BYOD is radically shifting the way organisations are working. Time and again research figures have been proving this. In fact, according to a recent report from Zinnov, India’s evolving enterprise mobility market is estimated to reach $ 1 billion by mid-2015. In many enterprises today, mobile devices have become the weakest link in the security strategy. This is the gap that Mobile Device Management (MDM) tries to bridge. However, the how and when in the MDM implementation is still a big question mark for organisations due to its inherent complex nature.
As CIOs struggle with rogue devices, network intrusions and the threats from malware and viruses, the real issue lies with the fact that the perimeters of an enterprise are constantly being redefined and users have multiple access points. Consequently, as mobile devices undergo rapid transformation and new devices flood markets at regular intervals, CIOs will have to keep pace with changes in devices and their adoption, constantly changing and managing the permitted list of devices and security policies around them to better answer BYOD.
Over the next five years, 65% of enterprises will adopt a MDM solution for their corporate liable users, according to Gartner. With the increased functionality of smartphones, and the increasing popularity of tablets, much of the network traffic and corporate data that was once the primary domain of enterprise PCs is now being shifted to mobile devices.
Where to begin?
The BYOD trend has the potential to transform business, enable agility and enhance ways of interacting with customers and partners. However, the mobile value chain and whole ecosystem are increasingly complex, diverse and expanding, leading to more opportunities to exploit vulnerabilities. Individuals are using mobile devices for more tasks, applications and services, and are not as knowledgeable about mobile security. MDM solution can ease a lot of pain for organisations, but there is a definite path that needs to be followed for it.
One of the obvious dilemmas faced by organisations when it comes to MDM, is where to start this journey from. Mentions Koushik Ramani, Lead Architect and Head IMS Consulting, Mindtree, Typically, organisations will have to start with a complete Enterprise Mobility Reference Architecture. The foundational view will be to either explore the services delivered from the Cloud or delivered from within their premises.They will also have to focus on four pillars which are of infrastructure, operations, security and policy.
As per Ashish Dhawan, Country Lead, Enterprise Business, Juniper Networks India, choosing the right platform for Mobile Device Management is one of the issues facing IT departments today. Any MDM solution has to meet the needs of the enterprise in critical areas such as security, reduced complexity, technical capabilities and business agility, all the while supporting a user community that is demanding more ubiquity and independence than ever before.
Crafting MDM strategy
Presently, organisations are compelled to come up with the right MDM strategy that suits their need. However, it is a two-way street requiring support from both organisation and employees to make it a success. According to Chuang of Gartner, It the highest level, BYOD policy is an agreement between the company and the employee where the company gives some access to enterprise systems, and the employee hands over some control of a personal device.Otherwise, for all mobile policies (enterprise owned devices and personal devices), the policy should cover the devices that are allowed, policies that will be enforced, procedures to report a lost device, employees agreeing that their device will be wiped and personal data will be destroyed in the event of loss, as well as money matters.
According to Ramani of Mindtree, Understanding the need for MDM client software on devices is a must. Also, one needs to explore device encryption. Organisations should segregate data types and understand need for centralised components.The motto should be to secure the data and not the device.
No implementation will succeed if there is not a business goal in mind. Emphasising on the same, Raman of Fortinet, mentions ?hile devising MDM policy, enterprises should analyse how mobility can generate business value for their organisation and view investment and project decisions from the perspective of how users will interact with mobile devices.Enterprises can then build out a total cost of ownership (TCO) model and a governance framework around the BYOD model and the associated privacy, regulations and legal issues.
By embracing the BYOD phenomenon and re-designing their infrastructure to not just optimally handle, but leverage it, CEOs can confidently open their network to employees and interested third-parties without the concerns of exposing themselves to risk. This will enable the CIO and the enterprise to remain open to gains in both productivity and operational efficiency and savings in Opex.
When CIOs deploy a robust network that is capable of securing everything from the device to the core, that not only integrates but enables mobility at scale, also delivering better communication, collaboration, and productivity, they create a win-win situation for enterprise and employees alike
There is a belief system when it comes to MDM, that it cannot be inclusive of all devices or platforms. However, is there a possibility that it can be? Solving the many problems posed by BYOD requires a technology-driven, multi-pronged approach to address the new threat vectors provided by mobile devices and enforce policy compliance for users wherever they may be. Secure mobility is possible only by protecting the network, the data, and the client, not just through the use of MDM solutions.
According to Chuang of Gartner, cost of our clients do not allow any and all mobile platforms to connect. Apart from the MDM and its capability to manage the less common platforms, the more serious concern is the ability of IT to manage and support all the mobile platforms. We typically encourage clients to view devices in different tiers so that the preferred mobile platforms are supported by IT and given more access to applications.
Gartner predicts that through 2017, 90% of enterprises will have two or more mobile operating systems to support. In the past year, many companies have moved to Apple iOS as their main mobile device platform, with others to follow over the next 12 to 18 months. As enterprises continue to offer multi-platform support, and new platforms such as Windows 8 continue to emerge, MDM needs will continue to grow. As one of the fastest-growing enterprise devices in the past 18 months, tablets are a further driving force for enterprises adopting MDM.
Shopping for MDM
There are some inherent challenges when it comes to implementing MDM solution. According to Ramani of Mindtree, ?he typical challenges would be around core compliance and statutory requirements that an enterprise needs to adopt to is still maturing, and no one is keen to take a lead. The core platforms or back end infrastructure and applications are still not matured enough to be rendered to a hand-held device.Also, there is no clear view on risks and mitigation process, and they typically vary from enterprises to enterprise, and are still maturing. Deriving consistency on policy, procedure, process and user experience is of utmost importance when it comes to MDM implementation.
According to Dhawan of Juniper Networks, ?n effect, to leverage the BYOD trend and its cost benefits, CIOs must address the key issue of data security. Selecting the right MDM technology with appropriate access solutions can help secure networks, devices, applications and data. MDM have a variety of functions.They ensure role-based access with regard to users, device types and access parameters, an MDM can also assist in managing application usage that also helps check data theft.
At a more advanced level, MDM can be deployed to manage the enterprise mobile app store, allowing enterprise to control the apps while the employee can control the device. In fact, this is a key MDM function, because it lets the employee go about their business tasks without having to compromise on the personal nature of the device.
Supplementing a MDM should be a sound application strategy. So securing the browser, address book and corporate communication is the elementary step. Underlying such measures should be the tacit understanding. Thus, if an employee brings a personal device to work, security and monitoring applications will be installed on the device.
It is not really a wonder then that the rise of BYOD culture is making MDM one of the hottest markets for enterprise IT. However, does it mean that it is the perfect solution? According to Chuang of Gartner, MDM is used to manage both enterprise owned and personal mobile devices. MDM adoption has been growing in India, but there is still lots of growth potential. Like in many other countries, too many companies enable mobile access before they have a mobile policy in place, and before they have a solution such as MDM.There are always two sides to a coin.
Although, India is on the highest growth rate with respect to Enterprise Mobility adoption, enterprises in India are still in the emerging phase of adopting BYOD. It is almost like the Telecom growth where India skipped a generation directly to GSM.
According to Lalvani of RIM, In India, most CIOs are beginning to harness the advantages of BYOD and enterprise mobility. Vendors are also moving aggressively into the MDM space targeting large, mid-level and small businesses alike.However, keeping in mind the changing mobile work environment, it still remains to be seen whether MDM will be successful or not.