With the growth in the number of applications, content and data being accessed through a variety of devices, mobile device management (MDM) has to extend beyond device management alone. As IT departments are now fully responsible for company-owned devices, organization must look to adopt policies and practices to prevent any compromise in security.
Most important, the report cites, is for organizations to include a system-centric functionality to secure and manage data and applications, as well as information-centric functionality such as the delivery of the enterprise application store or content library.
“Mobile devices are becoming an integral part of corporate networks and as employees are increasingly using their personal device to access cloud-based applications and services, identity management is paramount in ensuring that this access remains secure,” said Patrick Harding, CTO, Ping Identity. “By having the right identity management processes, enterprises can provide employees with secure and convenient access to cloud apps via single sign-on from mobile devices - whether BYOD or not. The CSA has taken important steps in identifying the key elements organizations need to consider before adopting a BYOD policy and we’re happy to see identity management recognized as a key piece.”
While every company will have a different tolerance for risk and will adopt mobile technology in different ways, there are several fundamental components of MDM that have to be considered and incorporated into policy and practice. With each component falling into one of three major categories: software and hardware, inventory and security, the report provides implementation best practices as well as potentials risks along with a ‘Must Have’ or ‘Optional” rating to help organizations better prioritize their security efforts.
Key components to MDM identified include:
- Risk Management
- Device Diversity/Degree of Freedom
- Configuration Management
- Software Distribution
- Enterprise AppStore
- Content Library
- Device Policy Compliance and Enforcement
- Enterprise Activation/Deactivation
- Enterprise Asset Disposition
- Process Automation
- User Activity Logging/Workplace Monitoring
- Security Settings
- Selective Wipe/Remote Wipe/Lock
- Identity Management/Authentication/Encryption.