Maximizing mobile device productivity and security requires careful planning and oversight.
Mobile devices and applications are becoming essential to many enterprise operations, but as these technologies grow in importance and value, so too does the need to manage them effectively.
Enterprise mobility management (EMM) solutions create an efficient and reliable way of deploying and overseeing mobile devices such as smartphones, tablets and notebook computers. EMM is essential for ensuring the security of enterprise data as well as providing access to the information and applications that users need, anytime and anywhere.
Organizations are learning how to manage mobility, notes Jonathan Dale, director of marketing for IBM Security. “They’re getting a great hold of what’s working and not working for their environment, but they continue to struggle with the day-to-day management because mobile never stops,” he says. “You need to commit to a constant learning process.”
Managing Mobile Apps
Mobile application management (MAM) — the software and practices that enable administrators to control app distribution, updates, patches and policies — is a core component of an EMM program. The very first MAM step is to decide whether to use off-the-shelf or custom-designed apps.
“There are a large number of factors to consider when looking at an off-the-shelf app,” says Trent Fierro, director of software and security solutions marketing for Aruba Networks. He notes, for instance, that if an off-the-shelf app is easy to use and supports the desired workflow, it may not be necessary to order a custom app. You need to consider the total cost of the off-the-shelf app compared to the cost of developing a custom app,” Fierro says.
When addressing specific line-of-business (LOB) processes, it generally makes sense to develop a custom app, says Christopher Campbell, director of product marketing for end-user computing with VMware. “Most LOBs have specific needs and workflows that off-the-shelf apps typically can’t provide,” he says. “By investing in the development of a custom app, an organization can ensure that it delivers optimized productivity for specific work tasks.”
Ensuring app security is another key MAM function. Organizations should trust only developers with verifiable security certifications to create their custom apps, says Rob Enderle, president and principal analyst of Enderle Group, a technology research firm. For off-the-shelf apps, IT managers should make sure that the code is properly certified by a third party, often a government agency, he adds.
Delivering the Mobile Workspace
More organizations are turning to mobile collaboration apps to boost productivity and flexibility. According to Frost & Sullivan, 80 percent of North American businesses now use one or more mobile apps.
Keeping a consistent workspace across multiple devices is essential for maintaining productivity and efficiency. “Mobile workspaces are useful to employees because no matter which device they are using, they get a consistent work experience,” says Alan Braithwaite, director of product management at LANDESK Software. “This makes them more productive and reduces risk of accessing the wrong data or services.”
Windows 10, for example, offers models for organizations that enable users to access work from various devices in a secure and convenient way.
Meanwhile, Microsoft is phasing out its older operating systems. Migration services are available from Microsoft and other providers to help organizations transition from a Windows 7 environment to a Windows 10 environment.
Key dates for this changeover:
- For 2017, Intel’s new Kaby Lake processors will support Windows 10 only.
- On October 31, 2017, original equipment manufacturers will stop selling Windows 10 Pro downgrades to Windows 7 or Windows 8.1.
- By January 2020, Microsoft will end extended support for Windows 7 on all devices.
Learn more about how CDW’s solutions and services can improve your mobility deployments.
Managing Mobility in a BYOD Environment for Education
Bring-your-own-device (BYOD) programs at educational institutions present IT teams with a significant challenge. Since IT staff cannot exert direct control over users’ devices, some security experts recommend that students only be given network privileges similar to guests visiting an organization’s offices, with special exceptions based on need.
“For better security, policy management should be used to define what student devices can have access to,” says Trent Fierro, director of software and security solutions marketing for Aruba Networks. Further, Fierro says educational institutions should ensure that devices belonging to teachers, professors and administrators participating in BYOD comply with the program’s security requirements.
Many K-12 schools have adopted the Google Chrome and Microsoft platforms, so deploying an EMM system that is compatible with them may be necessary.
Tough Environments Create Mobile Demands for Energy and Utility Firms
More than two-thirds of utility company employees work in the field for most of their day, according to Redhat. com. In addition to requiring rugged, reliable mobile devices that can withstand drops, vibrations and extreme temperatures, field workers must be equipped with enterprise mobility management (EMM) solutions that protect data and applications from malicious attacks. In fact, multiple reports suggest that energy and infrastructure companies have increasingly become the target of cyber terrorism worldwide.
To mitigate such risks, remote teams need EMM solutions that enable data encryption, authentication, identity management or data loss prevention capabilities without impeding real-time reports between workers, smart grids and IoT devices.
Jonathan Dale, director of marketing for IBM Security, recommends against allowing energy/utility workers to use their own devices on the job. “As an organization in a highly regulated industry, you want full control over the device,” he says. Supplying enterprise devices simplifies the execution of mobile asset monitoring protocols and compliance with federal energy and environmental regulations.
Keeping Patient Healthcare Data Safe
Managing mobile devices within a hospital or other medical facility poses serious challenges for safeguarding confidential patient data and complying with regulatory mandates for confidentiality. “Certificate-based authentication with 802.1x and EMM controls are important, as you will run into HIPAA (Health Insurance Portability and Accountability Act) requirements that pertain to the use and storage of patient information,” says Trent Fierro, director of software and security solutions marketing for Aruba Networks.
Fierro recommends frequently renewing device and Secure Sockets Layer (SSL) certificates. Other best practices include:
• Developing security-focused, bring-your-own- device policies
• Banning file-sharing applications
• Installing security software on all mobile devices
• Committing to regular operating system and app updates
• Conducting user security training
• Mandating strong user authentication controls
• Deploying remote and automatic lock/wipe capabilities 5
Windows 10 Transition and Migration Services for Business
Windows 10 offers numerous EMM features that make it an excellent option for mobile organizations. The operating system provides a unified set of application programming interfaces for MDM through a single platform. With this convergence, IT teams can secure and manage any Windows 10 device by accessing MDM protocols through an EMM solutions provider.
Organizations looking to get the maximum value out of their EMM investments should consider taking advantage of Windows 7- to-Windows 10 migration services provided by Microsoft and other vendors, such as the free Windows Upgrade Analytics Service, which uses telemetry data to provide powerful upgrade readiness insights and recommendations about the computers, applications and drivers in an organization. This service guides users through upgrade projects using a workflow based on Microsoft-recommended practices. Up-to-date inventory data allows users to balance cost and risk in upgrade projects.
Mobile Point-of-Sale on the Horizon for Retailers
Many retailers are intrigued by the potential benefits of mobile point-of-sale (mPOS) solutions, which can optimize floor space and cut costs while improving the customer experience.
However, these retailers must understand that given the volume of confidential financial information that flows through an mPOS device, strong security is essential. Using a mobile device management solution, designed and configured to address the unique performance and security requirements of mPOS devices, helps retailers take advantage of the appeal and flexibility of mobile checkouts without risking either customer or corporate data.
Jonathan Dale, director of marketing for IBM Security, recommends that mPOS devices be encrypted, are in constant compliance with policy and are never equipped with apps that aren’t directly related to a retailer’s core sales mission.
Stadium Mobile Point-of-Sale Requires Simplicity, Security
Sports and entertainment venue operators are rapidly embracing mobile technologies such as mobile point-of-sale (mPOS) solutions to streamline operations and engage with customers. Given the harried environment they must cope with, workers need enterprise mobility management (EMM) solutions that are reliable and flexible.
“In selecting an EMM product, you want to balance ease of use with effectiveness,” says Rob Enderle, president and principal analyst of the Enderle Group. “A good product that is too difficult to use and an easy product that doesn’t do the job are both worthless, so you need an easy, comprehensive product.”
Equipping stadium vendors with mPOS systems allows venues to accept credit cards from customers who may not have cash. Further, mPOS systems enable vendors to conduct more transactions during an event, and they can be integrated with other systems to automate inventory processes and improve planning. EMM systems can ensure that the data collected on these systems remains secure and that venues comply with regulations such as the Payment Card Industry Data Security Standard.
Managing State and Local Workers on the Go
Device reliability and network redundancy are essential for state and local government employees working outside of the office in areas such as transportation services, infrastructure inspections and repairs, and public safety. “If a device or network goes down, you need technology that can be relied on,” says Jonathan Dale, director of marketing for IBM Security.
Field users need a simple workspace that allows them to interact cooperatively in a team environment. The workspace should also provide access to data and resources no matter where they are or what time it happens to be. Since government users might handle personally identifying information of citizens on their devices, authentication software, identity management software or data loss prevention software are essential tools for maintaining privacy and security when workers are on the go.
The Challenge of Device Management
Mobile device management (MDM) software and policies enable organizations to oversee and secure devices over their entire lifecycles, supporting inventory tracking, operating system configuration management, provisioning, deprovisioning, remote wiping and remote control.
Despite MDM-enabled safeguards, growing security concerns are motivating many organizations to strengthen their policies to limit the types of personal devices that can be used on the job in a bring-your-own-device (BYOD) program, as well as how they are used. “Only a fraction of breaches are being reported, and the costs and related risks have most IT shops moving to limit exposure — and BYOD remains a big exposure,” Enderle says.
To stay ahead of cyberthreats, security experts have long advised organizations to conduct frequent device refreshes. “The ability for devices to be refreshed, via the end user or corporate IT staff, does in fact keep the operating system on its latest version, making it more secure and less susceptible to vulnerabilities,” Dale says.
Configuration services also play an important role in helping organizations gain firmer control over mobile devices. “Functions such as asset tagging and basic software configuration make your mobile environment more efficient, provides the ability to improve users’ productivity and leads to a more secure environment,” Dale says.
Don’t Forget the Content
Mobile content management (MCM) solutions allow organizations to distribute, manage and view content on mobile devices. MCM also protects confidential information across an entire mobile workforce without interfering with productivity. A solid MCM framework allows users to access critical content and collaborate seamlessly across any network, on any mobile device.
Solutions such as IBM MaaS360 Mobile Content Management offer an encrypted container that allows users to securely access business documents on their mobile devices. “In the case of a BYOD device, the best way to secure content is to separate corporate data from personal data,” Dale says.
Fierro agrees. “The idea is to create a container that adds security around apps and the data that are used for work,” he says. “If a device is being shared, then only the public data is accessible without the use of further credentials.”
75%
of internet use will be mobile in 2017
SOURCE: Reuters, “Seventy-five percent of internet use in 2017 will be mobile: report,” October 2016
Call us at 800.800.4239 to set up a consultation with
a mobility solutions expert.
MKT14M293