Managing and securing Mobile Devices
Mobile devices such as smart phones, IPADs \ IPODS and just PDA’s in general have been with us for some time. Now though we are seeing these devices have really started to take off in the corporate world as well.
Blackberries have done a great job for corporate users enabling them with instant access at all times to their email, contacts, tasks and calendar events. However other mobile devices have really caught up. We now have the ability with any modern smart phone to be able to use it as a true endpoint device as well as sync with our Exchange server. Employees have now started to make use of these benefits and so we are seeing all sorts of mobile devices connected to the corporate network.
The problem is these devices just like laptops and computers need to be managed and secured. Criminals are attacking mobile operating systems in the same way they have attacked laptops and desktops. Due to the physical size of mobile devices they are easily lost and stolen, and now hold our corporate information on them.
Active Sync which is a mobile data synchronisation technology and protocol for Microsoft Exchange does actually provide you with a limited mobile management capability set, such as enabling and usage of complex password requirements and remotely wiping the device clean if lost or stolen.
However there are some key features missing from Active Sync. Firstly it only supports a limited number of devices, it is only able to wipe the full device, no self provisioning of end user’s, it is not granular within the configuration settings, as well as many more reasons to why you wouldn’t class this as a true management platform for mobile devices. Also who wants to be managing mobile devices from their Exchange Server, its better to leave MS Exchange to manage what it has historically always done, and hand over mobile device management to a separate management platform. However if the basic is all you need then it is at least a step ion the right direction.
Vendors such as Mcafee and Mobile Iron have dedicated solutions in this area. Both products are designed for both small and enterprise market and have complete management capabilities and support a broad range of mobile devices, such as Apple, Andriods, WIndows mobile phones. Mcafee in particular have a very exciting roadmap with further enhancements going forward as well.
A good example of a dedicated solution such as the two above have the ability to wipe full or parts of the device. For example if an employee leaves the company you may want to only wipe the corporate stuff such as email and calendar events from the mobile device. However if a mobile device has been stolen then you may want to wipe the full devices. Another example is compliance checks. If the device is not in compliant with it's policy then it should not be allowed to access the network, for example if the phone has been jailbroken. One more example is the ability to setup wireless access points from the management console itself, so phones can access corporate wireless points.
Here a number of Mobile Device Management solutions.
For further reading, there's some excellent electronic ebooks available for download from eBooks.com