How many mobiles do you and your employees have each?  None, one, two (or even more)?  If the answer is ‘none’ then read no further, as Mobile Device Management (MDM) is not for you.  Otherwise, read on to find out why MDM is becoming the must-have mobile business tool in 2018.  I’ll explain some of the features which have convinced me that why, within the next two years, MDM will become as prevalent as other IT security measures that we take for granted like antivirus and web filtering.

Our mobile is part of our make-up

Although perhaps not a ‘wearable’ in the strictest sense, our mobiles have become part of our persona.  Everybody knows the make (and for the fanboys, model) of ‘their’ mobile.  Chances are that each one of us has personalised our mobile, through buying accessories, downloading apps and adjusting settings for ringing and alerts.  It’s also populated with our personal data.

Within this context, going back to my question, if you have just the one phone, then it’s likely it’ll be for professional and private use.  If you have two, then it’s probably one for each.  Either way, you’ll have at least one device that it’s in your employer’s interests to secure and manage, with perhaps it also being in your interests to protect your private interests.  This is where MDM comes in.

Key features of MDM

To keep this simple, I’ll focus on the use case I know best, i.e. mine.  I have one mobile that I use for work and recreation which, as you’d expect, is managed and secured by MDM.  I also have a spare for emergencies (also protected by MDM) and used mainly as an mp3 player.  Here are some of the key features, advantages and benefits.

Enforcing use of passcodes

Yes, it’s a pain having to enter a passcode before making a call, but not a fraction as much as dealing with the fall-out of a lost phone that is enabled for international calls and contains confidential data, like all your business contacts.  Not only does MDM enforce use of passcodes, but they have to be strong.  I have this on both my phones – do you?  If not, is that sensible?

Remote lock & wipe

If a device is lost, stolen or misappropriated in some way, MDM enables the administrator remotely to lock and wipe it.  The wipe can be ‘Full’ (i.e. factory reset) or ‘Enterprise’ which means that only the user’s employer’s data are wiped, whilst their personal data are preserved.  I have yet to experience this happening, but it’s comforting to know that it’s there, just in case

Feature control

This might seem a bit Big Brother-ish, but for some organisations, there is a requirement to switch off mobile cameras, prevent copy & paste and block uploads.  I don’t have any of these applied, but if I worked for an organisation that required it, then that’s something I’d have to accept on my work mobile.

Application management

This enables the administrator to push, enforce or block applications.  For example, a user might have a private browser that lets them visit any web site and a secure work browser which includes a web proxy, protecting them from known bad sites.  A way to visualise this is that with a private browser, entering “What’s my IP?” would return your local IP address, whereas with a work browser, it would return an address belonging to your corporate network.

Access restrictions

This addresses the issues of high data consumption and time-wasting.  An administrator might need to apply a policy preventing use of work mobiles to stream (say) Netflix during working hours or even at all times.  The objectives could be to avoid charges for excessive data use, whilst discouraging employees from watching movies when they perhaps ought to be working.

Containerisation

Keeping personal and work data completely separate guards against data leakage.  For example, this ensures that a user’s private apps, which they may wish to allow access to their private contacts, cannot access the company directory.  Again, separate badges for work and private apps, like email, browser and file transfer, help to separate work and private activity.

Getting started

If you’re thinking that this all looks pretty useful, but perhaps a bit complex, then what next?  MDM service providers like us realise that not everyone is ready to commit from day 1, so typically offer a 30-day trial or proof of concept for up to (say) 50 users.  This is free of charge, with setup and rental charges waived.  You won’t get all the bells and whistles I’ve described above in a trial, but sufficient to help you to decide whether MDM – in our case Airwatch - is for you.  If you’d like to find out more, perhaps starting with a demo from our pre-sales team then you can get in touch here.