By Su Kent
Everyone assumes a different mindset when it comes to their phones, compared with computers. This is because we tend to treat our mobile devices as personal possessions, causing us to handle them in a fairly relaxed manner. For corporately owned devices, this kind of behavior can, inadvertently, lead to security breaches and can even have implications in terms of licensing and costs. Therefore enterprises are responsible for ensuring that user policies for our beloved mobiles are enforced if they want to protect sensitive data, and avoid unplanned expenses. What companies need is an Enterprise Mobility Management (EMM) solution.
Who Owns What?
It’s mine! Actually, it’s not. If it’s a corporate device that’s been personally enabled (COPE) then the phone really belongs to the company. If it’s a bring-your-own device (BYOD) yes, technically the device belongs to the employee but the corporate data that they access with it most definitely doesn’t.
Whether our smartphones and tablets are owned by the company we work for or privately, we treat them in much the same way. We load them up with the applications (apps) and games we want, take photos, listen to music and much more. Let’s say an employee has a COPE device and their company offers no form of EMM functionality. Chances are, they will personalize the phone to suit them, choose a wallpaper, download some work apps, some for entertainment, and use the device for both personal and company emails—often mixing them within the same app.
Unfortunately, employees rarely give a moment’s consideration as to whether their behavior could be harmful—either through granting downloaded apps access to photos and contacts or that an app could even contain malware). Emails could even leak sensitive information or an app could be downloaded which requires a company license.
In a BYOD situation, employees tend to feel justified in downloading exactly what they want. For example, they may choose to use an app such as Truecaller, which identifies incoming calls and messages automatically. But, in return for being free, this app uploads all the user’s contact information to Truecaller’s worldwide database. If Dropbox is used to share files with colleagues, the company may need a corporate license to do so. Equally, Adobe offers two apps free for personal use, but they wouldn’t be licensed for accessing company documents.
Sticking to Company Policy
More organizations are beginning to introduce policies on employee use of data and devices, even dedicating specific sections of the company handbook to such guidelines. Just as technology advances, policies need to keep up. Existing corporate guidelines tend to focus on the cost of making phone calls, and devices tend to be limited to laptops and PCs. In some cases, guidelines are informally known, based on current best practices, but not documented. Whatever the situation, chances are businesses aren’t covered as vendors evolve their licensing practices.
Employees often treat policy documents as typical corporate waffle—not necessarily recognizing that failure to adhere could put the company at risk in terms of compliance, security, and cost. So it is important for organizations to put a policy in place that covers mobile devices in a way that is as robust as the policies governing the use of computers, hardware, and software. A mobile device has much the same computing functionality and can expose organizations to many of the same risks that a laptop or PC would.
Consider what might happen if the device is lost, stolen or damaged. Is it the company’s responsibility to ensure that two-factor protection has been enforced? And what about the return of company property when an employee leaves? Is the return of mobile devices covered in the company property section of the business’ handbook?
Enterprise policies need to ensure that organizations are covered for mobile devices and passwords. Consider the scenario when an employee with a COPE device resigns and leaves. The device in question happens to be an iPhone, on which a personal Apple ID was used to gain access to download apps and the iCloud. Unless the employee removes that Apple ID when they return the phone, overnight it will become a pretty useless paperweight. It can’t be reallocated to another user until the iCloud access is removed. Even a factory reset will still require the user’s password.
Governing the Estate
Enterprise mobility solutions can alleviate all of the above scenarios, and enforce company policies whether your devices are COPE, BYOD, or a mixture of both. By providing full visibility of each device’s app usage in an organization, EMM solutions can bring security features, support handling, facilitate role-based app distribution, and control access to internal documents and data for the enterprise mobile fleet.
With a suitable EMM solution, companies can put in place a corporate store which only includes approved whitelisted apps for download. The corporate-store approach removes licensing issues by default as it will only feature paid and licensed where necessary for corporate use apps. If an unlisted app is required the administrator (or licensing committee) can consider making it available in the corporate store once it’s been vetted, tested, approved, and licensed for use.
With EMM, users get the apps and devices they need, administrators can maintain visibility over the mobile estate, downloaded apps, and data usage. In addition, service desk operators have the information they need to resolve first line support issues. In all, the company benefits through cost and time savings given that IT assets are secure and license compliant. SW
Su Kent is a product marketing manager for Snow Software. Su Kent is a highly-experienced, organized, and commercially aware international B2B marketing communications professional that offers well-developed skills in taking complex technologies of enterprise IT and translating the business drivers and benefits to target audiences.
Aug2016, Software Magazine