“Can’t find your iPhone? But you had it when you left for work.” Many recognize that sinking feeling, when your preferred comms tool suddenly isn’t in your pocket — we go through the five stages of loss: denial, anger, bargaining, depression, and acceptance. Many companies demonstrate similar reaction patterns when it comes to lost devices, and suffer the consequences: financial losses, personal information disclosures, and dented company reputations. The more proactive ones transition into Disaster Recovery mode to restore the system, and Data Protection mode to limit the possible consequences of data loss.
Mobile device management (MDM) has evolved over the past decade to provide business tools for integrating and protecting the mobile device that uses the corporate network, typically addressing operations, policy, security, configuration, mobile apps support (performance, version control, distribution, etc.), and mobile data management.
But why continue this distinction between MDM and corporate management of any other network-connected device like the desktop or the laptop computer? After all, we use these network devices inter-changeably for much the same activities. Actually phoning someone is no longer even the main function of the smartphone, and many apps migrate across the devices we use throughout the day.
The important distinction however is not in how we use these devices, but how we own them and how we access corporate resources. On top of that, mobile networking devices are evolving faster than the desktop or the laptop, often outstripping the policies implemented to manage them.
Recent research from the Ponemon Institute (2013 State of the Endpoint) identified the need for better control of corporate data (individual privacy data, company strategic data, legal data, etc.), and a desire for better auditing capabilities of corporate activities on mobile devices. This comes from a recognition of the growing threat to data security, and the significant costs associated with data loss. And yet 60% of these companies had no formal BYOD (Bring Your Own Device) policy, and only 20% provided any kind of training for employees in the work-related use of their personal mobile devices. The May 2014 report ‘Getting to grips with BYOD’ found 32% of companies not using any kind of MDM.
So we still have a serious disconnect between perceived risk and problem resolution that companies need to address. Problem resolution needs to start at the top, led by the company Board defining a corporate Governance, Risk and Compliance (GRC) strategy. This is based on input from the lines of business (LoB) identifying the business critical issues that need to be addressed, the IT department providing the strategies to mitigate these issues, and the Board defining the governance procedure and allocating the necessary resources to ensure compliance.
Management of mobile access to corporate apps and data, both synching and sharing, typically involves better IT control and improved content security, as well as procedures for ensuring regulatory compliance. Additionally, a preferred solution will also focus on boosting end-user productivity, since any procedures that impede core revenue generating activities will be circumvented by users and frowned on by LoB managers. This may provide better protection of corporate data, but does not really address the sticky issue of the private data and apps found on all BYOD devices.
Companies providing mobile BYOD data access protection include IBM, Oracle, Symantec, and Acronis. The functions to look for include:
- Permission controls to open files in different apps,
- Blacklist-whitelist of apps;
- Encryption of data both at rest and in transit;
- Selective remote wipe of corporate data; and
- Apps on a device leaving personal stuff unaffected (typically when an employee leaves the company).
Besides Death and Taxes, we know that data collection and mobile data volumes will continue to grow at a prodigious rate. We also know that corporate data will become more and more entangled with our personal data and apps on our mobile devices. An important first step is to manage the two parts independently — easily, completely ,and safely. The alternative is that sinking feeling…