The Balancing Act Between Mobility and Security: Enterprise Mobility Management (EMM)
Unleashing the power of mobility on your business means much more than simply letting employees use their personal devices and consumer-oriented apps. It also means performing a balancing act between protecting your company’s assets and respecting the privacy rights of your employees. Mobility and cloud computing (two of the four so-called IT megatrends) are irreversibly changing how we view our working world. With the emergence of the Internet of Things (IoT) in the workplace, managing these technologies will become even more critical for business.
Mobile devices have multiple roles in the IoT. They can be the sensor, an aggregation point, a visualization tool and the remote control. If you don’t get mobile management right, you won’t get the IoT right.
As Figure 1 shows, mobile has multiple roles in the IoT. Mobile devices include abilities to control, sense, visualize and aggregate data collected from the Internet of Things.
That’s why businesses need a clear mobile strategy and the appropriate Enterprise Mobility Management (EMM) controls and tools. It’s a mistake to think a one-size-fits-all strategy and simple Mobile Device Management (MDM) tools are going to be able to support this changing landscape.
According to a recent Gartner analyst report, “How to Avoid the Top 10 EMM/MDM Mistakes,” 50% of users engaged in Bring Your Own Device (BYOD) have done so without their company noticing or in violation of the rules. Those ungoverned devices open the door to security breaches and software compatibility issues.
If you don’t manage mobility, it will end up managing you.
Balancing Company and Personal Devices
Even if the laptop, tablet or smartphone is provided by the company, that doesn’t mean it’s secure. Personal email accounts, cloud-based storage and infected USB drives can all make company-owned devices and their intellectual property more vulnerable.
Where IT really faces a challenge is with mixed-ownership environments. Mixed-ownership scenarios prove difficult for IT teams because it is likely that personal data is being stored on company-owned devices, and company data is being stored on personally owned devices. That’s the reality of today’s mobile environment. We are in a mixed-ownership, multi-device environment with multiple operating systems (OS), and IT is on the hook to provide compliance and security across the whole landscape.
“For job scenarios that are not suited for BYOD, IT needs to be ready with alternative plans, such as a Choose Your Own Device (CYOD) program, in which users are given some flexibility in exchange for accepting a device that the company purchases, owns and can actually manage,” notes Gartner in its July 3, 2014, report, "How to Avoid the Top 10 EMM/MDM Deployment Mistakes."
For instance, AirWatch® is one EMM platform for managing devices. The application sits on your phone or tablet to make sure the device is on the right OS version and has other pre-configured security controls enabled. If you try to modify or downgrade your device, that’s a security risk and AirWatch would alert you. It also won’t let users download blacklisted apps, only those that are whitelisted.
While CYOD and EMM tools help solve device-side protection, that’s only part of the solution. Managing the device lifecycle, implementing network controls and providing tiered user support must also be part of an overall mobility framework. So where do you begin?
The first step is to develop a mobility strategy. This is the most critical step because an ill-conceived strategy can create a butterfly effect through the organization. For example, a seemingly simple policy like selective device erasure or disabling the camera can create chaos for those IT groups that are responsible for implementing and supporting the policy.
Implementing a Mobility Strategy and EMM
Companies deploying EMM/MDM tools need to properly plan and prepare before deployment begins. A key consideration before implementing EMM/MDM is to build a strong cross-functional team.
Your mobile workforce planning should include stakeholders from key user groups, including sales, operations, services, human resources, legal and IT. More feedback in the planning stage means fewer surprises during deployment and management.
“Put on your seatbelt because things are going to get faster and more complex,” says Ben Nemeth, mobility practice architect at Insight. “Building the processes now for the long term is key because today it’s mobile devices, and tomorrow it’s going to be intelligent mobile wear technology, and soon after that it’s going to be the Internet of Things. And how you manage and adapt will determine your company’s success in this century.”
Once you have a program put into place, you need to re-evaluate your company’s mobile solutions every six to 12 months to verify whether they are, or are not, still appropriate.
If you’re having trouble balancing between mobility and security at your organization, contact your Insight representative at 1.800.INSIGHT for help on mobility deployments or an assessment.
Source: Gartner, “How to Avoid the Top 10 EMM/MDM Deployment Mistakes,” Rob Smith and John Girard July 2014.