To state the obvious, business success today is dependent on an organization’s ability to empower its mobile workforce. Corporate resources – including applications, data, and services – must be securely and reliably accessible by every device employed to perform business tasks, whether it is owned by the business or by an employee.
Driven by the mobile workforce, BYOD is now the norm. According to analysts at Enterprise Management Associates (EMA), 58 percent of today’s business smartphones are purchased by the user, not the employer and this number is projected to grow to 85% by 2016.
The BYOD movement has created an expectation of constant access to business applications from a widening array of mobile devices, creating significant security and data management challenges for IT teams. The bottom line is that enterprises face significant challenges in enforcing the right policies that can secure business resources from a user’s unsecured applications and data.
Imagine this situation: Bob, the VP of Sales, loses his smartphone on the train. There are two major issues. The device is lost and sensitive company information may be exposed. Additionally, the user has to notify the IT Department to track and wipe the device. How can the exposure of sensitive company data and the negative impact on productivity be minimized?
Let’s examine five key best practices when creating a successful enterprise mobility strategy.
1. Define company-specific mobility best practices and policies
Determine the information and applications that each department in your organization needs to access. Outline the security procedures for each department. Understand the regulations governing data usage and data access in your countries. Look into your specific data usage requirements, and any regulatory or compliance requirements.
Once an understanding of internal policies and future requirements is in place, you can draft the Enterprise Mobility and BYOD policy framework for your organization.
2. Support employees on multiple endpoints
The biggest impact of mobile devices on IT support is not the volume of devices, but the style of support needed. BYOD limits the scope of service IT can provide, which often times places greater responsibility on users to ensure their devices are properly configured. Additionally, the high degree of heterogeneity of mobile devices (i.e., iOS, Android, Windows Phone, etc.) limits an IT staff’s breadth of platform expertise.
If the user owns the device, IT cannot push changes and configurations automatically. Because some updates and configurations are more critical, enforcement strategies should vary. Critical OS updates should motivate the user to urgently comply. If they don’t, revoking email access until updates are completed could be a viable mobility management policy. Noncritical policy violations may display a simple warning.
3. Maximize security
BYOD poses many security risks, but they are avoidable. Analysts at EMA found that on average, one out of every eight mobile devices will be lost or stolen. Be sure your business has policies in place for device replacement and a security protocol for protecting stolen data. All enterprise data, regardless of sensitivity, should be secured at its source, in transit to the user device, and on the endpoint.
Make sure your IT department has the ability to remotely wipe all mobile devices. Remote backup and restore functionality can help decrease the risk of data loss, and device location services can help locate lost devices.
Employee-owned devices sometimes bypass corporate filters, leaving them vulnerable. Adding security layers to mobile devices can help, but expect pushback. As always, be sure to consider legal privacy requirements.
It is important to realize that users can fully circumvent security restrictions by rooting or “jailbreaking” their devices. All rooted or jailbroken devices should be monitored for and denied access to business resources.
4. Empower employees with self-service
End users should have the ability to maintain their own devices with little or no interaction with IT operations. A consolidated application delivery system, such as a mobile AppStore, can provide a “one-stop shop” experience for accessing all business applications, virtual applications, and web applications. Similarly, data can be stored and distributed via a secure share or other centralized and commonly accessed repository. Approval and authentication processes should be used when accessing company resources.
Sometimes difficulties occur that require administrative assistance. Users should have the ability to initiate a service request. Administrators should have remote access to all supported endpoints, allowing them to see and resolve any issues. In the event a device is damaged beyond repair, all business data should be backed up and recoverable.
5. Create a fully unified EMM solution
According to a recent survey of IT organizations, nearly 42% of organizations say that an EMM strategy is important to the future of their business. However, many companies and IT organizations do not have an integrated solution.
Remember Bob? With a unified solution, Bob can use Self Service and Service Catalog processes to report his lost device and simultaneously order a replacement. With a unified EMM approach, workflows and approval rules initiate automatically (zero touch) and notify Bob when his new device will arrive. With Enterprise Mobility Management and Zero Touch Deployment, Bob can regain access to his applications and personal settings from his previous device. Zero-touch deployment allows new applications and updates to be automatically pushed out to devices, which are also synched in the change management database (CMDB), providing the Service Desk an up-to-date and unified view of users, their devices, and their support policies.