Protecting enterprise/company data is an important responsibility of IT security administrators of any enterprise. Lost, stolen or corrupted data is a big headache even if effective backup policies are in place.
Earlier, employees were able to access and communicate company related information only from within the walls of the company. The company servers could be accessed only from within the physical limits of the enterprise. Later on as business models changed and instantaneous communication became necessary specific roles were defined for those employees who had to be able to access corporate servers/ data even from outside the physical boundaries of the enterprise. The enterprise provided laptops that had plenty of restrictions, and later on other mobile devices such as tablets and smartphones were provided. The device policies had severe restrictions in allowing the employees to use the devices for personal purposes.
With advancement in technology as well as business requirements “being always connected” was found to be advantageous, which later on became a necessity. Along with this came Bring-your-Own-Device (BYOD), which was advantageous for both the corporates and the employees. And for managing them Mobile Device Management was brought about as the number of devices reached higher and higher numbers.
The smartphone has in many cases done away with desktops, and Intel and other PC manufacturers have scaled down production of desktop based computer components. Focus has shifted towards mobile devices. Surveys and forecasts have revealed that further on most businesses will be completed on mobile devices. Even now many employees access corporate mail from mobile devices and through public Wi-Fi, cyber cafes, and other internet access points that can be accessed by many users. These access points are generally considered to be more vulnerable. Policies have to be in place so that employees are careful when using public access points. In certain business cases they must not use public access points at all.
Embracing Mobile Device Management must lead to improvement of business. That must be the main goal. The business necessities of each employee must be considered in terms of Mobile Device Management, and feasible management policies must be laid out. Additionally, if the devices must be kept secure and used only for business purposes then an app store can set up and it must be mandated that employees must be able to download apps only from that app store. Geo fencing is another advanced security feature that is offered by Mobile Device Management solutions, which can be implemented as per the business need.
Provide training to employees on how to use mobile devices. They must be educated on the security and access related procedures. As many enterprises allow BYOD, they must specify rules on how to maintain enterprise data and personal data separately. They must be trained on taking backup of their data, which may be necessary if the mobile devices get stolen or are lost. Many secure browsers are available which can be used instead of native browsers. Further, they must be advised not to store data in Dropbox or other such file hosting services. They must be instructed to store data only on secure cloud servers that are managed by MDM solutions.