Employees are placing a spanner in the works for companies implementing enterprise mobile device management (MDM) solutions to manage IT security risks, specifically in a bring your own device environment. They haven’t bought into the idea of enterprise mobility management solutions and are reluctant to install them. The result: mobile management solutions just aren’t working for businesses.
“We have seen a marked increase in the adoption of mobility management solutions by companies because they are recognising mobiles’ risks to IT security, and because MDM is becoming an auditing compliance check that companies need to adhere to. However, the trend has not yet filtered down to end users. This lack of awareness and reluctance is thwarting companies’ efforts to protect company data on mobile devices,” says Michael Morton, Mobile Security Specialist at managed IT security services company, Securicom.
He says companies need to have a defined MDM policy in place, especially those which allow the use of personal devices for work purposes. The policy must formally define the parameters around the usage of mobile devices for work and stipulate the security requirements for each type of mobile device that is connected to the corporate network. This could include, amongst other things, the way that passwords are configured, prohibit specific types of applications from being installed on the device, and the encryption of data stored on devices. With a sound policy in place, security parameters are defined and can be enforced with a robust mobility management solution.
Securicom’s Enterprise Mobility Management (EMM) platform for instance enables the provision and management of devices throughout their life cycle. Security policies can be set in a few simple steps, and users can also easily and quickly self-enrol. Securicom EMM caters for both corporate owned policies and BYOD scenarios which have traditionally been even trickier for companies to control and secure.
Employees’ concerns over privacy are not entirely unfounded because in the past, separating personal and work content on devices wasn’t that simple. With Securicom’s cloud-based Enterprise Mobility Management platform, there is clear separation of private and corporate data to ensure that organisations’ security requirements are met while affording end users their privacy.
“We regularly encounter deep employee reluctance to install enterprise mobility management solutions on their personal devices. The misconception is that these solutions are a risk to their device or their privacy. Ironically, the very same end users exercise very little caution when it comes to installing third party applications onto their devices which actually pose a far greater risk.
“We also find, through engagement with employees at our new mobile security customers, the perception that an antivirus tool serves as enough protection. But, as with laptops and computers, a mobile device is by no means protected merely with an antivirus tool installed. The threats that exist for computers and laptops, including spyware, are the very same for mobile devices. They are powerful miniature computing systems. A more comprehensive solution is needed to adequately protect the user and the data housed on the device,” says Morton.
For companies to achieve success with their mobility management implementations and get return on their investment in these tools, Morton says greater emphasis on end user education is imperative.
“As with any new technology implementation, end user training is important. Go back to the classroom and educate. Interactive demos and extensive class-like sessions are necessary to successfully implement an enterprise mobility management solution. You need their buy in and they need to understand how the tool works. When employees can see the benefits of using the tool and know how to use it, there will be greater buy-in and the implementation is more likely to be successful.”