Mobility

Mobile device support: What you need to know

The explosion of mobile device usage in business has led to some tricky and unexpected support challenges. Brien Posey lists some of the concerns IT pros should be aware of.

Mobile devices have been around in one form or another for many years, but only recently have they gained mainstream acceptance in enterprise environments. For IT pros, it's important to understand the unique challenges associated with managing these devices. In this article, I will give you 10 things to think about.

Note: This article was originally published in TechRepublic's 10 Things blog. It is also available as a PDF download.

1: Remember the importance of device consistency

It is usually impossible to issue each user exactly the same type of mobile device. Even if every user starts off with the same device, manufacturers phase out device models quickly and you may find that the devices that you initially purchased are no longer available when you need to buy a few more.

In spite of this, you should try to limit the number of models used in your organization. The greater the variety of devices being used, the more difficult it will be for your helpdesk to provide adequate support for the devices.

2: Use fully provisionable devices

Microsoft offers a few server products (Exchange Server 2007, Exchange Server 2010, and System Center Mobile Device Manager) that can apply various security policies to mobile devices. But because there's no universal standard for mobile devices, those server products can manage only certain mobile operating systems. Since only fully provisionable devices can be completely managed, I recommend that you stick to using just those devices.

3: Make sure that users are aware of mobile device policies

There is a lot of potential for abuse when it comes to mobile devices. For instance, I recently heard of a woman using her company-issued mobile device to call her sister in Korea. I can only imagine the resulting phone bill. Unless you want to risk astronomical wireless bills, you must create an acceptable use policy for company issued mobile devices.

4: Take security seriously

Since mobile devices were first introduced, many IT professionals have ignored mobile device security issues. In a way, I can see why. Until recently, mobile devices lacked the software and the processing power to be much of a threat. Today though, mobile devices can run a rich set of applications and can store several gigabytes of data internally. As a result, it is essential that you take mobile device security seriously.

5: Decide whether to allow personal devices

If it hasn't happened already, it's only a matter of time before an employee asks you to set up his or her iPhone to receive corporate email. Make sure you create a policy regarding whether you will allow personal mobile devices to interact with corporate resources. My advice is that you should only allow the use of company issued devices, because your organization lacks the authority to properly secure and regulate devices it doesn't own.

6: Decide up front what to do about roaming

Last week, I took some much needed time off and went to Europe on vacation. Before I got on the plane, I shut off the radios on my Windows Mobile device. I didn't really give the device a second thought until several days later, when I saw someone walking around using a device that was exactly like mine. It occurred to me that had I forgotten to turn off the radios on my device, I could have been accruing some hefty data charges even though I wasn't actually using it.

This situation illustrates why it is so important to decide whether to allow users to send and receive data while roaming. Some users' job functions may be critical enough to warrant data usage regardless of whether they are roaming. But for other users, it may be better to prevent data usage while roaming. In either case though, roaming charges are not something you should leave to chance.

7: Plan to deal with lost devices

Many organizations forget to plan for how to deal with lost or stolen devices. Granted, Exchange Server and System Center Mobile Device Manager both have a built-in self-destruct sequence you can use to remotely wipe a lost or stolen device and return it to its factory defaults. But that's not what I'm talking about.

I once worked for an organization in which certain key staff members were issued cell phones. One woman was constantly losing hers. I'm honestly not sure how many phones she went through, but I would conservatively estimate that she went through at least eight phones over the course of a year. I like to think that this woman was just forgetful, but she could have been selling the phones on eBay for all I know. Obviously, this type of irresponsibility can become expensive. It probably isn't a big deal if an employee loses a mobile device, but you need to have a policy in place to prevent reoccurring loss.

8: Stay on top of malware threats

Historically, malware hasn't been a major issue for mobile devices. In recent months, though, incidents of malware have been reported on several mobile platforms. Make sure you look into the anti-malware solutions that are available for your chosen mobile platform. Malware may not be a major threat today, but it will probably be of major concern a year from now.

9: Periodically measure the impact of mobile devices on your network

Because mobile devices don't physically connect to your network, it can be easy to forget that they do consume bandwidth and other network resources. As more and more users begin to use mobile devices, it becomes increasingly important to periodically check to see how much impact the mobile devices are having on your Internet bandwidth and on network server resources.

10: Make sure that the IT staff is trained for mobile device support

I once worked for an organization whose helpdesk staffers were simply thrown to the wolves. The management team would buy new hardware and software without even telling the helpdesk about it, much less train them on how to use it. The helpdesk staff usually wouldn't even know that a piece of hardware had been purchased until they were asked to fix it. Not surprisingly, this approach to IT management ultimately proved to be disastrous. Most of the helpdesk staff quit, and the entire management team was eventually fired.

Anyone with a lick of common sense knows that this is no way to run an organization, yet this is exactly the approach I sometimes see organizations taking with mobile devices. Mobile devices have become so commonplace that IT managers may assume that the helpdesk staff knows how to support them. This is a dangerous assumption. You must ensure that the helpdesk employees are properly trained for mobile device support just as they would be trained to support anything else.

About

Brien Posey is a seven-time Microsoft MVP. He has written thousands of articles and written or contributed to dozens of books on a variety of IT subjects.

2 comments
Q17
Q17

Well if it hasn't happened already, it will definitely come: users will want to use their own Iphone/droid/ipad/whatever. And correct: we can't secure and regulate them the way we would like to. Although I think mobile devices can't be secured the way we security people would like to anyway... So what can we do? I think we mustn't depend on the (lack of) security of those devices. It's a lost battle. Device independent secure access, with an acceptable residual risk, and no corporate information on the device.

OurITLady
OurITLady

I actually thought that was the way IT departments worked, buy and rollout the equipment/software and worry about whether the staff can support it later. After all we're IT people, don't we just instinctively know how these things work? The majority of companies I've worked for over the last 15 years have done exactly that, the IT staff were obviously supposed to figure it out without training, although to be fair so were most of the end users the stuff got sent to..........

Editor's Picks