What exactly is Mobile Device Management (MDM)?
In many organizations, employees have mobile devices that they use to do their jobs. Those mobile devices can be tablets, smartphones, or other devices. To be able to manage these devices, organizations often will use “Mobile Device Management” or MDM.
This management can be very important if putting sensitive company information on the staff member’s device. Mobile Device Management allows us to keep track of where all these systems might be, how data is on the system and allows us to manage almost all aspects of those mobile devices.
Application Management
One aspect of mobile device management is making sure that you can manage what applications are on these mobile devices. Since some apps can be malicious in nature (Stealing banking info or password etc.), being able to manage what applications are allowed to be installed is a smart idea. You can allow only certain applications or block specific ones.
Lost or Stolen Device – Remote Wipe
Unfortunately, these mobile devices can sometimes go missing. Since these devices can very easily get lost or stolen, we can use MDM to delete everything on that mobile device, even though we don’t have physical access to the device. We can do that through a remote wipe functionality. Though we may not know exactly where that device happens to be as long as it is connected to a cellular network or Wi-Fi, it will receive those notices that we want to connect and delete all the company data.
Device Passcode Policies
Everyone should have a screen lock configured on their mobile device. Through MDM we can enforce screen locking and can ensure that a passcode or PIN is required to access the device. If someone steals the phone and tries to guess the passcode, we could have a policy in place that after ten failed attempts the device is automatically wiped. Or perhaps after the tenth attempt, we permanently lock the device until the administrator remotely unlocks the device.
Data Management – Encryption and Data Loss Prevention
You’ll want to manage how the data is stored on these mobile devices, especially if that data happens to contain sensitive information. We can also ensure that all the data that’s being stored on that device is stored in encrypted form. That way if someone does gain access to this device or the storage of this device, they would not be able to retrieve and view company information. We can also prevent data loss on mobile devices. This would prevent someone from sending sensitive information such as health records, credit card information, or other personally identifiable details to someone else outside of this mobile device.
Geolocation
If we wanted to locate the phone, we could use MDM to get the phone’s geolocation. This can be great if you lose your device because you can get an accurate map that shows you exactly where the device is physically located in the world. This can also be a privacy concern since it effectively would show where you happen to be as well. This is optional however makes it much easier to track down a missing device.
Geofencing
Some MDM platforms use that geolocation information to enable geofencing. This allows the mobile device to enable or disable certain features, depending on the location of where that device is at any particular moment. For example, you might have your MDM configured to disable the camera when you’re inside of the office but re-enable the camera once you leave the office. Or you could use geofencing as part of your authentication. This way when someone is logging into the network, you can check to see where this device is physically located. And if they happen to be in or around the building, you can allow that authentication to continue. If you check the authentication and the user’s authenticating from a different country, then you might want to automatically deny authentication from occurring.
Conclusion
With our ever-increasing dependence on our mobile devices, it only makes sense to manage those with sensitive company information on them. Hopefully, this article gave you some insight into managing your company’s mobile devices and more importantly whether you should be considering it.