Posts Tagged ‘MDM’

Why and How to Secure Mobile Devices

Posted on: August 29th, 2017 by jiml | No Comments

As more business processes are either pushed to or accessed on mobile devices (phones, tablets, laptops, etc.), organizations need to be able to secure both the device itself and the data which the device accesses. Colden Company’s Mobile Device Management (MDM) service provides affordable protection for the most common security scenarios.

Physical Security

Since these devices leave the office and may be left intentionally in vehicles, homes and hotel rooms, unintentionally in locations like restaurants or stores, or completely misplaced or stolen, the first concern is to be able to locate the device. With the MDM agent installed on the device, it will periodically check in with its physical location which can be tracked on a map allowing for retrieval.

Protection From Unauthorized Access

The agent can configure the device with a screen lock passcode (and change it) and remotely lock the device. The data on the device can be encrypted and, if there is a concern that the device’s security has been compromised, the entire device can be remotely wiped.

Protection From Malware

While the overall risk of malware is reduced on iOS (Apple) and Android phones and tablets compared to desktop and laptop computers, it is still a very real concern that needs to be addressed. Even though users have permissions to do things like configure the device settings, connect to wireless networks, and add or remove apps, while they are actually using an app on the device, they are not doing so using those permissions. After apps are installed, what they can do is limited to the permissions they were given at installation. For example, it is not possible to run an executable program from a web browser or email app in the same way that a user can on a PC. While running those apps, the user is not acting as an administrator of the device.

So the most critical level of protection against malware is to ensure that the apps are installed from a trusted source that verifies they do not contain malware. For iOS, the Apple App Store screens all apps offered through the store. For Android devices, the Google Play store has less oversight on what apps are offered, but the Play Protect Service on each device does a background check of each installed app to detect harmful apps. This check is especially important since, unlike Apple devices, it is possible to install apps to Android devices from locations other than Google Play. It’s worth noting that all reports of Android malware to date have come from installing compromised or malicious apps from the Google Play store or from a third party source.
MDM addresses this issue through policies that allow only specific apps to be installed, identify specific apps that cannot be installed, require that specific apps be installed and, for Android devices, disable the ability to install apps from any location other than Google Play. Actively managing what apps can and cannot be installed is the most effective protection from malware.

Monitoring Compliance

Mobile users generally have administrative privileges on their devices. In order to ensure protection is active, the MDM agent is enabled with policies and rules that define how the device is to be configured and what actions to take if that configuration is changed (non-compliance). It monitors the device continuously for any configuration changes, compares them to the policies for the device and takes action when the device falls out of compliance. As a minimum, non-compliance will generate an alert and an administrative email which can also be sent to the user. For example, if a lock screen passcode is a required policy item and the user disables the passcode, an alert gets triggered with an associated email message. The administrator then has the option of re-enabling the passcode, changing it or locking the device. For a more security conscious approach, non-compliant devices can be denied access to company resources until the device is back in compliance.

Every survey indicates that employees will continue to use mobile devices more frequently than they do today. The trend is not about to reverse. As a business, you need to be thinking about how you can best manage and secure those devices and the data they access. Give us a call at (888) 600-4560 or email us, or visit us on Facebook or Twitter.







Tablets and Your Business

Posted on: September 30th, 2014 by billp | No Comments

Since the iPad was first introduced in 2010, we’ve witnessed explosive growth in the market for the first truly new piece of personal technology since the PC: the tablet computer. The industry has even coined the term “Post-PC Era” to note the decline in sales of traditional PCs in favor of new devices such as tablets and, to a lesser degree, smartphones and phablets. Dozens of manufacturers make dozens of sizes and shapes of tablets, but they all share the same common ground: they are touchscreen slates that don’t need a keyboard and mouse.

tabletsevolution

According to an IC Insights report, total shipments of personal computing systems (desktops, notebooks, tablets, and Internet/cloud units) are forecast to rise 12% in 2014 to 585 million units compared to 521 million in 2013. However, the market for standard PCs (desktops, notebooks) continues to be sluggish in 2014, causing IC Insights to forecast a 5% decline for these systems to 298 million this year. The gap is made up of Post-PC Era devices such as tablets, and the growth in tablets only increases as IC Insights forecasts out to 2017.

Fig01

With the market for tablets and similar devices growing so aggressively, and software developers and accessory manufacturers coming up with increasingly creative ways to take advantage of the platform, we’ve only scratched the surface of what we can do with tablets. Where tablets were once seen as “consumption devices” (i.e. used to watch video, read books, play games, etc. – consume content), we have reaches a point where tablets have very real and measurable business benefits.

As noted in a recent Wall Street Journal article, a recent survey of 100 CIOs in the U.S. and Europe by Barclays PLC shows increased support for tablets, which in many cases are moving from limited trial rollouts to broader deployments. 97% of the respondents said they are interested in or are already supporting the use of tablets in the enterprise, either through BYOD (Bring Your Own Device) or COD (Company-Owned Device) initiatives. The survey found that PCs remain the lowest-rated spending priority among CIOs and tablet deployment was “key” within their organizations.

The Barclays survey also noted that Apple, with iOS and its iPad line, was clearly the preferred vendor among those surveyed, with Microsoft and its venerable Windows next, beating out Google’s Android.

Apple iOS

Apple, with its iPad Air and iPad Mini product lines, are synonymous with tablets in the minds of many consumers. Apple was first to market with a truly innovative tablet design, and their early lead has given them the attention of consumers, business leaders, and software developers.

Apple has their eye on the business market to further strengthen their market position. We’ve written in the past about the use of an iPad for business, but the landscape – both in terms of hardware and apps, has changed much since we first wrote about the topic in late 2011. Apple’s recently-released iOS 8 operating system has in increased focus on the enterprise, with notable business-oriented features such as expanded data encryption, email encryption options, data management and content filtering, and new device management capabilities. Lesser-known business-oriented services offered by Apple include Volume Purchase Program (VPP), allowing businesses to buy and deploy apps, and the Device Enrollment Program (DEP), allowing businesses to pre-enroll devices with Mobile Device Management (MDM) solutions at the time of purchase.

Apple is also capturing the attention of other key players in the technology industry. In July 2014, Apple announced that it would partner with IBM to develop business applications specifically for iPhones and iPads, and IBM also said it would sell Apple products with those built-in apps to clients around the globe.

Google Android

While Apple’s iOS devices may have the mind-share of the world, Google’s Android operating system has the largest market share by a large margin. Android, unlike iOS, is licensed to third-party manufacturers such as Samsung, LG, Motorola, and many others who release their own devices in many shapes and sizes – and not only smartphones and tablets. Android powers wearables, TVs, and cars. Google’s recently launched Android One initiative promises to enable access to quality Android devices in emerging markets, opening up Android to potentially millions of new customers. With more market share comes more developers of apps, services, and accessories, and Google is playing the long-game with Android, making it the dominant operating system to make sure it gets the most attention.

Google (through partnerships), Samsung, and LG all make high-quality Android tablets. Each manufacturer puts their unique stamp on their tablet devices since the market for Android devices is more open than Apple and iOS. The Nexus 7, manufactured for Google by Asus, is a very popular low-cost 7” tablet running “pure Android” (i.e. no manufacturer customizations). Moving to a higher screen size, Samsung offers the Galaxy Tab S with a stunning 8.4” display and some Samsung-specific innovations in Android. If you’re really looking for a large screen, Samsung offers the Galaxy Note Pro with a massive 12.2” display and stylus for pen-based input.

Like Apple, Google is very focused on the business market. Google’s upcoming next release of Android, currently named “Android L” (Android releases have all been named after desserts or sweets, and the “L” name hasn’t been decided on yet) has a focus on business-oriented features, collectively dubbed “Android for Work.” Android devices will have the ability to partition personal data from work data, making it easier for businesses to monitor apps and data being used for work-related purposes and control what happens to that data. This is particularly valuable to businesses that have embraced BYOD, because now there can be an area for personal information and a completely separate, controlled, and managed area for business data on the same device. Android L will also have full-device encryption enabled by default, keeping both business and personal data safe.

Microsoft Windows

While Microsoft is currently a lesser player in the explosive mobile market, they are actually one of the earliest players in the tablet market. Starting with Windows for Pen Computing for Windows 3.1 in 1991, Microsoft has been a proponent of tablet and pen-based computing for decades. Starting with Windows XP, Microsoft adopted the Microsoft Tablet PC name. Tablet support was added to both Home and Business versions of Windows Vista and Windows 7. Following Tablet PC, Microsoft announced the Ultra-mobile PC initiative in 2006 which brought Windows tablets to a smaller, touch-centric form factor.

Windows 8, which we have written about in detail, marked a major change in Microsoft’s approach to Windows and tablet computing. Windows 8 was the first major – and very ambitious – change to the Windows user interface (UI) since Windows 95 almost two decades earlier and was met with mixed reviews because it significantly changed the way we interact with our PCs. Traditional PC users complained – quite vocally – that Microsoft was forcing a mobile-first experience that they did not want and disrupting their ability to use their PCs. However, one thing was and is sure – Microsoft is fully committed to merging mobile and traditional PC computing, and Windows 8 was the first leap forward in that revolution.

Love it or hate it, Windows 8 is here to stay in one form or another. Microsoft’s next release of Windows, codenamed “Threshold,” and assumed to be Windows 9, is targeting at calming the problems introduced by Windows 8 in businesses, notably training costs by forcing a completely different interface on users (hint – the Start menu is coming back). Microsoft’s next version of its venerable Office suite, codenamed “Gemini,” is widely-rumored to be touch-first, making it much easier to use than traditional Office on a tablet.

While Microsoft is refining its approach to mobile, one thing is clear – the easiest integration of tablets into the business is through tablets based on Windows 8.1 Pro (not Windows RT, which is incompatible with standard PC software). Tablets based on Windows 8.1 Pro integrate into your business just as a desktop or notebook would, using the same software, same management tools, same security, etc. For all intents and purposes, they are PCs in a different size and shape. Many Windows tablets also help to bridge the notebook/tablet gap with familiar form factors that blend two designs, such at the Microsoft Suface Pro 3 and Dell Venue 11 Pro.

For more about the laptop versus tablet discussion, read our recent blog post on the topic.

Now that you know who the key market players are, the real question for your business is what do you want to do with your tablets?  Picking a mobile operating system or tablet before you know what you want to do with it is a recipe for project failure. Carefully think about the following questions as you think about your tablet goals.

  1. Do you want to access files from your office file server from your tablet?
  2. Do you want to access your office PC from your tablet (e.g. remote desktop)?
  3. Do you want to be able to print from your tablet to your office printers?
  4. Do you want to access your entire office network (servers, PCs, printers, etc.) from your tablet over a Virtual Private Network (VPN)?
  5. Do you need access to specific line-of-business apps on your tablet?
  6. Will the tablet be owned and managed by the business (i.e. company-owned device)?
  7. If you decide to allow BYOD, what will happen to your business data if the employee no longer works for you?
  8. If a tablet is lost or stolen with your business data on it, what will you do?

The answers to these questions – and many others – will guide your decision about which mobile operating system and apps you need to succeed. We suggest starting with a pilot program (one or two devices) before embarking on any large-scale mobile deployment. This will prove the concept and work out any problems before you deploy on a larger scale.

Mobile projects can be complex, but can also have measurable ROI in terms of employee productivity, device cost savings, and many other areas. Colden Company has written extensively on integrating tablets, and mobile in general, into your business in the past. From BYOD, to mobile safety and security, to mobile security policies, to mobile strategy, we’ve covered it all. If you want to manage your mobile devices running iOS, Android, or Windows, we’ve discussed our Mobile Device Management (MDM) solution.

Bottom line – Colden Company has the experience to help you succeed with your tablet and mobile initiatives. Contact us at 888-600-4560, via email at info@coldencompany.com, or via Facebook or Twitter. We’ll get your message on our tablets!






BYOD Invading Like a Mobile Monster!

Posted on: December 7th, 2012 by billp | No Comments

You’ve probably heard about businesses adopting “Bring Your Own Device” (BYOD) policies that allow employees to bring their own mobile devices (smartphones, tablets, etc.) to the workplace for use with business systems. Businesses benefit by saving money on purchasing devices and employees benefit by not being required to carry multiple devices. Of course, there are always risks. We even wrote about the importance of developing a mobile security policy earlier this year.

Rapid7 has created an infographic that shows how businesses need to learn to contol the “monster” that is BYOD. Here are just some of the risks:

  • 71% of businesses surveyed said mobile devices caused an increase in security incidents
  • 71% of devices contain high severity operating system and application vulnerabilities
  • 51% of organizations experienced data loss from employee use of unsecured mobile devices
  • 26% of authenticated devices inactive for >30 days, possibly lost or stolen

You need to control the mobile monster in your business! Mobile device management (MDM) is a very real and complex problem for businesses of all sizes. In 2013, Colden Company will offer MDM to customers of our Remote Monitoring and Management (RMM) solution. Why wait? RMM provides many benefits today, and MDM will just add to its top-tier feature set. Contact us for more information today.