Government // Mobile & Wireless
News
11/20/2012
06:00 PM
Connect Directly
LinkedIn
Twitter
Google+
RSS
E-Mail
50%
50%

BYOD: Why Mobile Device Management Isn't Enough

Here's what to look for in MDM software and what limitations IT still faces in letting employees use personal devices for work.

The Features To Watch Closely

So when it comes down to picking the right MDM product for your company, the core security features aren't going to separate one from another. All MDM providers can let you remotely wipe the device, turn features such as the camera on and off, and enforce passcode requirements. The iPhone and Android operating systems pack more than 35 standard policy options, and every MDM vendor implements them.

What makes the difference is all the other stuff, such as deployment capabilities, integration with your environment and ease of use. That's where we focus our product analyses and where you should focus yours. Here are some key factors to consider:

>> Deployments: Assess how efficiently the MDM agent can be deployed on a new device. Deploying new phones isn't a one-time job; it's never-ending. Is your IT team going to face a blizzard of requests, complaints and workarounds every time a new iPhone or Samsung Galaxy comes out? Make sure your tool can keep up.

>> Whitelist and blacklist filtering: You'll have apps that every employee must install, some that are banned and some apps that you insist are updated to at least a certain version. Application filtering and whitelists and blacklists let you control this process based on the device type.

>> Custom app stores: People are trained in their personal lives to use the default Apple or Google app store for their devices, but your company might want to create its own store for in-house custom apps. Apple's and Google's approval processes might take too long for your company, or you may not want your app public. If so, look closely at MDM's support for installing custom, unapproved apps and setting up a company app store experience.

>> App security screening: Apps can be malicious. What is the MDM vendor doing (if anything) to assess apps -- is it offering built-in scanning or application vetting?

>> Browser security: If supported, mobile Web browsing can be filtered to lower the risk of attack on a device. Is the MDM provider you're considering implementing this level of security?

>> Encryption levels: Every device manufacturer supports encryption, but the levels differ. Do you have to encrypt the entire device, or does the MDM provider let you encrypt only company data or specific files and folders?

>> Data wiping: For employees who use their personal phones to access company data, you may want the ability to erase that company data without wiping the entire device. Capabilities vary.

>> Auto-provisioning of devices: If a help desk engineer must spend considerable time with every new mobile device that needs access to company data, it's a recipe for disaster. Look closely at the MDM software's self-service and auto-provisioning capabilities.

>> Architecture: Does the vendor take a sandbox, virtualization or integrated approach? This is important in understanding the vendor's technology and future road map.

>> Location capabilities and network access restrictions: What if you want to let employees use their device's camera for personal use but not when they're at the office? You'll need a policy based on location. Look at whether the MDM software you're considering supports such policies and how robust those policies can be.

>> Inventory management: Once you have hundreds of mobile devices under management, how easy is it to search, find and modify individual devices? Press on the type and rigor of filtering capabilities provided.

>> Reports: Check for built-in reporting in such areas as new devices provisioned, apps out of compliance and devices that haven't checked in for a day or a week.

Previous
3 of 4
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
altaf.hk
50%
50%
altaf.hk,
User Rank: Apprentice
12/6/2012 | 8:30:32 AM
re: BYOD: Why Mobile Device Management Isn't Enough
I have not researched much about BYOD. In my understanding, the use of mobile devices as business workstation, will be benefited for organizations in very low TCO. But, for those, who like to install that feature. Vendors of all operating systems and security software providers will, in the near future, compete to provide optimized and integrated solution of MDM, as MDM should be a baby of operating systems. Let see how technology turns itself for client/mobile phone end.
ASMTIH948
50%
50%
ASMTIH948,
User Rank: Apprentice
12/5/2012 | 1:47:02 AM
re: BYOD: Why Mobile Device Management Isn't Enough
MDM does not cover access to resources behind the firewall and mobile VPNs are not the answer. Additionally as the number of business apps increase, single sign on will be come the next big mobile need... I HATE logging in on my device.
NucleusResearchHP
50%
50%
NucleusResearchHP,
User Rank: Apprentice
12/4/2012 | 9:07:43 PM
re: BYOD: Why Mobile Device Management Isn't Enough
Any consultant who says "A big reason for BYOD is to get out of the equipment business. If you implement MDM, you are back in the equipment business" is taking an enterprise security approach of "if I don't see it, it didn't happen." BYOD only changes the mechanics of device sourcing and nothing else.
Senai
50%
50%
Senai,
User Rank: Apprentice
12/4/2012 | 4:35:22 AM
re: BYOD: Why Mobile Device Management Isn't Enough
Michael - You make a very good point. MDM is not enough, you need a better MDM that has app wrapping and analyzer to protect data. I would love to show you a what we have built at Better MDM(bettermdm.com).
jabberwolf
50%
50%
jabberwolf,
User Rank: Apprentice
12/3/2012 | 5:59:54 PM
re: BYOD: Why Mobile Device Management Isn't Enough
I hate to tout one technology over another but thats why RT or Citrix has been taking off. Now we in IT dont care what device you have (we specifically say we wont support personal devices BUT - we just say you'll need a client on it to access our infrastructure).
And they access the same thing from within the organization which is just using thin clients. So we keep the entry way limited and locked with less management. The actual build isnt exactly less expensive - as its around the same when done with all the licensing and backend server needs in lieu of actual PCs. But the TCM is way lower. And seeing as people get to mess around with their personal toys - they are happy too.
AustinIT
50%
50%
AustinIT,
User Rank: Apprentice
12/1/2012 | 3:31:01 PM
re: BYOD: Why Mobile Device Management Isn't Enough
While there is a huge upside to what mobile technology can provide... vis-a-vis an enabler... one cannot ignore the prerequisite to devise a concrete solution for securely managing those devices. Once we get control of that aspect, then we can move on to the use cases.
Michael A. Davis
50%
50%
Michael A. Davis,
User Rank: Apprentice
11/30/2012 | 2:53:42 AM
re: BYOD: Why Mobile Device Management Isn't Enough
Greg,

You are right, It isn't about costs all the time but when all you have is a Hammer in IT.....

I have another piece I am writing about that focuses around what we should be discussing, Mobility in the true sense. Mobility where companies are using mobile to innovate and advance rather then just provide another form of access to corporate resources. I have worked with some companies that have transformed their business because of mobile such as banks performing mortgages in your house, to hospice nurses giving real-time drug interactions from mobile apps.

We need to talk more about mobility and less about managing mobile devices. Hopefully I got that point across in terms of technology. All MDM is the same, lets move on.
AustinIT
50%
50%
AustinIT,
User Rank: Apprentice
11/29/2012 | 3:36:30 PM
re: BYOD: Why Mobile Device Management Isn't Enough
That's exactly the same thing I have argued. One has to look hard at TCO when considering BYOD vs. Enterprise supplied mobile devices. Companies that think pure BYOD will work in the long term would do well to visualize the little boy in front of the leaking Dike...
Greg MacSweeney
50%
50%
Greg MacSweeney,
User Rank: Apprentice
11/29/2012 | 1:37:01 PM
re: BYOD: Why Mobile Device Management Isn't Enough
Enterprises have a choice: either pony up and buy most of their workers mobile devices, or go the BYOD route. Both have costs, and BYOD isn't necessarily cheaper or better.
Leo Regulus
50%
50%
Leo Regulus,
User Rank: Apprentice
11/28/2012 | 6:43:00 PM
re: BYOD: Why Mobile Device Management Isn't Enough
Soldiers don't bring their own rifle, Cops don't bring their own squad car, firemen don't bring their own firetruck. Someplace along the line, management got 'neutered'.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest - August 27, 2014
Who wins in cloud price wars? Short answer: not IT. Enterprises don't want bare-bones IaaS. Providers must focus on support, not undercutting rivals.
Flash Poll
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Howard Marks talks about steps to take in choosing the right cloud storage solutions for your IT problems
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.