage patterns forms the first step in effective Mobile Device Management. Real-time visibility makes it possible to identify and flag devices that do not meet a company’s security parameters or those that need to be updated. MDM also has the capability to automate history logs for users and groups, which in turn helps companies analyze and forecast expenses.
A lifecycle-based MDM solution also lets IT set limits for usage, tailor the security parameters and apply granular control rather than a blanket ban on applications.
“Earlier the focus was how to control access on mobile phones. Nowadays, businesses are looking at how it can be capitalized on for improving productivity,” commented Sajan Paul of Juniper Networks.
Data management and application management would be a critical factor going forward, felt Karnakota of Microsoft. Today, MDM encompasses procurement workflows and device inventory management. The goal is to help the business monitor and optimize expenses and policies over the entire lifespan of each device that’s being used by an organization’s employees.
Businesses today also need the ability to track and correlate employee, device and service plan status. The introduction of a full-featured device management solution inevitably uncovers service plan payments being made for devices that are no longer in use or reimbursements coming out of a department’s budget for employees who have left the company or changed jobs.
An effective MDM solution can also help a company forecast its infrastructure capacity planning more accurately through the analysis of device usage. Nokia Siemens Networks, with its Serve atOnce Device Manager offering, provides operators with the ability to seamlessly configure devices and services across operating systems.
“A holistic Mobile Device Management solution that covers all aspects of mobile security is essential for enterprises. Our solution provides in-depth insight about device performance and it helps improve business decisions, enabling data security with advanced functions such as backup and restore, lock and wipe or application management and other enterprise features,” said Samar Mittal, Head of Sales Development, Nokia Siemens Networks.
Some of the expected innovations and trends seen in this space would be with regard to enabling business-ready apps, mobile content security and matching IT needs with the user experience through on-premise and Cloud-based software solutions. This would ideally enable the mobile workforce and support a high-demand BYOD program while securely protecting corporate data and intellectual property, said Sunil Lalvani, Director – Enterprise Sales, RIM India.
Targeting SMBs
The trend of MDM is not restricted to large companies. Small businesses are also adopting these solutions in order to safeguard themselves from data leakage.
Industry players said that security risks were greater for small businesses as they lacked a properly laid out security framework. BYOD is on the rise and SMBs are increasingly turning to MDM solutions to cope with it. These solutions can collectively manage a wide variety of smartphones and tablets applying the same network rules and security policies to them.
Typically, an SMB will use a number of endpoint devices including a desktop computer, a laptop, a smartphone, a tablet and PCs with various applications on them through which malware can percolate into the network. MDM providers are targeting small scale businesses to tap this opportunity.
“SMB employees are more open to allow the usage of multiple endpoints and social networking to increase their reach. Multiple endpoints also mean greater risk of data leakage,” said Karnakota. Companies are also exploring a Cloud-based MDM offering, which will expedite adoption in the SMB sector.
RIM’s hosted Blackberry Enterprise Server (BES) Express service is specifically targeted at the growing SMB market of 30 million businesses that will help Indian SMBs leverage hosted services through a pay per use model. This hosted service would help eliminate the need for hardware, software, maintenance or other support costs for organizations with the same levels of security, uptime and reliability.
The last word
Even though data security is a recognized area of concern and businesses are deploying safeguards against it, 100% adoption of MDM is still some years away. With the development of hosted services and Cloud-based services, the adoption levels are expected to zoom. However, as the mobility environment in the corporate sector is witnessing rapid change, MDM solutions need to become more sophisticated and offer aspects such as data analysis and application management in one package. MDM services also need to evolve to offer cost saving aspects to businesses rather than just being an accepted cost.
If you have an interesting article / experience / case study to share, please get in touch with us at [email protected]