Five Steps to Deploying Mobile Device Management
Jamie Barnett is senior director, product and corporate marketing for Zenprise. Prior to Zenprise, she served as senior director, marketing for McAfee’s mobile security business unit, and prior to that, vice president, product management and marketing for software company Blue Vector. She has held a number of management positions at EMC, including co-founding the data management company’s security division and leading the charge for its acquisition of RSA Security. Jamie has a bachelor of science from U.C. Berkeley and an MBA from Stanford University.
Deploying Mobile Device Management
Whether you’re allowing employee-owned devices on your corporate network as part of a “bring your own device” program or issuing devices and rolling out mobile apps to your enterprise users, you are thinking about deploying mobile device management. What are the key considerations for MDM in the context of your mobile strategy? We believe there are five primary steps:
Discover rogue or unmanaged devices
Before you get started with your enterprise mobility program, it’s important to know what devices are already on your network, to whom they belong, and what these devices are doing. Once you do this discovery, you’ll have a sense of the type of devices that you’ll be protecting (and protecting against) and what kinds of policies you may want to consider.
Know your table stakes
Once you know what devices you’re dealing with, it’s important to figure out what your minimum requirements are. Don’t cringe at my use of a gambling expression in discussing enterprise security, but we submit that MDM needs to enable the following “table stakes” lifecycle capabilities: configure devices in a role-based way; provision them by letting users self-enroll and providing an enterprise app store; secure them with comprehensive security policies based on role, device type, and whether the device is user-owned or corporate-issued; support them with locate, lock, and wipe, and remote diagnostics; monitor them; and decommission them upon employee departure by wiping them of corporate data.
Let your strategy drive your requirements
Beyond the table stakes, what requirements will result from your mobile strategy? Will you support mobile users on a “best efforts” basis for email? Or are you rolling out a mission critical custom application? What are the SLAs for performance, scalability, availability, and transaction reliability?
To what corporate and regulatory policies are you beholden? Those may drive your security requirements. A good starting point is your laptops and desktops. For example, if you encrypt data-at-rest on laptops, you may consider requiring it as part of your device access policy.
Does your strategy involve users accessing sensitive data from their mobile devices? If so, it’s worth considering your MDM provider’s capabilities around mobile data leakage prevention and making sure that you can offer users data access but you can adhere to data governance and control.
Set a user policy and communicate it
It is one thing to set a policy, but quite another to enforce it. Enforcing policies is hard to do, and especially in the world of employee-owned devices, can fly in the face of employees’ privacy. If your policies include enterprise monitoring of device activity or communications, or the potential deletion of personal information or content, it is a good idea to not just set and communicate policies, but also gain users’ explicit agreement to those policies.
Monitor and report
Finally, no business initiative is complete without comprehensive monitoring and reporting mapped to your goals. If your goal is to manage telecom expenses, it’s important to be able to report on savings from deploying MDM. Similarly, if security and compliance are your issue, you’ll want to report on what mobile devices and users are doing on the network, and prove compliance with your policies.
You’ve got your mobile strategy. You’ve got your five steps for MDM. You are now armed and ready. Go forth and conquer!