Tag Archives: BYOD

Continuing the BYOD story arc – MDM

Mobile Device Management (MDM) – software that monitors, secures, supports and manages mobile devices.

The next step with your BYOD implementation policy is to obtain and deploy MDM software to manage all of the devices on your company network. This software can run from a single server and provide support to your network’s mobile devices around the globe. Depending on the size of your organization, you may want to consider a hosted solution. This will remove some of the complexity and administrative overhead of daily server management. You would still have full control over your deployment for policy configuration in this model.

Depending on your BYOD policy, you can configure corporate provided devices with more access or restrictions and BYOD devices that only offer restricted access to specific mail and content servers for your organization. The key to success is to ensure that your policies drive your deployment controls,. This includes making sure your users are educated on these policies. It is important to have educated users so they know to provide notification on lost and stolen devices in order to have them quickly disabled and all data remotely wiped.

For BYOD deployments you may want to spend more time considering who and what users are going to get access to. Remember that this is not your device, but your users, and they do not want to have any aspect of their mobile device being monitored by corporate. Create an awareness program that clearly defines the rules of engagements, if and when data wiping will be used. Make them sign an agreement to accept these terms of usage, as this will protect you both if a dispute occurs.

While there are many MDM offerings, spend some time learning about the features and benefits. Just so you know, this isn’t a one size fits all scenario. You also need to consider the mobile platforms to be supported and what services you would like to offer the users. If possible, ask the vendor for a 90-day trial of the product. This way you can get a good test of the solution and determine if it fits your needs. If the vendor does not offer this, try another one. They should be willing to work with you if they want your business. and don’t be afraid to ask questions.

There are a lot of companies offering MDM software, however some of the more popular ones include:

• AirWatch

When it comes to security, remember that mobile devices are no different than a laptop. If you have specific security requirements for these devices, the same controls should exist for your mobile device. I shouldn’t need to explain why, just read my BYOD blog.

Most MDM solutions are relatively new to the market. Many of these make claims to having superior features to ensure your satisfaction before purchase. You will want to build a trusting relationship with your product vendor. Furthermore, it’s always a good idea to choose an MDM solution already being utilized by companies in a similar market to your own. Ask the vendor to reference some of their customers; it should help with your decision.

Finally, if you need help with choosing an MDM solution, device policy or understanding your mobile threat model — Find a mobile security company. They can provide the much-needed expertise to assist with your deployment, including the MDM evaluation process.


BYOD : What You Need to Know

Let’s dive into the world of BYOD! If you’re working in the corporate world and you haven’t heard of BYOD, its time to step out from under that rock. I’ll cover it for those who don’t know what I’m talking about. Bring Your Own Device, BYOD for short, is the policy of permitting employees to bring their own mobile devices to their place of work. To go further into detail, this policy then allows these employees to access company information with their mobile devices, something, which in the past, was not allowed. In order to link all these devices together and help mitigate some security risks, mobile device management (MDM) acts as the enforcement point for BYOD policies. There are many companies out there that offer MDM software, and it is imperative that the correct one is chosen for your company.

That’s the brief explanation of BYOD, just look it up if there is an interest for more information. Even better, have a quick read of the article in SC Magazine that covers this.

Any company looking to implement this policy needs to take into account everything that could possibly happen. BYOD has been proven to improve workforce morale, with many people confirming that it makes them more mobile, improves individual productivity and in general, just makes them more efficient. A happy workforce can do wonders for a business, and who doesn’t want that. Of course this isn’t an issue proof idea, there are many problems that can arise when letting employees use their own devices. These issues can come to fruition when an employee is terminated, loses their device, has their device hacked, and the list goes on and on.

The devices contain sensitive company information, and therefore, there is a risk of having a breach of security. In one instance, a cybercriminal has hacked into a device and manipulated the microphone, which enabled them to listen in on a top-secret company meeting. In that scenario, the hacker gained millions of dollars worth of information, which was used to seriously harm that company. This is something that can be done these days, and most people never think about it. There are so many more horror stories about how BYOD can be exploited. Again, that’s why everything needs to be taken into account before a company begins to let their workforce bring their own mobile devices to work.

Security should be at the forefront of your focus when implementing BYOD. Even if BYOD has already been implemented, it may not be too late to make the right changes to save your company millions of dollars per year by avoiding costly breaches. Here are some considerations on how to effectively secure your BYOD network:

• Ensuring that all devices are running the most updated and patched versions of the mobile operating system will ensure that known vulnerabilities are kept to a minimum.

• Monitor and control high security features including networks that provide remote access from devices.

• Company App stores can help to mitigate the malware that comes from the public app stores by only hosting approved apps

That’s a start, but there is so much more that should be done to eliminate threats. The main thing is to use sound judgement and understand the risk of having your data exposed. If you need help enlist the help of a security team that specializes in mobile security.