- August 27, 2015
- Posted by: Mahesh Kulkarni
- Category: Blogs
Mobile Device Management (MDM)
With the advent of the smartphone/smart devices era, enterprise data security has a new dimension – how to ensure enterprise data/IP security without infringing on the privacy and communication rights of individuals connected to the company network. This calls for an unobtrusive way to enforce security policies. That’s where MDM (Mobile Device Management) comes into the picture.
MDM provides a unified view of smart devices through a single console that facilitates reporting, policy management and device management, enforcing policies and profiles, and taking action as needed. And all this is done without restricting the user’s interaction with the outside world.
It provides advanced mobility management support for enterprises deploying handheld devices. These devices are specifically configured with enterprise use in mind to provide security and management capabilities above and beyond standard Android platform features.
The idea is to provide a containerized access to data/IP assets as part of the user’s rights into the enterprise system. Outside the MDM container, the individual has no restrictions and no access to enterprise resources either. However, enterprise access and any subsequent operations would necessitate the individual to enter the container.
There are two major types of MDM implementations:
1. On-premises Solution
2. Cloud-based Solution
For the organizations where security is highest concern, it preferred to have On-premise solution. This is always suggested for mission critical secure applications. Cloud-based solution provides ease of access for the administrator.
A typical MDM solution would provide Application Management, Personal Information Management, Document Management, and Browser Security and other such features.
Mobile Application Management
MDM provides mobile application management by delivering an enterprise app catalog with full security and operational lifecycle management of apps across mobile device platforms. MDM provides following benefits:
- Blacklist, whitelist and set required apps
- Limit native apps on a device (e.g., native browser)
- Restrict access for jail broken or rooted devices
- Configure automated compliance enforcement actions
- Take instant action through automation or manual intervention
- Block email access, restrict network resources (e.g., no VPN) and perform a remote wipe
- View graphical reports of security and compliance history
PIM (Personal Information provider)
MDM provides PIM management which includes access to company email, calendar and contacts allowing employees to securely collaborate with colleagues while preserving the mobile experience on their corporate or personal devices. Through authentication and authorization, only approved, valid users can access sensitive emails and data. With policies to control the flow of data, the enterprise can restrict sharing by users, forwarding of attachments and copying and pasting. Devices that are lost, stolen or compromised can be selectively wiped (remotely) to remove the secure email container, all attachments and profiles.
MDM provides the functionality to access business documents on mobile devices while providing total manageability and control in a secure, encrypted container. Each document can have its own security policy and be distributed to all users, groups, or individual devices, creating a highly personalized and compliant experience for each employee. The organization can have simple, secure access to public, cloud file stores as well as private resources, such as SharePoint, Windows File Share, Box and Google Drive.
Users can securely view, create, edit, save and sync Word, Excel, PowerPoint or text files on mobile devices. These files can then be automatically synchronized across managed devices without compromising data security.
MDM provides Browser security by providing employees with secure access to corporate intranet sites and networks (such as private SharePoint, JIRA, internal wikis and legacy ERP systems) with no VPN required. You can also protect your organization by blocking websites based on content categories, and allowing exceptions based on domain name.