Research: Mobile Device Management
Rolling With the Changes
As you develop mobility policies, your ultimate goal should be the certainty that any data contained within a device, or any connectivity profiles—VPN or Wi-Fi—that provide access to corporate networks, is completely secure, even if the smartphone or tablet is lost or stolen. Can you look into an auditor’s eyes and say that with confidence?
Because the trend is toward personally owned devices, if an MDM system can’t differentiate between enterprise data and the owner’s data, don’t buy it. But this is just one in a long set of important, and nice to have, features. In general, candidate MDM platforms should support iOS and Android, with management links to RIM’s BES a big plus. It should be able to differentiate security capabilities by OS type, because not all operating systems are created equal. It should normalize controls regardless of platform, so IT doesn’t have to know the gory details. It should consume user-role data from centralized directory services so that changes that are fed from the central directory—including termination—affect the profile experience on the end device. Self-service functions, such as provisioning and bringing a device back into compliance after missteps like loading an app considered risky, help reduce the help desk load. In this report, we’ll examine trends in mobile device management and security and delve into policy development. (R3321111)
Survey Name: InformationWeek Mobile Device Management and Security Survey
Survey Date: August 2011
Region: North America
Number of Respondents: 323 respondents from companies with 50-plus employees involved with determining mobile/wireless strategy or evaluating, recommending or purchasing mobile devices.
Purpose: This survey strives to gauge respondents’ secure use of mobile computing technologies such as smartphones and tablets and the importance of the supporting security structure. By polling for trends in the overall use of mobile devices as well as the applications in use by respondents’ organizations and their relative significance, it becomes clear which are the most mission-critical and would cause greatest disruption should they become unavailable. We also delve into the policy components governing the use of mobile technologies. Our aim is to determine the importance of mobile data protection to organizations, as well as whether mobile data policies are in place. On the tactical end, we asked about the most popular security controls being used, as well as centralized mobile device management systems and the rationale for seriously considering their use as a security control to enforce organizational mobile security policy.
Table of Contents
3 Author's Bio
4 Executive Summary
5 Research Synopsis
6 Rolling With the Changes
7 Impact Assessment
8 Productivity Is Power
9 Dodgy Application Behavior
10 Mobile Platform Trends
14 Mobile Apps
16 Mobile Device Policy
18 Security Control
20 Cohesive Management Via MDM
27 Appendix
41 Related Reports
Figures
6 Figure 1: Increase in Employee-Owned Mobile Devices?
8 Figure 2: Mobile Technology Impact on Productivity: 2010 vs. 2011
10 Figure 3: Lack of Access to Mobile Productivity Activities: Impact on Employees
11 Figure 4: Mobile Devices Selected by IT
12 Figure 5: Enterprise-Ready Mobile Platforms
13 Figure 6: Operating Systems Permitted to Access Business Resources
14 Figure 7: Custom Business Applications for Mobile Devices
15 Figure 8: Supported Mobile Platforms for Custom Applications
16 Figure 9: Use of Virtual Desktop Technologies Via Tablets
17 Figure 10: Mobile Device and Data Polices?
18 Figure 11: Enterprise Data Access Via Mobile Device: Default vs. Exception
19 Figure 12: Ability to Selectively Wipe Business Data From Personal Devices
20 Figure 13: Portable Device Security Controls
21 Figure 14: Primary Reason for Deploying MDM
22 Figure 15: Reasons for Not Deploying MDM
23 Figure 16: MDM Architecture
24 Figure 17: MDM Spending Plans
25 Figure 18: Access to Cloud Services Via Mobile Devices
27 Figure 19: Percentage of Employees Using Devices
28 Figure 20: Mobile Technology Impact on Productivity
29 Figure 21: Importance of Employee Access to Mobile Technologies
30 Figure 22: MDM Features of Interest
31 Figure 23: Types of Cloud Services Accessible Via Mobile Devices
32 Figure 24: Standardized on a Mobile Device Platform?
33 Figure 25: Carriers Selected by IT
34 Figure 26: Prioritization of Mobile Data Security
35 Figure 27: Portable Device Security Controls: 2010 vs. 2011
36 Figure 28: Mobile Device Management Vendors
37 Figure 29: Industry
38 Figure 30: Job Title
39 Figure 31: Company Revenue
40 Figure 32: Company Size
About the Author
Grant Moerschel is co-founder of WaveGard, a vendor-neutral technology consulting firm. His 20 years of IT experience encompass a wide range of strategic and tactical business technology functions, including significant experience with security engineering, IT risk and vulnerability assessment, regulatory compliance assessment, wireless and wired network engineering, and wireless technology training.
He has consulted for many clients in both the public and private sectors. Grant is the co-author of the McGraw-Hill title, Certified Wireless Security Professional (CWSP) v2 study guide and the Cisco Press title, CCSP Flash Cards and Exam Practice Pack. He has written numerous technical articles for InformationWeek and courseware for (ISC)2, in addition to holding several well-regarded IT industry certifications, such as the CISSP, CCSP and CWNA. He earned his B.S. degree from the University of Delaware.
Be the first one to comment.