Getting mobile device management right: Four key steps
Some organizations still tremble at the thought of letting employee-owned devices connect to business-owned resources. But the truth is that bring-your-own-device (BYOD) approaches have come a long way in recent years, and enterprises increasingly function on mobile phones, tablets and laptops. A well-oiled and successful mobile device management (MDM) program and policy allows enterprises to reap the benefits of BYOD while mitigating the risks. Here are four best practice ideas:
1. Get the fundamentals right from the start
The bedrock of any sound mobile device management program begins with the basics: encryption, remote wipe, password strength and history. The main concern for most MDM programs is the control over information in case a device is lost or stolen. This was, of course, the hallmark of the BlackBerry system: Everything was encrypted and enterprise administrators had extensive control over the device. Regardless of the product line in use, every competent MDM system should:
- Encrypt email and storage on a device
- Require a strong password that is enforced without exception
- Offer the ability to wipe the device remotely at any time (or at least wipe the corporate “container” on the device that houses the proprietary information related to the business or organization)
2. Allow information to flow back to IT and the help desk
One of the benefits of an MDM program is the ability to understand how employees are using their mobile devices. Routing the flow of information back to the IT department and help desk from the start can improve performance down the line. For example, an understanding of which devices and models are popular enables your help desk to train more accurately, resulting in better assistance with future troubleshooting issues.
Another useful strategy is to share application inventory information with your support departments to ensure that corporate apps deploy properly. Sharing information with human resources about which users are active on which platforms helps their department appropriately update credential provisions when employees enter and leave the system.
3. Automate the basics
Users tend to be frustrated when they cannot activate an account independently of support services. Rather than getting the ball rolling on their own, users often have to call in, speak with someone to use a platform or have a problem addressed. Avoid this rigmarole and establish a policy that allows users to automatically enroll themselves in your mobile device management program. Design the platform to automatically sync email and calendars using a self-service web portal.
For more intensive application onboarding, users can certainly call in or schedule appointments for installation and training, but most employees will want to check their work email and calendars on their phone. If their device will accept your policy constraints, allow employees to access the platform and get things moving on their own. It is a win-win for everyone: less work and more security for the system administrator; less waiting and more satisfaction for the user.
4. Build self-service troubleshooting resources
Along the same lines, empower your users to conduct initial troubleshooting tasks on their own, especially when taking action on lost device and remote wipe issues. You will notice that there will be a tremendous resistance to reporting lost devices in a timely manner if you make it difficult and time-consuming to actually do so. However, if users can simply log into an intranet portal to deactivate their former device and add a new phone, they will do it quickly and efficiently. Let users not only self-enroll, as discussed in the previous point, but also wipe devices, reset passwords and run any device location features that your platform supports on their own.
By following these four simple steps, an MDM system can help save time for your IT and help desk staff, while empowering employees to take charge of their own devices.