MDM solutions and its need A survey conducted by Redshift assessed the human factor like attitude, fear and the future hope towards using mobile devices in the workplace. The summary of the survey revealed that the trend of using mobile devices has increased thus, creating a need for MDM solutions. The primary need for such management is securing corporate data. A new device (personal) in the network would call for stricter compliance rules and policies. Managing these tasks manually is a tedious in itself for the IT team. Cases of rising thefts of smartphones and tablets cause all kinds of businesses to deploy any kind of MDM solution within the workplace. Employees have shown that working remotely on smart devices can be done without any loss of productivity from their end. Thus management also feels that it’s OK to allow smart phones, tablets and similar devices in the work network. The technology brings in various business advantages to think about, few of which to mention are as follows:
Reduced operational costs (on equipment, office space etc.)
Satisfied employees who provide more work efficiency with their devices
The IT team has less burden in managing devices
When considering new technology/implementation, the risk factors associated with it cannot be ignored. Various risk factors that come wrapped with BYOD era are listed as follows:
BYOD devices are not centrally managed by the IT team, thus having minimal compliance and policy control over them.
All BYODs like smartphones and tablets don’t come with pre-installed security solutions there by increasing the threat vectors to an organizations corporate network. Black-hat hackers have used this as a key to open the doors of an organization’s network. The attacks can be sent over an SMS, MMS or even through email attachments.
Locating lost devices/stolen devices will be a nightmare with little or no control over the data present in it.
Tracking of applications installed on the device when accessing corporate network cannot be addressed.
Monitoring of devices accessing the corporate networks remotely is impossible without any MDM implementation.
So, here we have seen various reasons why an organization would need a MDM solution on its premises. Solutions that are based on cloud technology would be welcome by potential clients, because of its operational nature. The organization needn’t worry about regular updates which happen automatically to any cloud based service. Organizations would also prefer remote monitoring (remote wipe, lock, etc.) of devices, as well as configuring them according to various policies listed and keep them compliant to the corporate network. Solutions with security policy implementation like blacklisting and access controls are generally preferred over solutions which don’t have these facilities. Enabling telemetry services on the device would help in the tracking of events and environment changes. Most importantly these devices have to be scalable in nature so when new users enrol themselves in the service, the service continues to serve the purpose seamlessly. Data Loss Prevention (DLP) Technologies DLP and MDM solutions go hand in hand because the former is a by-product of the latter. In this section we’ll understand the concept of Data Loss Prevention (DLP) and its need in the MDM space. Before we start to discuss this, let’s first remember the class of attacks which sends chills down the spine of every corporation. – Advanced Persistent Threats. APTs as we know them aim at data exfiltration. MDM space throws an open playground for APTs to play around and poke for more Data! DLP Technologies combined with MDM solutions would drastically reduce the vulnerability of MDM space to APTs. Understanding where DLPs play a major role in the organizational network; we now continue to understand more about DLPs. A typical DLP solution is designed to prevent any detected data exfiltration. This detection and prevention cycle persists when the information is at rest (file level), in motion (network-level) or in use (end-point). What kinds of Data are under observation and why is DLP needed?
Credit card information
Private and confidential internal information
Patents and research information about an organization
Its true financial status
Every data which is considered to have a major impact on business
Personal Information Manager (PIM) Windows Platform: Since we are focussing on MDM space, PIMBackup is a mobile solution for Windows based pocket devices. The robustness of the application is independent of the device, and the version of windows running on it. The Backup is either Binary based or text based. While the latter is more readable and easy to use, the former is a bit complex to modify or view. Android/IOS Platform: EssentialPIM is the android/IOS version of the PIMBackup for Windows. The features remains the same as PIMBackup on EssentialPIM. Players in the MDM Space: Other vendors like Afaria (By SAP), McAfee EMM, FancyFon etc. are also available. Some of the Best practises for MDM space Wireless Network Assessment This assessment majorly focuses on scaling more than 2 devices per user on a network. We should also consider the impact of rogue networks that are hanging around nearby. It’s ideal to have an upper cap on the number of devices a particular user can register to a particular network, so that the service can guarantee scalability and timely service. Access Provisioning Providing right kind of provisioning helps in isolation of personal devices from the company assets. Personal devices need stricter control over them, when inside corporate a network. Personal devices need to comply with certain rules before allowing access to the corporate networks. Management of Devices With the exception of BlackBerry based devices all other vendors like Android, iOS and Windows provide the device’s owner the administrative privilege. Which enables them to back out from compliance rules any time. This is where solutions from vendors like MaaS360 by Fiberlink, Airwatch and MobileIron come in to play. Implementing policies Common BYOD policies that an enterprise would require, are enforcing the use of passwords, remote lock facilities, denial to rooted devices, selective remote wiping and so on. For example; a policy could look like – “When the device is logged into the corporate network, disallow all the blacklisted services”. The Future of Mobile Device Management Solution John Girard, the VP of Gartner was found quoting – “Mobile Device Management is in chaos right now, and I think its market is going to die.” The need for the day in many MDM solutions are: re-structuring mobile application management and providing effective shielding around the applications. Few vendors realized this and are working towards developing a container wrapped around their apps. What is interesting to see is who will have a foothold on the market and continue to innovate and grow. On the other hand, not far ahead in the future, the entire workplace would be filled with personal and smart devices. Which shows that the potential for the market still exists, and integrating early MDM checkpoints towards bridging the gap between perimeter security and operations is the key to success of this huge market!
