Jack Wallen asks Ben Loetz, Advanced Solutions Architect for Verizon Wireless, how SMBs can get the most out of Mobile Device Management (MDM).
Mobile Device Management (MDM) solutions are continuing to advance and provide more features and value to customers. As a result, the MDM marketplace is growing very competitive and driving the innovation necessary to help industries comply with evolving rules, regulations, and other liabilities.
I had the pleasure of chatting with Ben Loetz, Advanced Solutions Architect for Verizon Wireless, about MDM and how businesses interested in diving into that realm can get the most out of managing company mobile devices and security.
If a small business is considering managing employee Android smartphones, what are their options if they need a) serious control over the devices and/or b) moderate control over the devices.
"For clients requiring serious control over their employees' devices, I often recommend one of these three MDM solutions: AirWatch Mobile Device Management, Good, or MaaS360. Clients can also encrypt and 'sandbox' data to protect it (see below for more information).
"For a moderate level of control, clients can use their Microsoft Exchange mail server to require employees to have a password to access email and other features of their devices. They can also enable corporate management to remotely lock and wipe employees' devices."
What is the biggest challenge you find with managing Android devices on a large scale?
"We often are called upon by customers to provide guidance to help them:
- Decide what their corporate policies should be for employees' mobile devices
- Implement those policies
- Determine the right mix of moderate and serious tools to carry out the policies
"To come up with the right policy and tools, customers need to understand what type of data will possibly go through and/or be stored on their mobile devices (such as proprietary business data, customer identifying information, credit card information, etc.) and what the company must do by law (HIPPA , PCI, etc.) for competitive security and as a matter of corporate customer and HR policy to protect that data."
Are there particular Android devices that are more challenging for companies to manage? If so, which ones?
"Devices that have been out for a while and that run older versions of the Android operating system may not have the latest updates to enable appropriate levels of device management."
If you could give a company any one piece of advice about managing numerous Android devices, what would that be?
"We recommend, as a best practice, that an organization's corporate MDM policy has an executive suite-level sponsor, and that it be deployed from there. If the executives find ways around the policies, their employees will follow suit."
What is the future of Android device management? How do you see it playing out for both mid- to large-scale companies?
"What most of us think of today when it comes to MDM is password protection, remote locking, and wiping of devices. But we also need to be looking at Mobile Application Management (MAM) and setting policies for what applications will be permitted on or pushed to devices (so the user doesn't have to hunt for them). Also, companies need to think about regularly updating blacklist applications that they do not want on their employees' devices. For example, Dropbox allows users to store data — but businesses cannot access or control that information, even though they may still be held liable.
"In addition, companies need to consider Mobile Content Management (MCM) — that is, managing or preventing certain content from being transported through the device. Again, businesses may be liable if their customers' credit card or other personally identifying information is not adequately protected.
"Examples of solutions we recommend to encrypt sensitive data on mobile devices or their memory cards include:
"I recommend that clients seeking serious control use solutions to encrypt sensitive data stored on a device and to 'sandbox' it, or put it in a secure place on the device where the data can't be copied and pasted or seen by other applications (AirWatch and Good both provide these tools)."
Is MDM a part of your company's future plans? What, if any, aspect of MDM confounds you? Share your thoughts in the discussion thread below.