Don't manage mobile devices, manage the enterprise

 

Connecting state and local government leaders

Mobile devices bring so many security risks into networks that governance must move beyond device management to encompass much broader enterprise issues.

It's time to stop talking about mobile device management. Instead, let's start talking about mobile enterprise management.

That may seem like a minor wording change, but refocusing an organization's approach to mobile management can have long-lasting effects on the way it deals with an increasingly mobile workforce.

When MDM first came into vogue, it included many of the standard features of PC management solutions (access control, user permissions and so forth) while adding functionality to address the unique needs of mobile devices such as smart phones and media tablets (bandwidth limits, screen real estate and device compatibility).

Soon, risk management associated with mobile computing became a chief security concern at government agencies. Each new device added to a government network introduces substantial risks. Smart phones essentially bring their own separate network with them into a facility, and data stored on a device can easily leave the facility.

Associated challenges for IT managers include deciding which mobile devices should have access to government internal networks, where device data should be stored and the requisite level of security for devices and connections. IT managers feel torn between protecting security by limiting mobile access and broadening access to meet employee demands and boost productivity.

To respond to these new issues, government IT planners have sought out best practices for mobile computing security, including developing a solid risk management framework for the use of mobile devices in government. To meet the needs of such managers, the mobile enterprise management software market has evolved quite rapidly. These solutions help balance the need for both corporate- and employee-owned mobile devices — and the end-users.

The convergence of enterprise mobile risk management and mobile enterprise management software has helped nudge agencies into the realm of full mobile enterprise management. Frameworks for mobile risk management can start with the following:

  • Take a cue from the Defense Department and do a needs assessment to make sure that both wired and wireless transmission capability across the enterprise is sufficiently sized, reliable, available and flexible enough to support the agency's mission needs. In the case of DOD sites, that means doing an assessment of the Net-Centric Capability Portfolio for wired and wireless programs that comply with the DOD Information Environment Architecture (IEA) and net-centric architecture. Ensure that needed upgrades are on schedule.
  • Leverage existing authentication and access control solutions. Most can be configured to enable secure connections from mobile devices. Find out what exists, what these systems are capable of and what sort of software or hardware upgrade may be needed to enable mobility.
  • Assess the current state of other security solutions within the organization, including virus protection, firewalls, etc. Determine how current security solutions can best be extended to mobile devices. In some cases it may be cheaper to bypass current systems and start over with solutions that are specifically dedicated to mobile device security.
  • Define the current security solutions that can't be extended to mobile devices, and determine what additional software or hardware will be needed to make up this gap.
  • Ensure that networks can handle dynamic allocation of these resources, from IP addresses to allowed client connections.
  • Assess the technical threats and risks that could impact the mobile devices used by workers and the way they interface with corporate networks and systems. Look at the identity and access management systems outlined above. Determine which risks are reduced by these systems and which risks remain.

Based on these findings, organizations can create or enhance policies, standards, guidelines and processes related to the management of mobile technologies. Such policies will need to address long-term enterprise needs. Thus, if there are gaps in current security solutions, polices should include dates when new functions will be available.

Meanwhile, establishing a framework for mobile application management helps set rules by which specific mobile devices can be administered, secured and distributed by IT organizations. Such solutions typically allow for enhanced policies to be applied to individual applications.

All of these issues together — device management, mobile application management and mobile risk management — are starting to merge into to a set of solutions best described as full mobile enterprise management.

Companies such as AirWatch, BoxTone and Fiberlink have stepped into this space, offering enterprise management solutions capable of addressing many of the issues raised above. Then there's Fixmo Inc. Its Sentinel and SafeZone products were developed as part of a Cooperative Research and Development Agreement with the National Security Agency and meet the government and defense agencies' strict security requirements, with a focus on mobile management, security and risk management.

Here's the bottom line. Mobility governance must move beyond device management to encompass much broader enterprise business issues. IT managers must develop a framework to evaluate the mobile security needs of their organizatio, and launch their own enterprisewide security framework focusing on risk management — all while deciding how mobile application management will be handled within their organization.

Any framework for mobility security must also address the risk management aspects of platform-independence, software compatibility (and application management), strategic planning for mobile applications and maintenance and lifecycle management. 

Any approach that focuses on the device level is short sighted. Mobile solutions are part of the enterprise, and management of the devices must follow suit.

NEXT STORY: BYOD goes statewide in Virginia

X
This website uses cookies to enhance user experience and to analyze performance and traffic on our website. We also share information about your use of our site with our social media, advertising and analytics partners. Learn More / Do Not Sell My Personal Information
Accept Cookies
X
Cookie Preferences Cookie List

Do Not Sell My Personal Information

When you visit our website, we store cookies on your browser to collect information. The information collected might relate to you, your preferences or your device, and is mostly used to make the site work as you expect it to and to provide a more personalized web experience. However, you can choose not to allow certain types of cookies, which may impact your experience of the site and the services we are able to offer. Click on the different category headings to find out more and change our default settings according to your preference. You cannot opt-out of our First Party Strictly Necessary Cookies as they are deployed in order to ensure the proper functioning of our website (such as prompting the cookie banner and remembering your settings, to log into your account, to redirect you when you log out, etc.). For more information about the First and Third Party Cookies used please follow this link.

Allow All Cookies

Manage Consent Preferences

Strictly Necessary Cookies - Always Active

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data, Targeting & Social Media Cookies

Under the California Consumer Privacy Act, you have the right to opt-out of the sale of your personal information to third parties. These cookies collect information for analytics and to personalize your experience with targeted ads. You may exercise your right to opt out of the sale of personal information by using this toggle switch. If you opt out we will not be able to offer you personalised ads and will not hand over your personal information to any third parties. Additionally, you may contact our legal department for further clarification about your rights as a California consumer by using this Exercise My Rights link

If you have enabled privacy controls on your browser (such as a plugin), we have to take that as a valid request to opt-out. Therefore we would not be able to track your activity through the web. This may affect our ability to personalize ads according to your preferences.

Targeting cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

Social media cookies are set by a range of social media services that we have added to the site to enable you to share our content with your friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies you may not be able to use or see these sharing tools.

If you want to opt out of all of our lead reports and lists, please submit a privacy request at our Do Not Sell page.

Save Settings
Cookie Preferences Cookie List

Cookie List

A cookie is a small piece of data (text file) that a website – when visited by a user – asks your browser to store on your device in order to remember information about you, such as your language preference or login information. Those cookies are set by us and called first-party cookies. We also use third-party cookies – which are cookies from a domain different than the domain of the website you are visiting – for our advertising and marketing efforts. More specifically, we use cookies and other tracking technologies for the following purposes:

Strictly Necessary Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Functional Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Performance Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Social Media Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Targeting Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.