No matter what size the business is, if you have staff they are likely using mobile devices at work and possibly for company activities. BYOD (Bring Your Own Device) is an affordable approach to startups and small businesses. However, having your staff using their own devices, and taking company devices home comes with some security risks.
This is when a company will eventually come to know that they need to enforce some mobile security policies. This approach often uses a system called MDM (available on Android and IOS mobile devices) and that stands for Mobile Device Management. It allows the employer to set varying levels of control, and for them to protect company data.
To implement this, in most cases, there is going to be a period of education. Staff will likely need to be introduced to the idea and to become comfortable with what will be restricted or monitored. For this to happen, they will need or want to know exactly what is being changed with their devices. However, for company-owned devices, whether or not staff are informed would depend on the existing policies for permitted company device usage.
How to Setup MDM in the Workplace
The setup process doesn’t need to be complicated, but there are a few things that should be considered to implement mobile security in the best way possible.
Education – This might need a little planning, but you should try to both educate about the uses and highlight the benefits regarding MDM. Staff might see it initially as an intrusion, but it also helps to protect them and their devices.
Assign Leaders/Controllers – Staff will need someone in the know when they have an issue. Even if you hire someone to take care of your device security, it is a good idea to have an in-house expert that can advise or train staff when needed.
Enforce Encryption – Most people don’t really think about or see the benefit of encryption, until they actually lose a device. Then that horrible sinking feeling that someone could be looking through your files, photos, and videos makes you wish there was a way to stop that. Encryption is important for businesses, but it also protects the private lives of device owners.
Centralize Updates – By managing updates centrally, the company can be sure that devices are as secure and up to date as possible. For this, it could be good to advise staff of scheduled times for updates, to prevent inconveniences and avoid concerns.
Restrict Access – It is wise to block access to unsecure or problem URLs via network access control (NAC) on mobile devices.
Restrict App Installation – Although this might not be possible in all BYOD situations, restricting app installation on company mobile devices can help to greatly increase security.
Remote Wipe Policy – Setup how things will proceed should a device be lost or fall into the wrong hands. Remote wiping is the safest option, but staff should know how to report issues and the devices should be monitored for unusual activity. They should also be trained in how to backup their devices, or the company may want to back them up for them.
Consider Adding a VPN Service – Many people like to work or play on their phone in internet cafes. The only problem is that many are using unsecure networks, and even those that are secured are shared with a lot of unknown users. This is without even considering that the cafe owner or person whom setup the internet service might be spying on customers. A VPN makes all connections secure, all of the time.
Most good MDM providers will advise regarding all of this, and can also assist with managing the devices. However, this list should give you a few things to consider and possibly setup in advance.
MDM is an incredible system that allows the remote setup or configuration of mobile devices. It can even mean that a device is fully setup and secured without anyone needing to do it manually. It allows companies to regain control of their data.