Only a decade ago technology chained us to our desks. If you wanted to do some serious work then you needed to physically sit at your workspace, saving your Word Doc onto your Dr Who USB to take a report home and work on it later. The process was cumbersome at best, and if you forgot to properly save that Word Doc, well, the consequences could be catastrophic.
That was then. Now a mere ten years later, we mightn’t be chained to the desk, but for better or for worse, the whole world has become a potential office, (some would argue creating an entirely new type of chain). Cloud technology and mobile technology has evolved to the stage where we can exchange and store data with no more thought than blinking. And that work is no longer done merely on the PC. In fact in 2015 Wired projected that smartphones were getting so sophisticated, that by 2017 they predicted that our only computer would be a smartphone.
Evidence would suggest that isn’t the case yet, but the numbers support that more and more of us are working on an array of mobile devices. Late last year Gartner found that while mobile adoption hasn’t yet hit maturity, 80% of workers use a mobile device in the workplace.
As mobile technology becomes more pervasive, more sophisticated and a more attractive proposition for businesses, it is vital that guidelines are established to make sure the technology is being used in a compliant, secure and safe manner. Organisations need to be proactive to these changes by adopting a mobile device management strategy.
What is a mobile device management strategy (MDMS)?
Simply put, an MDMS is a set of guidelines that anticipate and make provision for potential problems that arise from using mobile technology. In 2013, the CIO Council released the Mobile Computing Decision Framework. It suggests creating a guideline by firstly examining:
- How will mobile technology support the organisation’s mission?
- What platforms will be supported?
- What technologies will be used to support mobile devices?
- Who will manage the solution?
The framework explains that these four questions will allow stakeholders to ensure that all bases are covered: that users are clear as to their responsibilities and the course of action in case of a breach or attack. Depending on requirements, businesses could elect to have a Bring Your Own Device (BYOD) Policy, a corporate mobile policy, or a combination of both.
Considerations for a BYOD mobile device management strategy
More business and their employees are opting to have a BYOD workplace. While there are many benefits to team members electing to use their own devices — higher productivity, lower technology investments for a company — it’s redundant if this policy is at odds with the organisation’s overall mission and values, no different to creating a HR policy or a business objective.
Organisations need to be very clear to their employees about the guidelines for using their devices.
InformationWeek suggests that the BYOD protocol for IT should incorporate:
Eligibility for use
A BYOD policy might not even be applicable for companies who have very stringent security and privacy needs. Alternatively it may be only appropriate for certain stakeholders, so restrictions need to be clarified and applied. IT Weekly suggests that usage should be tiered by need:
‘For example, employees eligible for company-owned devices might get a choice of BlackBerry or iPhone devices running a full suite of business apps and intranet access, while employees in the BYOD tier can use approved iPhone and Android devices but might get access only to email, a VPN-enabled browser, and virtualised applications ‘
Outline acceptable and unacceptable behaviour
Be specific with the sites that are unsafe, insecure or inappropriate for work, such as gaming sites or dating sites. Address how employees are allowed to access appropriate information (eg via app or a VPN network), as well as outlining the risks of unsafe behaviour and the IT plays in addressing those risks can be reduced with education and training.
Put in a rollout timeline
So that you can better manage the risks and to make sure that the devices are secure and compliant, IT Portal suggests that IT needs to examine:
- Are the devices enterprise compatible?
- What are the user needs? (eg will it need to be connected to a printer/network/specific rooms)
- Will the solution scale? (the user device might need a great battery, if they’re on the road a lot, which might outweigh other considerations. If the individual device doesn’t suit this need, then an alternative solution may have to be reached).
- How easily does it integrate with other online functions?
Weighing up capability versus security
In some instances the answers to these questions may mean that a BYOD policy isn’t suitable for a business (especially those with sensitive data considerations). This may mean that the IT department might need to consider whether they implement a corporate mobile policy where they choose the devices that their team members have. A lot of the guidelines still apply, but the strategy need to incorporate usability versus security and compliance when making their investment decision. IT Weekly suggests that the solution needs to be far-sighted and take into account:
- How the device would work with the wider company systems?
- Who will be using it?
- What are their user needs?
- How tech savvy are they?
- What problems could arise as a result of this technology and what ongoing support/training might be needed?
A mobile device management strategy is a living thing
Just because you’ve created an MDMS, it doesn’t necessarily mean that it’s finished. The way the workplace and mobile technology is changing, means that you need to set aside regular time to review it and update it — What worked a few years ago may not be a feasible solution now. Technology is always going to present new challenges, new threats, new headaches, but for those who remain proactive it also presents a wealth of opportunities. If you would like to know more about how your workplace could make the most of mobile technology, then consider attending CeBIT Australia’s 2017 Enterprise Mobility Conference. Get your tickets today.