Mobile device management (MDM) can be achieved with correct privilege user and identity management.
While major traction has occurred in the sector over the past 12 months, culminating in the acquisition of Dialogs by Sophos announced yesterday, identity and access management (IAM) software vendor Quest claims that MDM and bring your own device (BYOD) are aided by using desktop management and privilege settings.
Quest's Jon Rolls told SC Magazine that desktop management and established identity capabilities are enough for the roll-out of a BYOD policy and management of devices with user identity. He said: “We have grown up with three trends: Windows 7 migration; consumerisation where you have surrendered corporate control; and the problem of personally owned devices.
“There are solutions around but it is not just consumerisation, it is the applications themselves that are using different clients and web browsers and the company needs to do something about it. Being able to enable policies is where there are real benefits.
“This is a trust exercise. Every organisation has to draw the line of freedom on what, who, when and where. You put in a request for everyone with a device to have a toolset and change them over to the endpoint on privilege levels.
“You cannot control mobile devices, you can only control users and how accessible they are and this will only increase.”
Asked if Access Directory could be used, as suggested previously by other vendors, Rolls said authentication can be extended into any synchronisation, and next will be closed-authentication, but on-premise in the domain and in a cloud environment one can maintain identity and control.
“There is more trust with one set of credentials, it is more than one password, rights and access with identity. You can produce success without configuring individually,” he said.
He concluded by saying that privilege remains a big deal in the IAM space, and while creating and managing it in the security space is a challenge, there is a big focus on how it is extended to different systems to provide authentication.