Mobile Device Management for Small Business
Getting a Handle on Security
We've examined mobile device security on smartphones before. But in addition to dealing with straightforward tasks such as mobile data backup and synchronization, your policies should address more-advanced matters: shutting off and remotely wiping all data and applications on a lost or stolen mobile device, wiping apps and data on a mobile device after too many bad password attempts, data encryption, antivirus protection, and virtual private network (VPN) support, among others.
Lost or stolen phones and tablets can pose huge problems, including exposure of business contacts, sensitive email messages, corporate plans, and financial data. A policy that anticipates this eventuality and builds in safeguards (such as requiring strong device passwords, automatic shut-off, and support for remote data and app wiping) can keep your business data safe.
Most carrier partners can remotely erase data from a mobile device when necessary. Of course, employees must notify you promptly of a lost or stolen device so that you can start taking appropriate measures as soon as possible.
For a tighter hold on data in the event that a device goes missing, several new Android phones--including the Motorola Photon 4G and the Motorola XPRT from Sprint--offer AES encryption natively on the phone and on the accompanying SD Card, for data-at-rest security. These Motorola phones also support remote data wipe via Microsoft's ActiveSync.
Rooted Android or jail-broken iPhone mobile devices are another security issue. Such modified mobile devices no longer conform to their manufacturers' specifications and may damage your business network if given access to it. The safest policy is to detect modified devices and remove them promptly.
If you allow personal phones and tablets on your network, you should require that certain approved software be loaded on those devices before they can connect. Relevant items include a data-wipe app, an app that monitors what other apps may be doing (like McAfee's free App Alert for Android, which is currently in beta), antivirus software, and a properly configured VPN.
More-advanced policies take into account mobile app security that may be based on reputation, whitelist, or blacklist. Reputation considers certain attributes of an app and gives it a thumbs up or down for use. Whitelisting permits only apps specifically approved for use. Blacklisting blocks specifically forbidden apps.
In the future, advanced security policies will consider location and environment. If you want certain phones to work only in the warehouse, say, you’ll be able to specify that limitation in your policy. When the phone is anywhere else, it will stop working. Of course such advanced policies require supporting apps, like those from Good Technology and Fiberlink’s MaaS360.
Coming Soon: Management in the Cloud
Mobile devices for business are a dynamically changing market. Eventually, many companies will manage their tablets and phones in the cloud. Though a few cloud solutions are available now, more are on the way.
The entirely cloud-based BlackBerry Management Center focuses on mobile devices for the low-end and small-business market. Though this service is for BlackBerrys only, RIM is developing an as-yet-unnamed cloud service that will also work with Android and Apple phones and tablets.
Good Technologies, MaaS360 by Fiberlink, McAfee, Virtela, and a number of other companies either have or will soon have cloud-based mobile management systems out.
The biggest advantage of cloud-based mobile-management services is that you can get started with them right away. You don’t worry about buying or setting up new IT and mobile device infrastructure, maintaining that infrastructure, or even committing long-term to a specific vendor. Plus, you’ll be able to monitor and manage your mobile infrastructure from anywhere.
The disadvantages are that you’ll be forced to rely on your chosen vendor’s capabilities, and you won’t be able to customize and tweak the service if you have a specific niche or requirement. Still, cloud-based services continue to improve and expand their capabilities rapidly, making them a great fit for anyone trying to keep tabs on a fleet of mobile devices. Scout around, and you’re likely to find a cloud-based company that will solve all of your mobile-management problems--including some problems you may not have even realized you had.