How do you relate to your mobile? Many people seem to adopt a different mindset when it comes to their phones, compared with their computers.
We tend to treat our mobiles as personal possessions, and so handle them in a fairly relaxed manner. For devices that are corporately owned, this kind of behavior can, unwittingly, lead to breaches in security and may have implications in terms of licensing and costs.
It’s up to the enterprise to ensure that user policies for our beloved mobiles are enforced if they want to protect sensitive data, and avoid unplanned expenses. What companies need is an Enterprise Mobility Management (EMM) solution.
Who owns what?
It’s mine! Well no, it’s not. If it’s a corporate device that’s been personally enabled (COPE) then the phone actually belongs to the company. If it’s a bring-your-own device (BYOD) yes, technically the device belongs to the employee but the corporate data that they access with it most definitely isn’t.
Whether our smartphones and tablets are owned by the company we work for or privately, we treat them in much the same way. We load them up with the apps and games we want, take photos, listen to music and much more. Let’s say an employee has a COPE device and their company offers no form of EMM functionality. Chances are, they will personalise the phone to suit them, choose a wallpaper, download some work apps, some for entertainment, and use the device for both personal and company e-mails – often mixing them within the same app.
Unfortunately, employees rarely give a moment’s consideration as to whether their behavior could be harmful (either through granting downloaded apps access to photos and contacts or that an app could even contain malware). E-mails could even leak sensitive information or an app could be downloaded which requires a company license.
In a BYOD situation, employees tend to feel pretty justified in downloading exactly what they want. For example, they may choose to use an app such as Truecaller, which identifies incoming calls and messages automatically. But, in return for being free, this app uploads all the user’s contact information to Truecaller’s worldwide database. If Dropbox is used to share files with colleagues, the company may need a corporate license to do so. Equally, Adobe offers two apps free for personal use, but they wouldn’t be licensed for accessing company documents.
Adhering to company policy
Many organisations have introduced policies on employee use of data and devices – contributing specific sections of the company handbook to such guidelines. Just as technology advances, policies need to keep up. Existing corporate guidelines tend to focus on the cost of making phone calls, and devices tend to be limited to laptops and PCs. In some cases, guidelines are informally known, based on current best practices, but not documented. Whatever the situation, chances are businesses aren’t covered as vendors evolve their licensing practices.
Often, employees treat policy documents as typical corporate waffle – not necessarily recognizing that failure to adhere could put the company at risk in terms of compliance, security and cost. So it is important for organisations to put a policy in place that covers mobile devices in a way that is as robust as the policies governing the use of computers, hardware and software. A mobile device has much the same computing functionality and can expose organisations to many of the same risks that a laptop or PC would.
Consider what might happen if the device is lost, stolen or damaged? Is it the company’s responsibility to ensure that two-factor protection has been enforced? And what about the return of company property when an employee leaves? Is the return of mobile devices covered in the company property section of the business’ handbook?
Enterprise policies need to ensure that organisations are covered for mobile devices and passwords. Consider the scenario when an employee with a COPE device resigns and leaves. The device in question happens to be an iPhone, on which a personal Apple ID was used to gain access to download apps and the iCloud. Unless the employee removes that Apple ID when they return the phone, overnight it will become a pretty useless paperweight. It can’t be reallocated to another user until the iCloud access is removed. Even a factory reset will still require the user’s password.
Controlling the mobile estate
Enterprise mobility solutions can alleviate all of the above scenarios, and enforce company policies whether your devices are COPE, BYOD, or a mixture of both. By providing full visibility of each device’s app usage in an organisation, EMM solutions can bring security features, support handling, facilitate role-based app distribution, and control access to internal documents and data for the enterprise mobile fleet.
With a suitable EMM solution, companies can put in place a corporate store which only includes approved (whitelisted) apps for download. The corporate-store approach removes licensing issues by default as it will only feature paid and licensed (where necessary for corporate use) apps. If an unlisted app is required the administrator (or licensing committee) can consider making it available in the corporate store once it’s been vetted, tested, approved and licensed for use. With EMM, users get the apps and devices they need, administrators can maintain visibility over the mobile estate, downloaded apps and data usage. In addition, service desk operators have the information they need to resolve first line support issues. In all, the company benefits through cost and time savings given that IT assets are secure and license compliant.
Su Kent, Product Marketing Manager