MDM policies need to be liberal, but firm: Gartner

SYDNEY – Companies that put in dedicated policies for trusted work systems are now faced with a deluge of mobile devices in the workplace, particularly consumer level products.

Gartner VP and distinguished analyst John Girard suggests they adapt to this environment and quickly, starting with the basic configuration and security policies they feel the need to preserve.

Girard gave tips on how to develop and implementing a robust mobile device policy during the recent Gartner Security and Risk Management Summit here.

RELATED CONTENT
Hackers eager to exploit BYOD
Is your BYOD policy out of date?

 

One of the several mobile device management (MDM) reality checks that Girard shared with the audience covered the pitfalls of the mandatory device reset.

“There was a case of a toddler who reset C-level daddy’s tablet that was left in the living room,” he said. “Of course, daddy didn’t back up the data.”

Then there was the less than ideal hospital honour system.

“Doctors accessed patient databases and hospital scheduling systems via unmanaged and unsupervised BYOD practices,” Girard said.

Girard also spoke about how a mobile honour system failed when IT operations at a company enabled Microsoft ActiveSync through the firewall, however there was no credentials process in place.

In additions to setting limits on data exposure, Girard recommends that IT administrators also limit access to a certain extent.

“Have email pass through certification control and a basic MDM security policy in place,” he said.

“Having BYOD model restrictions is also necessary.”

Control and encryption also go hand-in-hand with a comprehensive MDM policy.

“A ‘trust nothing’ approach reduces policy headaches,” Girard said,

When it comes to managing multiple device and OS platforms and settings, there are some questions that Girard says need to be addressed.

“What’s your baseline and how thoroughly are your PCs managed?” he asked. “Do you encrypt mails and work station data?”

In order for mobile device management to be effectively implement, Girard suggests people be prepared for enterprise concessions.

Some of the top policy failures that Girard highlighted included BYOD rules that are too rigid or lax, and policies that do not address use cases and job needs.

“If a company lectures but does not mandate, it’s not going to work,” he said.

“It also doesn’t help if management doesn’t support the policy.”

In order for a mobility strategy to work, Girard suggests that business give users the choice to opt-in to company’s MDM, and use “trust” and their supporting technology as a decision point.

(From Australian Reseller News)

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now