Product Group Tests
Mobile device management
Full Group Summary
Today's enterprises are, increasingly, including mobile devices. Sometimes the organisation will provide the devices, sometimes it will restrict the types of devices that can be used on the network, but most often organisations are allowing users to bring their own smartphones and tablets and connect. When any of these scenarios happen, especially where users connect their own devices to the network, some form of security management is necessary.
Mobile device management - or MDM - is the way forward when mobile devices become part of the enterprise. There are several challenges to MDM. The obvious first one is discovering the devices on the network. This can be difficult since these devices come and go as users connect and disconnect. The next one is ensuring that the devices that do connect do not bring security risks with them. Finally, we must not forget that, as devices on the enterprise, they may be subject to the same regulatory requirements to as other connected device. In fact, the challenges with keeping mobile devices compliant probably exceed the challenge inherent in most other types of devices.
The usual method for ensuring compliance with enterprise security policies is to create a policy that can be pushed out to the device as a prerequisite for joining the device to the network. This brings with it various problems, political as well as technical. The first thing an administrator must do is determine what kinds of devices to allow on a network. If the organisation is supplying the devices, that can be pretty straightforward. If you have BYOD in place, the challenges increase astronomically.
So how does one balance usability with control? First, start with a security policy that addresses the problem. The policy should articulate very clearly what is expected in terms of mobile device security, why it is expected and how the policy will be enforced. There must also be consequences for attempting to circumvent established controls.
A good MDM tool should allow you to create a policy that can be pushed to the device and that can prevent - or allow you to prevent - connection to the network until the device passes muster. The tool should also allow a rich set of functions that can translate your mobile device policy into actual configurations and then can enforce those configurations. One of the most important of those is remote wipe.
The assurance that policy is translated to configuration and that compliance with policy is enforceable is critical to your selection of an MDM tool. Generally, you should select a tool that allows that level of control.Please note, all reviews in this section have been conducted in the USA, thus pricing, conversion rates and support options may vary outside the USA.