Security For Teams That Work In The Cloud

January 15th, 2019
Security For Teams That Work In The Cloud

The way phones, tablets and laptops are used by employees has shifted dramatically. These days, employees often bring personal devices to work, then connect up to their company's secure corporate network.

There are definitely benefits to this style of working: While your team enjoys the flexibility, efficiency and ease of a single device, you may also appreciate the lower equipment costs, reduced office space square footage (should workers transition off-site), and a decreased IT staff burden since employees will maintain their own equipment.

On the other hand, this trend creates some new considerations for security, connectivity, privacy and management. Each employee may have a different service provider or smart phone operating system. Employee-owned devices can potentially expose security vulnerabilities not directly supervised by IT staff or addressed by corporate antivirus solutions.

Tablets and smartphones are arguably less secure than desktop PCs and laptops because they lack pre-installed malware protection. Most computers include at least a trial version of an antivirus suite, but for the newest mobile gadgets, individual users and IT managers are on their own to search for and install mobile endpoint security management.

This vulnerability has not escaped the attention of hackers, who unleash creative new threats like SMS text messaged-based attacks on a daily basis. The old-school virus, while still annoying, doesn’t hold a candle to the damage caused by these new approaches in cybercrime, which include more sophisticated Trojans, keyloggers, phishing attacks, and malicious apps than ever before.

As a result, the risks of a “bring your own device” (BYOD) policy creates the need for something called mobile device management (MDM). It is nearly impossible to enforce a ban on these devices, but there are options for businesses on a tight budget to maintain security.

What exactly is MDM?

MDM is, in a nutshell, software used by an IT services provider like PCPC to monitor, manage, and secure your employees' laptops, smartphones, tablets, and other devices that are being used in the workplace. With security and data breaches getting costlier every year, MDM tools are essential to the modern workplace.

Coupled with additional tools, technologies, processes, and policies, an MDM solution is part of another organizational trend: enterprise mobility management (EMM).

What is EMM?

EMM addresses the business and technological context of device usage in everyday business operations. However, not all MDM tools are created equal, and the right choice for small to medium businesses, or non-profits may depend on a variety of factors.

A solution for distributed teams and cloud based networks

The field of mobile device management has continued to evolve as more and more teams work with cloud and SaaS softwares, smart phones, and laptops. Many companies now have distributed and remote teams, or in workplaces with a BYOD policy.

Current EMM suites generally have policy- and configuration-management tools that specific to the smartphone operating systems. The suites are paired with the management of apps and content on those devices by a team of technicians. IT service providers like PCPC use EMM suites to deliver IT support to your employees when they are mobile, and to maintain your company security policies.

Modern EMM suites provide the following core functions:

  • Hardware inventory
  • Application inventory
  • OS configuration management
  • Mobile app deployment, updating and removal
  • Mobile app configuration and policy management
  • Remote view and control for troubleshooting
  • Execute remote actions, such as remote wipe
  • Mobile content management

How necessary is MDM, really?

The rapid adoption of smartphones and tablets, along with increasing numbers of employees who are working from home or other non-traditional locations, has placed mobility solutions near the top of many business’ priority lists.

A recent study by Gartner indicates that PC sales are in decline – the majority (87%) of devices shipping in 2015 will be mobile phones and tablets. As a result, 451 Research predicts that the $3.8 billion EMM (enterprise mobile management) market will double to $9.8 billion by 2018. SMBs have been adopting mobile solutions at a fast and furious pace. SMB Group research indicates that 67% of SMBs now view mobile solutions and services as “critical” to their businesses, and 83% have already deployed mobile apps to help improve employee productivity. Of these, 55% are using mobile apps for specific business functions, such as CRM or order entry, and 49% of SMBs are building mobile-friendly websites, and/or deploying mobile apps to engage and transact with customers.

EMM is clearly trending, and looks to continue to do so in the future. After looking at the risks of doing business without a proper MDM solution, it becomes obvious why. Without MDM, information on stolen or lost devices is not secure, which could allow it to easily fall into the wrong hands. Also, devices without MDM have an increased exposure to malware and other viruses that could compromise confidential data. And, once that confidential data is compromised, the ease of which a data breach or hacking incident can be achieved increases greatly – events that can permanently affect a company’s reputation with consumers and other business partners.

According to Novell, a laptop or tablet is stolen every 53 seconds, and 113 cell phones are lost or stolen every minute. With the cost to recover from a corporate data breach getting increasingly more expensive every year, more and more businesses are seeing the value of a comprehensive EMM solution.

What to Look for in an MDM Solution

If you are reading this and thinking it might be time to explore an MDM solution, you'll need to choose a provider. Here are some of the things we at PCPC believe are essential in a solid MDM plan:

  • Cloud-based, so updates are automatic and painless
  • Fully managed, 24/7 monitoring
  • Remote configuration and monitoring
  • Passwords, blacklists and other security policies enforcement
  • Passcode enforcement/remote data wiping, to prevent unauthorized access to the phone
  • Geofencing, to restrict access to specific data and applications based on location
  • Backup/restore functionality of corporate data
  • Logging/reporting for compliance purposes
  • Jailbreaking and rooting alerts for users attempting to bypass restrictions
  • Remote disconnection or disabling of unauthorized devices and applications
  • Scalable, so new users and increasingly sophisticated devices can be accommodated easily

A rule of thumb is that MDM solutions are only as useful as their implementation. That is, they will only succeed if they are executed properly.

Care should be taken to evaluate an MDM solution to make sure it fits a company’s specific policies, growth plan, and vision. Here's an example: When an employee is terminated, what happens to their device under company BYOD policy? Is access simply shut off to corporate systems? What happens to saved or cached data on their device? Is it ignored, or is business data wiped? How is business data separated from a user’s personal data?

Before choosing any MDM solution, these policies must be set in place in order to decide what is specifically needed and continuously reviewed to ensure best practices are maintained.

There are also additional factors to consider:

Perhaps you'd like to combine having your own server and cloud solutions. Cloud services  infrastructure planning is essential. You'll want an MDM solution that can handle on-site, cloud and hybrid options.

We can help you structure an MDM plan that's right for your business. Read our PDF about PCPC's strategic consulting services here.

Keep in mind that for every shift, pivot, and change in the industry, MDM solutions are constantly being updated, revised, and enhanced. It’s important that your business vision meshes strategically with your MDM provider, and you understand . Is it a smaller part of an MSP’s total offering? Are there enhanced content functionalities, such as document editing and management? Can enterprise apps be controlled and secured? Are there additional integrations with other security apps? Those who are choosing the right MDM solution for their company must understand not only what is provided today, but where development is headed down the road, so that choice will best fit current and future needs.

Finally, you'll want to consider integration. Your chosen solution should be able to integrate with your existing security, management controls and workflows. Most organizations have already made significant investments in this area, so integration with these systems is essential. The right MDM solution will enhance both security and efficiency, allowing an admin to control and monitor systems from a single access point.

When should you start thinking about MDM?

Many businesses are only just becoming aware of the burgeoning BYOD trend and the need to protect mobile devices. Small- and medium-sized businesses without large IT staffs and large budgets need a solution that protects them as much as the larger companies. The pressure to have an in house technician who is fully knowledgeable about the entire breadth of BYOD policy, restriction, and effective implementation is a high barrier to SMBs as well as larger corporations. Fully-managed MDM solutions relieve the need to have dedicated, in-house staff managing this system – good news for the bottom line of businesses of any size. Additionally, those who take advantage of a fully managed MDM solution can rest easy knowing there is an always-on NOC monitoring their system for anomalies and irregularities 24/7, and handling these issues as they arise. Because BYOD employees are no longer tethered to a traditional work schedule, MDM solutions must follow suit.

Employee-owned mobile devices are here to stay in the workforce. Meet that change with a strong MDM strategy and partnership with a qualified service provider to help you structure and maintain your plan.