Mobile Device Management: Securing your Mobile Environment

Mobile Device ManagementEnable, manage and secure your mobile environment

Mobile Device Management: Securing your mobile Environment./ 2

What is MDM?

How MDM works?

One of the significant technological trends in recent times has been the huge proliferation of mobile devices and apps into the workplace. From smartphones to Tablets to wireless add-on devices like sensors, scanners etc., mobility in enterprises has reached a critical mass and is all set to occupy a dominant position in the overall organizational setup. While enterprise mobility solutions bring myriad benefits to organizations in aiding transformation, boosting efficiency, increasing customer satisfaction and eventually leading to better margins and revenues; it also poses a range of serious challenges in terms of managing, monitoring, collaborating and securing an ever increasing pool of mobile devices and apps, loaded with sensitive data, which needs to be answered to optimize the benefits arising out of mobility. A few years back, enterprise mobility was predominantly occupied by Blackberry devices and a BlackBerry Enterprise Server (BES) was sufficient to manage and secure the environment. However, in recent times, consumerization of IT and Bring Your Own Device (BYOD) policy has led to entry of devices of all types and sizes making it impossible for the IT departments to manage and monitor it and posing a serious threat to the security of corporate data. Mobile Device Management or MDM can be one such solution that can prove to be an effective answer to most of the challenges arising while implementing mobility. Our cover story, this month, takes a detailed look at MDM and discusses why and how it could be a solution to various challenges faced by enterprises in their mobility adoption.

According to Gartner, Mobile device management (MDM) includes software that provides the following functions: software distribution, policy management, inventory management, security management and service management for smartphones and media tablets.Mobile Device Management solutions can be deployed on-premise or as a cloud-based service. There are a few vendors who also offer MDM as managed service wherein routine updating and maintenance is outsourced to third parties. Most mobile device management solutions enable organizations to manage and provide end-to-end security to mobile devices, apps, network and data through single software whereas some MDM solutions also incorporate expense management to provide more elaborative coverage to the management of mobile devices.

Whether deployed as an on-premise server or as a cloud solution, a MDM lets you manage all the mobile devices deployed across your enterprise. Every device that has to be controlled and managed in your enterprise and hence enrolled into the MDM has to follow an authentication and provisioning process through which it is registered in the MDM directory. An authenticated and encrypted connection is then established between an enrolled mobile device and the MDM gateway server enabling all traffic to and from the device network to be redirected through it and the Gateway Server. A registered device can interact with the MDM server after it successfully authenticates itself. The device management server collects information about the smartphone or tablet and then sends the applicable settings and applications to it. MDM allows administrators to enable or disable any functionality of the device; decommission inactive devices, blacklist and whitelist applications or selectively wipe data from a device as per the mobile policy and the user cannot override it. It also supports remote location of any device and provides troubleshooting services to any device. The MDM also regularly checks and evaluates for newly published


software package distribution.

Most of the MDM solutions offer customizable, on-click dashboards for administrators to get information on all the enrolled devices in the enterprise network.

CONFIGURE SUPPORT

PROVISION

SECURITY

DE-ACT

IVATE MONITOR

Policy

Management

Policy

ManagementApplication

Management

Application

Management

ServiceM

anagement

ServiceM

anagement

SecurityManagement

SecurityManagement

Dev

ice

Man

agem

ent

Dev

ice

Man

agem

ent MDM

Architecture

MDM enables -

• Configure- Configure device and application settings, restrictions etc., as per policy.• Provision- Facilitate automated and over-the-air user device registration and distributing configuration check and evaluate software package distribution.• Security- Secure devices, apps, and data by enforcing security measures like authentication and access policy, enable or disable device functionalities, blacklisting and whitelisting apps.• Support- Help users by remotely locating any device and providing troubleshooting services.• Monitor- Keep a track on device, app and data usage; check unauthorized user access; abnormal device behavior etc.• De-activate- Decommission lost or stolen devices; block user access, wipe out data from compromised devices.


The widespread proliferation of mobile devices and applications caused by consumerization of IT and the popularity of BYOD policy has enabled unprecedented mobility and data on the fingertips of employees while boosting productivity and efficiency of the organizations. However, while providing multiple benefits to enterprises and employees, mobility has also posed several challenges to the IT department. From selecting platforms to support within the network to dealing with loss or theft of devices to securing critical corporate data on thousands of devices; IT departments have a lot to consider. MDM software helps IT department in answering all these challenges by providing control over devices, applications and data flow. Administrators can monitor and control the apps installed on devices, keep a track on user behaviour, enforce security measures so as to create a secure mobile ecosystem within an organization. Moreover, MDM solutions also go a long way in optimizing the functionality of the mobile network in an enterprise as well as minimizing costs and reducing downtime. In other words, MDM paves the way for implementation of both device and platform agnostic security policy and supports enterprises in mitigating business risks by protecting data and information.

Cost Reduction per year with MDM : $322Net Reduction in TCO : 11%Net Reduction in Annual Device Management Costs : 32%Source: HP & Gartner, Microsoft Exchange Connections 2008

Cost Per User Per Year MDM Benfit

DeviceCost $250 8% Amortized over 2 years

ConnectivityData

$900 30%

ConnectivityVoice

$800 27%

Backend/Ops $504 17% -30% -$151 Setup and operate backend mobile application, change requests

ServiceManagement

$192 6% -40 -$77 Setup users, connectivity, user management, change requests

UserSupport $312 11% -30% -$94

$2958 100% -11% -$322

Why MDM?

Reduction in Total Cost of Ownership


Mobile Device Management can help an enterprise : » Enable sophisticated security mechanisms to prevent corporate data stored on devices from being

leaked, stolen or compromised.

» Ensures central control of registered mobile devices by providing real-time overview on each specific device via dashboard.

» Safely manage & distribute recommended apps, blacklists risky apps.

» Provides single, comprehensive infrastructure to manage devices and apps.

» Minimizes total cost of ownership (TCO) with a scalable, dependable solution.

» Meeting service level agreements (SLAs)

» Adheringe to key compliance obligations like HIPAA, FISMA etc.

» Implementing a standard mobile management & security policy.

» Improvinge user experience and thereby sustaining worker’s productivity.

» Reduces IT burden with self-service portal for employees.


MDM Usage and Adoption Trends

source: theinfopro.blogs.451research.com

Status of MDM implementation in Enterprises

In Use now

In Pilot/Evaluation Phase

In next 6 months

In next 6 -18 months

Later than 18 months

No Plan

42%27%

1%

7%

15%8%

» Among organizations that have not yet deployed an MDM solution, 32% will deploy one in 2013 and additional 24% plan to deploy one in 2014.

» The leading factor (34%) cited for deploying an MDM solution was the potential for loss of intellectual property.

» Among respondents switching to a new MDM platform, 31% indicated that they would likely select a cloud-based solution. Of those, 55 percent said they would choose a private cloud solution for security reasons.

» The top three reasons cited for choosing a cloud MDM solution were:

• Simpler administration/maintenance (69%)• Predictable/reduced costs (39%)• Don’t want to use internal IT staff resources (21%)

Source: Osterman Research


When is MDM required?

• Over- the-air configuration (Wi-Fi, Active Sync)

• Apps management on devices

• Asset tracking (hardware, software)

• Compliance reporting

• Internal apps and/or secure content hosting

• Device locator/tracking

• Cloud backup/storage control

• Encrypted data traffic

• Board paper distribution through devices

• Policy compliance access control

• BlackBerry is the only device type used

• Smart devices don’t collect corporate e-mail

• No corporate documents kept on device

• Devices don’t access any corporate data

• Remote lock and remote wipe

• Need to require passcode

• Encryption must be enforced

• Requires basic device restrictions

Feat

ures

Risk / Security

MDM not required Consider MDM MDM is required/recommend

MDM - Requirement Analyser-Walle Quadrant

source: Datacom

When should you consider looking for a MDM solution? The answer depends on many factors including the type of devices being used in your enterprise to types of apps and the kind of data accessed through them. You may not require an MDM solution in case you provide your employees only BlackBerry or iOS devices or in case the devices don’t access any critical data. However, if you have a Bring Your Own Device (BYOD) mobility culture wherein employees bring their own devices or you approve multiple OS devices like iOS, BlackBerry, Android, Windows etc., then a MDM solution becomes a necessity to prevent your device and data from theft or being compromised. In addition, there are various other questions like- Does data and sessions need to be encrypted? What would be the business impact of a security breach? What and how much control do you wish to have on the devices and apps? In other words, a comprehensive assessment of your organizational risk profile with respect to mobile devices will answer your need for a MDM solution.


Abi

lity

to E

xecu

te

Completeness of Vision

Magic Quadrant for Mobile Device Management Software

source: gartner (May2012) as of May2012

MYMobile Security

Smith Micro Software

LANDeskAmtel

SilverbackMDMOpenPeakTangoe

Trend MicroIBM

BoxTone

Good TechnologyZenprise

Fiberlink

AirWatchMobileIron

Sophos

Symantec

SAP

McAfee

Challengers Leaders

Niche Players Visionaries

MDM vendors are somewhat limited in the control that their specific MDM solution can exercise on the APIs (Application Programming Interfaces) of the devices which means that while each MDM is different, the core functionalities and features remain same. MDM platforms may differ from each other in deployment choices-traditional in-premise versus cloud based, the platforms-iOS, Android, Windows etc., it supports, integration with security and service management platforms, telecom expense management and enterprise content management system etc.

The market for MDM solutions is competitive with many big players involved in it. According to Gartner research, the MDM market is dominated by a “big 5” group of vendors consisting of Good Technology (which alone accounts for 20% of the total market), SAP, AirWatch, MobileIron and Fiberlink Communications that controls about 60% of the market.

Players in the MDM market and their position


Issues with MDMs

Recommendations on choosing a MDM solution

• Deployment – MDMs can be deployed on-premise or as cloud-based service. On-premise installation would require in-house capability and resources for maintenance and trouble-shooting while cloud-based solution would make you completely reliable on vendor’s capability and services.• Costs -There are significant expenses involved in installing MDM solutions. While on-premise installation requires significant upfront costs with low recurring expenses, cloud-based solutions require low upfront expense but have high recurring expenses every year. Companies have to do a comprehensive cost-benefit analysis before opting for a MDM solution.• Adaptability -Every organization has its own set of niche requirements that a MDM solution must be able to address. Allowing sufficient customization and tweaking choices is a challenge for a specific MDM.

Choosing the right MDM platform becomes critical due to security implications and high costs involved. Here are a few key points to consider while choosing a MDM platform-

• MobilePolicy- Your MDM platform should best cater to your mobile policy. Does it have sufficient functionalities to provide the level of security that your business needs? Does it support archiving of mobile content?• SecurityMechanisms - Data security is an on-going process. Make sure that your MDM platform supports advanced data security measures.• Remoteconfiguration&control - Your MDM platform should enable remote configuration, updating of OS and apps. Moreover, it should also provide you control through locking/wiping of devices in case of loss and theft.• Scalability- The types of platforms and devices it can support is also a key consideration while choosing an MDM. Does it offer flexibility to add more devices and platforms in future?• Complianceobligations- Your MDM platform must be able to help you in fulfilling compliance obligations related to data security, customer privacy etc., of the country.• Analytics- MDM solutions must provide real-time, comprehensive analytics on registered devices and apps.

A Checklist for MDM

Any good MDM must have following security features-• PIN/password enforcements• Functionality to remotely lock/wipe device in case of loss or theft• Data encryption• Jailbreak detection• Data loss prevention mechanisms


DeviceManagement ApplicationManagement

• Over the air configuration• Remote operating system and application updating• Remote control of devices• Real-time analytics on usage

• Whitelisting and blacklisting of apps• Management of enterprise app stores• App security features• Remote data wipe of applications• Real-time analytics on apps downloaded, data accessed on registered devices

The massive proliferation of mobile devices and applications in enterprises has posed a serious threat to the IT department in securing critical corporate data. Moreover, with huge diversity in devices and multiple platforms, it has indeed become burdensome and resource-taxing for organizations to monitor and control devices, apps and their usage. Also, there is a regulatory requirement call for sufficient data protection mechanisms. In such a scenario, MDM solutions become a necessity for organizations to optimize their mobile initiatives and mitigate business risks associated with it. A centrally controlled and real-time monitored mobile environment will be the defining feature of most of the enterprises, in times to come.

Conclusion

[x]cube is the premier mobile solution partner for companies and individuals creating the next generation of digital applications. [x]cube develops custom solutions for the iPhone, iPad, Android and Windows Mobile platforms.[x]cube is a division of PurpleTalk, Inc.

xcubeLABS.com | 1-800-805-5783 | [email protected]

[x]cube LABS is one of the leading mobile apps development and consulting firm, headquartered in Dallas, U.S and with offices in New York and Hyderabad, India. With expertise across all the major mobile platforms, [x]cube has delivered over 500 apps till date and has an enviable client list comprising of some of the biggest brands like GE, Intel, Texas Instruments, Hasbro, Mattel and 24 Hour Fitness. [x]cube’s understanding of the mobile space and technology, complimented by its rich experience across all the major industry verticals and the capability to deliver end-to-end solutions, make [x]cube the perfect mobile consultant of choice.

About [x]cube LABS

Reach [x]cube [email protected]

1-800-805-5783

www.xcubeLABS.com

To integrate your enterprise people, processes and products with customized, avant-garde mobility solutions or to explore mobility opportunities in your enterprise with our experts, please feel free to contact us at [email protected].

We encourage you to continue exploring our website ( www.xcubeLABS.com ) to find out more about our services.