‫ Mobile Device Management Features

Number: IRCAR201409234

Date: 2014-09-20


Sales of smartphones and tablet devices have exploded over the last five years or so. Increasingly these mobile devices are being used in the workplace.

But mobile device usage introduces security risks. The devices can be used to access corporate networks and store sensitive corporate data, putting data at risk when the user walks out of the corporate front door with the device in their pocket. What if the device is left in the back of a cab, or the user moves to a new job while using the same device?

Most mobile devices can be configured so a password is required to unlock them, but popular platforms such as Android and Apple's iOS were not built with enterprise security in mind. What businesses need for security purposes - and what regulatory compliance may require - is a way to ensure that all devices are configured that way, and in a way that users cannot override. Security goes way beyond passwords. There are multiple settings that need to be configured - and stay configured - on every mobile device to provide a baseline security level.

A mobile device management (MDM) system provides a solution to this problem. Once a mobile device is enrolled on the system, the device can be configured automatically with a standard set of security settings. It can then either prevent the user from changing these settings, or remotely wipe the phone and remove access to corporate networks if it detects that the settings are changed by the user.

Mobile device management (MDM) can help enterprises minimize security risks associated with BYOD. Here is what you need to know if you plan to use an MDM system.

Mobile Device Management Features

A mobile device management system is usually limited to configuring settings that any given mobile operating system makes available, and for that reason most MDMs provide broadly the same set of security features on each mobile device platform. These may vary on a device by device basis, but usually include:

·         Enforcement of device PIN/password usage. Ensuring that the device can only be accessed fter entering a (usually) four-digit PIN or, preferably, a password or phrase that is not easily guessable. These can be reset from the MDM if forgotten.


·         Remote device lock/wipe. Giving administrators the ability to lock or delete the data - either all data or just corporate data - from a device that is reported lost or stolen. Many mobile device management systems also include geolocation to help employees find lost devices and reduce costs related to lost devices.


·         Data encryption. Activating on-device data encryption on platforms such as iOS that have it built in, or adding this functionality to platforms such as Android that might not.


·         Jailbreak/root detection. Jailbreaking or rooting a mobile device frees it from many OS-level security restrictions, and may also enable users to bypass security controls imposed by an MDM. For that reason, it is vital that an MDM can detect when a device has been jailbroken or rooted.

In addition to configuring these sorts of security settings, most mobile device management platforms also allow administrators to see the internal state of any mobile device remotely, including the configuration settings and installed applications. Operating system and application updates can be pushed to devices to minimize security or reliability issues, and policies based on Active Directory (or other directory) groups can often be imposed, limiting devices belonging to users in different groups so they can only access to appropriate corporate resources.

Most MDMs also enable a huge variety of further group policies and restrictions to be imposed on mobile devices. These may include preventing the device's camera from being used (or preventing it from being used in certain geographic locations such as the corporate offices), prohibiting the installation of applications which appear on a blacklist, blocking in-app purchases, or preventing any apps from being installed unless they are downloaded from an enterprise app store controlled by the MDM.




بدون نظر
شما برای نظر دادن باید وارد شوید


تاریخ ایجاد: 7 مهر 1393



امتیاز شما
تعداد امتیازها:0