What is a MDM?
Every new technology advance seems to bring with it a raft of accompanying jargon, acronyms and terms which also need to be mastered. And so it is with BYOD (Bring Your Own Device) and mobile computing. One such new technophrases is “MDM”, short for Mobile Device Management, a technology that makes BYOD much less daunting and, as the name implies, manageable. If your business is considering BYOD but is concerned that the administrative overheads may be prohibitive, MDM could help redress the balance.
At the most basic level, an MDM solution is not unlike Active Directory, used by many businesses to manage network resources, deploy software and define data access rights and permissions. Devices are registered with the MDM console (similar to joining PCs to a domain), allowing greater configuration by your systems administrator.
Improved app distribution and management
Where your business wants to provide access to company resources from mobile devices using approved apps, MDM can help pre-configure and deploy approved, standardised installs to registered BYOD devices. Deploying apps with MDM gets around many of the common issues administrators face, particularly convincing staff to buy business-related apps using their personal app store accounts. Using MDM, businesses can deploy apps to handsets and tablets using a corporate app store account or volume purchasing plan.
As well as the deployment, MDM can assist with applying app configuration changes remotely. Instead of asking users to “drop by” to have their apps reconfigured, changes can be deployed over the air (OTA) reducing demands on IT resources and saving end users time. Businesses also benefit from ensuring that staff are always up to date with the latest fixes and patches.
Simplified content delivery
Cloud file storage undoubtedly assists with transferring corporate information to remote workers, but many end users are circumventing security procedures by using public solutions. Dropbox and Google Drive (among others) can help share information outside the corporate firewall, but also make managing issues like data security and privacy extremely difficult.
MDM provides a mechanism whereby content can be delivered direct to mobile device users, avoiding security risks associated with public Cloud file storage or free email services. Deploying direct to handhelds is quicker and easier than configuring file shares and mobile VPN connections to access resources directly from the company network. MDM also provides a mechanism to remove corporate information OTA from devices once it has served its purpose.
BYOD increases the amount of attack surfaces available to hackers and cyber criminals, presenting a serious problem for the CIO. Each handset represents one potential route through the corporate firewall and onto the network.
MDM systems can help reduce the potential for disaster by denying access to network resources from devices that are not registered with the system. Approved devices can be subjected to more granular controls, from requiring the use of a passcode on all connected devices (more than 50% of smartphones are still left completely unprotected) to locking out certain stock apps to ensure that company devices remain business-focused.
Registered devices can also be wiped or disabled OTA in the event that they are lost or stolen, instantly destroying any intellectual property or sensitive data stored on them. Although the physical asset may be lost, the cost of each mobile device incident is dramatically reduced, as are concerns regarding data protection. According to a recent survey by security specialist ZoneAlarm, lost or stolen data was cited by 94% of respondents as the most important concern when dealing with lost devices. The same survey discovered that just 21% of businesses had never experienced a mobile security incident, whilst Mobile Enterprise’s IT Headaches poll found that only 56% of businesses were confident they could wipe a device remotely.
As well as providing a facility to secure data stored on mobile devices, many MDM solutions also provide functions allowing stolen or lost assets to be traced. By triggering the built-in GPS functions of a tablet or smartphone it becomes possible to locate the device anywhere in the world. Armed with this information, recovery of the device becomes much easier to organise, either with police assistance or by helping the owner retrieve their lost phone.
When dealing with mobile devices there are two critical factors that businesses need to monitor to ensure that resources are being used properly. First, is the use of apps and Internet. To protect against lawsuits and negative publicity, many businesses actively block certain websites and applications, as well as monitoring other use to identify potential problems. Because mobile devices typically use their own cellular data connection, similar monitoring is difficult to perform. MDM can provide a console to gather such information from each registered device, thereby offering a mechanism to extend monitoring for abuse or misuse.
And because mobile contracts tend to be costly, businesses need to be assured that data connections are not being abused or used beyond bundled data limits, thereby incurring sizeable additional charges. MDM provides a full audit trail of usage so that there are no disputes about how data allowances have been used.
MDM makes mobile computing more manageable
MDM solutions provide the panacea to the many problems that are holding business back from full-scale mobile device roll-outs. MDM can also balance the different requirements of managing company devices and BYOD thanks to baseline security provisioning along with advanced deployment depending on the specific application required. At Dootrix we are seeing that, in effect, MDM could actually be more important than the mobile device revolution itself.