Embracing consumerisation by managing mobile devices within the workplace
09 Jul 2012
Ian Robinson, Mobile Device Management Consultant talks about the shift towards the use of more consumer orientated mobile devices in organisations.
The rise of mobile computing
Mobile computing via smartphones and tablets, such as the iPad, iPhone, Galaxy SIII and others, has been a hot topic for a while. There is no denying that the world is moving to one where mobile access to data is the norm, assuming the mobile networks can keep up with this rapid change!
People love the new models of smartphones and tablets that have hit the market over the last few years. Apple have sold 67 million iPad's in just 2 years! If you add this figure to the 218 million iPhones and the 67 million iPod touch devices Apple has sold then there are over 350 million iOS devices in use¹ . At their 2012 I/O conference in June Google reported that there are over 400 million Android devices activated. Microsoft, with its announced Surface devices and its partners will bring new Windows 8 based smart phones and tablets to market this year. A market that is not yet saturated in the UK and Ireland. There is room for growth for the major players, and scope for new entrants due to the approximate 2 year upgrade cycle on smartphone contracts.
Consumer orientated mobile devices in the workplace
Many of your staff will likely have one off these new highly functional devices for their personal use. They are probably asking for similar devices to be provided for use as a work tool. Or even asking if they can use their personal device to access work related systems and data. This is the dreaded, from many ICT administrators point of view, Bring Your Own Device (BYOD) phenomenon. It's certainly an interesting time to be an ICT admin!
Should ICT departments allow, or even embrace this shift towards the use of more consumer orientated mobile devices? I contend that they should, as doing so provides many benefits.
Allowing your staff to use tools that they know and like, such as the smartphone they have picked for themselves, can make for happier and more productive staff. Getting access to work related email and data, on the same device were they might want to play Angry Birds or watch a TV show on the way home on the train, is more convenient for the user than giving them a separate work device just for corporate related use. Staff are more likely to do a work related activity out of hours if they can do it on a device they use for personal purposes too. This also means they don’t have to carry 2 devices, charge them separately or make sure both are in their bag, et cetera. For years we have been using BlackBerry for work and iPhone or similar for personal use. It's messy . And wasteful. One device that the user enjoys using, and can be used for both work and personal data is a better solution.
I can hear the ICT administrators scoffing as they read the paragraph above as it also introduces some issues that ICT departments are tasked to address and mitigate. It is the job of the ICT department to make sure that the users have the tools to do the function they are paid for, and to ensure that the organisations’ data is available as required and also secure. Having devices that staff can use for both personal and corporate use is a good way to make an organisations data unsecure? Right? No, is the answer.
Managing mobile devices
Many tools are available to ICT Departments to ensure that corporate data is secured on the new generation of consumer-orientated devices. Whether that be in an organisation provided devices model, or in a BYOD model.
Data Loss Prevention (DLP) is a core part of any mobile device strategy. An obvious example is the 'left my iPad in the taxi from the airport' call to the ICT helpdesk. There are several ways that an ICT department can guard against data loss in such a scenario. The most basic, and fundamental step, is to ensure that there is a Mobile Device Management (MDM) solution in place. These can be used to enforce policies on the mobile devices. For example a minimum requirement for a strong passcode on the device, coupled with auto-lock and timeout settings to ensure that anyone finding a lost device would not be able to access data on device. Lots of other features of the hardware and software on a device can be set using profiles via an MDM solution.
In addition to the base MDM solution, corporate email and data can be further protected on devices. Sandbox email solutions are available that separate the corporate email from a users personal email. The sandbox email app can be set to require a separate secure password to access, and can be encrypted separately on the device and as it passes data over the network. Similarly access to corporate data can be mediated via a secure on device application that uses Active Directory controlled access to internal file servers. File permissions can be set on files to prevent them from being copied. This allows ICT departments to provide the functionality of a service like DropBox but at the same time keep the data secure in house. If required then an ICT Administrator can send a remote wipe to just remove the file sandbox, and leave the users data intact. This is useful if a user leaves the organisation and was using their own device. You get to remove the corporate files without deleting the users data. The MDM solution can wipe the whole device if required as well.
Another way to secure corporate data on a mobile device is to stop the data getting to the device in the first place. Using remote applications via thin client technologies provides a tried and tested solution to this. Run your applications on your servers in the data centre and use a remote access app on the device.
This post has provided a snapshot of the ways that an organisation can embrace the on-going move to consummerisation of end user devices. The tools to allow ICT Departments to securely deliver services to these devices exist today. They are in use, and they work. ICT Departments can make the staff they support, and the organisations they are part off, better and more productive by allowing the use of these devices. In a non-draconian way that makes for happy end users and also meets the needs of organisational governance.
Click here for more information on Northgate's Mobile Device Management Service
Author: Ian Robinson, Mobile and Cloud Computing Consultant, Northgate Managed Services