Modern CIOs and their IT department face a new, complex set of mobile device security and manageability challenges as employees bring in their various smartphones and tablets to the workplace, and as additional devices are rolled out across the enterprise.
Many IT managers are looking to outside MDM (mobile device management) products for assistance in securing and managing these disparate devices, but with the majority of these services still in their infancies, it pays to wade slowly into the MDM waters - and with caution.
Technology research firm Forrester Research wants to help, and it has just released a new report, titled "10 Lessons Learned From Early Adopters Of Mobile Device Management Solutions".
Here's a quick breakdown of the lessons offered within the report, which Forrester culled from conversations with four I&O (infrastructure and operations) executives who have already spent time with various MDM products.
1) Different employees require different kinds of mobile support from IT
No one-size-fits-all solution exists for mobile device management and support today, according to Forrester, and IT must be prepared to offer varying degrees of support. Individual staffers and groups of employees will require access to different applications and systems, and therein, different types of support, often depending on their job functions, their mobile platforms of choice and whether or not their devices are corporate issued.
2) IT should query users to understand staff needs, preferences
Forrester suggests surveying the employees who will be using smartphones and tablets regularly to learn more about their needs and preferences, and then determine the products that suit the various job functions. This allows IT to more effectively procure and deploy the appropriate hardware and software to the staffers that need it most.
3) Create one clear policy for corporate and employee-owned mobile devices
Organizations should come up with clear mobile-device policies and usage statements that apply to all mobile devices that will be used, including those owned by the business and employee-owned devices, Forrester says. Start by clearly stating the levels of security and support IT will provide, so it's responsible only for apps and services IT delivers and approves of.
Secondly, it's a good idea to draft official policy documents and usage guidelines to ensure that users are clear on what devices they're eligible to use and how they're expected to responsibly employ them, according to Forrester.
4) Know mobile platforms' limitations, prioritise support for those that need it most
Employees are sick of using only the officially sanctioned mobile platforms of choice, and they're increasingly finding ways to circumvent IT policies and controls so they can use their devices or choice - often iOS and Android devices. Instead of merely resisting these devices and platforms, IT should attempt to identify the security and management weaknesses and at least try to find ways to address the shortcomings to the best of its ability, according to Forrester.
5) No one-size-fits-all-platforms MDM solution
Though many vendors offer products to help manage and secure devices like iPhones, iPads and Android devices, most of the services are specific to one platform or just a few platforms, making it difficult or impossible to use one product to manage all of your various devices and platforms, Forrester says. Vendors plan to add support for lesser-used platforms, such as Windows Phone 7, but right now IT must use a variety of products to manage their various mobile platforms.
As a result, many organizations aren't seeing the same level of security and manageability for all platforms as they were in the past for, say, BlackBerry devices.
6) Encourage IT suppliers to offer app stores that suit the enterprise
Few if any MDM vendors offer application delivery methods or "stores" that truly meet enterprise management and security requirements while delivering software to various devices and platforms, Forrester says. This is a huge obstacle in the way of delivering truly robust enterprise apps to smartphones, tablets and other devices, and IT should push its suppliers to create app stores that meet business needs. Enterprises should work with suppliers to derive and test application delivery methods that can deliver complex applications to a variety of device types, according to Forrester.
7) Employ virtualisation for access to Windows Apps on Non-Windows devices
Until vendors can offer more "mature" application stores that cater to a wider variety of mobile platforms, organizations should consider using virtualization products to bring critical Windows apps to mobile devices, Forrester says. Vendors such as Apperian, AppCentral, Partnerpedia and Citrix all offer such products.
8) Support employee-owned devices but set strict usage guidelines
MDM products help IT support various mobile devices and platforms, but supporting these devices means addressing a complex new set of security challenges. IT should prepare itself for the challenge by setting clear rules and regulations for which types of devices can be used or will be supported--and which won't--as well as who will pay for them.
9) Make it clear to users which mobile services are approved
IT should provide a clear set of guidelines on not only the devices that will be supported, buy also which services are sanctioned for use on enterprise devices, Forrester says. On that note, IT should clarify that not all devices and services are supported. IT may also want to make staffers with mobile devices sign an official mobile-device policy form that specifies IT has the right to wipe corporate devices at any time, if necessary.
10) Reimbursement for employ-device service costs can serve as incentives
Forrester says that allowing users to employ their own mobile devices for work purposes can reduce overall mobile device management and support costs. That's because such users often must contact their wireless carriers for help with support issues, instead of IT.
It's also a good idea to determine just how your employees are using their devices for work, and how much IT support is necessary, and then tailor reimbursement for wireless service accordingly. Staffers could eventually look at payment for their monthly service as incentive to be more productive with their mobile devices, according to Forrester.