Embed Size (px)
DESCRIPTION
May 6, 2014 presentation at TechTalk Live on mobile device management strategy
Citation preview
A Strategic View of MDMMay 6, 2014 Jason Murray, D.CS
First Wave
Future Waves
Make a Case for Developing a MDM Strategy
Challenges
Choosing MDM Strategy
BYOD
One to One
Combination
BYOD
One to One
Combination
Assign Limits
• Decisions:• Decide which mobile operating systems should be allowed.• Decide which corporate resources should be accessible from mobile devices.
• A strategy is like a block of raw marble. It needs to be chipped away at, defining limits and specific details until it is a work of art that is perfectly suited to your unique organization.• Introduction of full or partial BYOD programs shifts some choices to
the users, but IT still has – and must maintain – power as recommenders of which devices to acquire and what to do with them.
Choose Technology Policies First
• What do you need to be able to do with users’ devices? Answer this question before creating written policies or investing in any management technology.• Policy Decisions. Mobile devices are personal, and the benefits of more
control are often offset by users resistant to that control. Having to monitor and enforce more rules also means more hassle for IT. Have a specific reason for each policy. • Don’t choose show over substance. Blocking Fruit Ninja may send a clear
message about wasting time, but it is more important to identify serious risks. If any apps need to be restricted, Proxy server apps are probably a larger threat than any number of Angry Birds. • Complement technology policies with people policies. User behavior is as
important as technology in a strong strategy. Educate users on the technology policies that are in place, and on policies that technology alone can’t enforce.
DON’T IMPLEMENT MANAGEMENT SOFTWARE, THEN START TICKING BOXES. FIRST, DECIDE WHAT CONTROL IS NEEDED ON DEVICES, AND WHICH POLICIES CAN EXERT THAT CONTROL.
Communicate your Strategy to Users with a Written Acceptable Use Policy
• Create a written policy that:• Explains the purpose of the policy.• Specifies to whom it applies. • Explains the policies in place and the
technology enforcing them.• Warns about the consequences of
non-compliance.
A WRITTEN POLICY COMMUNICATES EXPECTATIONS.
Enable IT to take action if anything goes wrong with a remote wipe waiver
• A policy of remotely wiping devices if anything goes wrong is the minimum an organization can do to guard against mobile device disasters.• It is essential that users are aware of remote wipe capabilities and
procedures, and to consent to have their devices wiped. Such consent is especially crucial for BYOD organizations.• Considerations:
• Communicate the purpose and importance of remote wipe.• Specify who the policy applies to and when it will be invoked.• Describe the remote wipe technology used.• Where applicable, procedures for selectively wiping corporate data only
USERS NEED TO KNOW THAT THEIR DATA CAN BE DELETED.
Remote Wipe Language
• By connecting to [company name]’s corporate resources, mobile devices gain the capability of being wiped remotely by [company name]’s IT department. This capability is enabled by IT’s use of [describe remote wipe technology; e.g. ActiveSync, BES, third-party MDM vendor].• When a remote wipe is initiated by the user or the IT department, the user’s
mobile device will be wiped of all data and restored to its factory default settings. The wipe is not limited to corporate data. Data that the employee has added to the device for personal use will also be deleted. This data is not recoverable on the device itself, but can usually be restored from a backup (e.g. on a personal computer or a cloud service) if the mobile device remains in or returns to the user’s possession, or a new device is able to store the backup. It is recommended that users back up their personal data frequently to minimize loss if a remote wipe is necessary.• A remote wipe will only be initiated if IT deems it absolutely necessary. Examples
of situations requiring remote wipe include, but are not limited to:• Theft of the device.• Loss of the device.
Create a Shortlist of Appropriate MDM Vendors
• There is an arms race in MDM features, and different MDM vendors specialize in different sets of features in order to attempt to stand out among the crowd.• Different approaches also offer different levels of security,
weighed against different end-user experiences. For example:• Containerized approaches completely segregate corporate data and apps
from personal resources, maximizing security but requiring more steps to set up and operate devices.• Agent-dependent approaches require installation of an agent on
managed devices. This unlocks some advanced functionality such as jailbreak detection and remote support. • Agent-free approaches require minimal setup from users, but can be
limited in the control that IT can exert over their devices.
• Some vendors offer a mixed approach, allowing IT to choose which approach they prefer.
AFTER YOU DETERMINE WHICH FEATURES ARE IMPORTANT, EVALUATE MDM VENDORS AND FIND A STRONG ONE WITH AN APPROPRIATE PRODUCT.
mdmserver.org Top 10
• 1. Tangoe- Tangoe is one of the famous mobile management service providers. It is available all over the world and is quite famous in offering MDM services to large size corporations.
• 2. Maas360- Maas360 is known for offering its services to the smaller enterprises. Their professionals are quite experienced in handling all tasks of MDM.
• 3. Winmagic- Winmagic is one of the famous names in offering security to mobile devices which are lost. The company is offering its services all over the world and in exchange of a very reasonable price
• 4. CA technologies- this is the company which a great reputation in offering security to mobile devices. They have a large number of clients who are enjoying their services globally.
• 5. Mobileiron- Mobileiron services are widely recommended by experts in MDM. This company is quite famous in providing network security, managing cell phones and billing.
• 6. Airwatch- Airwatch is one of the famous names in MDM. The company is known for offering high level services which are totally free from all issues. Their global presence is their leading specialty.
• 7. Visage mobile- Visage mobile is an American MDM service provider. They have professionals that are known for effectively integrating the system of one enterprise with another.
• 8. Mformation- Mformation is another American MDM service provider whose professionals are known for managing usage of all mobile devices in an excellent way.
• 9. Zenprice- Zenprice is the leader in mobile device management that offers its services in exchange of a very good price.
• 10. Mctel- Mctel is another quality leader in MDM which is known for managing all categories of mobile devices.
Open Source Solutions
• OpenMEAP• WSO2 Enterprise Mobility Manager• Device Policy Manager (Android only)
Training Unlocks the Benefits of Mobile Devices
• Organizations with training programs are best able to reap the benefits of mobile technology. Training has the most impact in mitigating the potential negative effects of mobile devices, such as lowering spending and reducing help desk load.• Training and enforcement are necessary to set an example. They
show that policies are taken seriously, and in place for a reason.• In organizations with mixed strategies, customize training for each
group of users. Target their use cases and specify how policies are implemented on the technology that they use.
• Your carefully chosen strategy and set of policies will mean nothing if users are unaware of them. Have a method of educating users on your mobile strategy.
THERE IS NO POINT IN HAVING POLICIES IF NOBODY KNOWS ABOUT THEM.
Revisit, Re-Evaluation & Improve
Resources
• www.infotech.com• www.mdmserver.org• thejournal.com• campustechnology.com• air-watch.com
