The growth of mobile computing has made networks more complicated. Keeping a network well-run and secure requires paying attention not just to workstations and servers, but to mobile devices. They present more of a challenge because they come and go. They operate through public networks, not just behind the firewall. In a lot of cases, they belong to the user, not the company. For all these reasons, Mobile Device Management (MDM) is essential to network management.
The importance of mobile devices
Smartphones and tablets form a huge part of Internet use. About half the browsing on the Net comes from mobile devices, and the amount of usage is growing by 30% a year. People take the devices with them wherever they go, keeping up with their work when they aren’t at their desks. Many businesses are discovering the advantages of allowing people’s own mobile phones onto their company networks.
This practice is called BYOD (bring your own device). It saves the cost of getting employees another phone, which they’d probably grumble about carrying anyway. They’re familiar with how their own phones work. However, letting outside devices on a network needs to be handled carefully. Done wrong, it can open up serious security risks.
Users will have to accept some restrictions on the devices they use for work purposes. When they’re on the company network, they have to abide by the rules for everyone’s safety.
Keeping the mobile network secure
This is where Mobile Device Management comes in. It makes sure that smartphones access the network only in a controlled way. Network administrators can track how the devices are being used and act quickly if there are problems. It covers a range of issues:
- Identity. The management software tracks what devices are using the network and allows access only by known, authorized ones.
- Application control. Letting user devices run applications without restriction is risky. Most management systems will block apps to some extent; some will allow only a whitelisted set. “Jailbroken” devices that intentionally bypass built-in security shouldn’t be allowed.
- Password control. All devices with network access should be required to have strong passwords or PINs and to erase themselves after some number of consecutive failed guesses.
- Network access. BYOD devices shouldn’t have wide-open access to the network, but only enough access to let employees do their work.
- Security software. Each device should be required to maintain up-to-date software to guard against malware infections.
- Encryption. A lost device can mean a data link. Requiring all mobile devices to encrypt their storage will make it harder to steal data.
- Remote wiping. Another way to guard against physical theft is to let the MDM remotely erase any devices that are reported lost or stolen.
In today’s new workplace, employees are being asked to work at home more and more. Support this remote workforce is key for any organization.
Understanding the risks
Mobile devices are a favorite jumping-off point for criminals looking to break into networks. They try to trick people into downloading malicious applications. Sometimes they even get them into app stores. Google recently had to take sixty applications off its Play Store because they contained code designed to breach security. The software got at least three million downloads.
Malware that gets onto a smartphone may attack other devices on the network, including servers and desktop computers. It may disseminate ransomware, which will encrypt important data and demand a payment to get it back.
The benefits of managed devices
A mobile-friendly policy gives employees the flexibility of having network access from anywhere. Mobile Device Management makes sure that they get these benefits without undue security risks. A single management console lets system managers review device status, grant or revoke access, and set up required software.