MDM: Quick fix or IT security redesign?
Date: Jun 26, 2013
Guest article: Computing Security magazine
Editor: Brian Wall.
Mobile Device Management (MDM) addresses the unique needs of a growing computing platform – mobile devices – while providing THE REQUISITE configuration, self-service tools and enhanced protection. But that isn’t the whole story…
BYOD and its twin MDM – Mobile Device Management – are difficult issues for large organisations. They can present all sorts of problems, while at the same time delivering a whole raft of benefits. So what’s the best means of ensuring more of the latter and less of the former?
“There are clearly corporate cost savings with employees using their own mobile devices (smart phones and tablets) at work, but these savings may be more than outweighed by the additional ‘hidden’ security and management costs, and the increased risk profile of the organisation,” states Pete Sherwood, MD Infosec Cloud. “Debatable cost savings aside, the growing demand to use personal mobile devices at work is quickly being adopted as an employee ‘right’ and, from the employer’s perspective, means the user is always ‘on’. However, some employees are starting to push back. Using MDM to manage and secure personal devices means that organisations are able to control and, where necessary, remotely disable and wipe these devices.”
So, is MDM an area where organisations should be investing in strategic solutions or are reactive add-ons all that are required in the short term, while the BYOD trend and MDM market stabilises? “There are a myriad of unanswered questions,” says Sherwood. “Will personal/business partitioned devices be the answer? Should MDM be designed into the devices by the device manufacturers? Should the organisation subsidise the cost of these devices? Will employees lose interest in merging their private and professional lives…?
OPTIONS OPEN “We’re seeing many organisations adopting MDM tactically as a stop gap,” he continues. “In this way, they can ensure employee devices immediately comply with corporate security policies and participate on the network as a managed client, but they can keep their more strategic options open.”
The other side of the issue is employees wanting to freely operate their devices for their own use, outside the corporate network, and be confident that the ‘big brother’ organisation cannot access their personal information and/or usage patterns. “We may yet see this come full circle, with employees demanding organisations provide mobile devices for work use. It appears that many organisations are still struggling with wider policy issues, which must be resolved before adopting enterprise-wide MDM technologies. This may be why organisations are tending to adopt a reactive add-on approach, while continuing to monitor the MDM market and the specific requirements in their organisation. However, this ‘thumb in the dyke’ fix has a limited life, and organisations will need to address the policy and technology issues around BYOD and MDM, and be ready to adopt a strategic solution – sooner, rather than later.”
To read the full article go to: Computing Security magazine