Enterprise Mobility Management is both Technology & Business Solution
An enterprise that has initiated mobilizing its business processes, Mobile Security is the most significant aspect that is highly debated and prioritized. In this post, an experiential narration is shared. Mobile application has significant parameters outside the control of IT support team for administration and management as against the desktop support for example – physical location; network, battery on the device, OS on the device for certified support, device storage and many more. Besides the technical nature of the above parameters, there are addition complexities of business requirements such as – Online & Offline nature of the application, local storage on the device containing sensitive data of the enterprise and associate all this at all time of the day to to be managed wherever the device is with many business activities either allowed or denied to be performed at different locations is a daunting task for an Enterprise to get going. That is the stuff one would manage with EMM platform with ease and confidence assisted by Celstra.
The foremost major decision on enterprise mobility journey inside of the business is the selection of the mobile device itself and a few thoughts on this aspect are shared here. Mobile security is an integrated aspect that combines both business solution and technology perspectives. We will break this into four major components to better understand the subject.
The first component and operational initiative is with Device security. That the EMM an Enterprise deploys has to identify a device with an appropriate attribute for the device – be it IMEI or UDD based on device characteristic is basic need. What one needs is a further combination of the device location at affordable periodic intervals and in some identified contexts of business processes raise an alarm with a Geo-fence. Further, from centralized information management & control centre ability to apply policies of Wipe local storage used by enterprise apps, Reset the device to factory settings etc. In the initial days of implementation, there were a few positive false alarms to learn the application of policies more discretely and intelligently.
The second component is Network management. This covers – Cellular, Wi-Fi, Bluetooth, USB and NFC. The ability to control for access and manage the resulting expenses for usage is an important aspect over the basic requirement of managing the server connection over secure layer. This covers Certificate management, VPN and data compression and encryption tools. The choice was made with 256 bit encryption in communication contexts and Hashing model was used for local storage
The third component of storage administration and management (Mobile Application Store – MAS) was to create a model of sharing and storing in a secure container controlled by EMM client on the device. The apps have to rely on EMM client for their local storage is a dependant factor, but gave control to IT management for data administration and management a tight control. There were practical cases, where the local database of a device was extracted to Server for an application failure causal analysis is the best example of IT support in a silent and effective mode to the business users who are required to be technically aware of seeking support.
Users & Apps Security
The fourth component of Mobile security is around the users and apps on the device. The EMM has support for Mobile Application Management (MAM) for Enterprise Apps, Market place apps deployment and access control on the devices for users. User authentication is on the basis of IAM – Identity and Access Management that is integrated with an Enterprise Active Directory.
The next important milestone in the Enterprise Mobility initiative is the choice of Architecture for the mobile applications and the middle ware platform. This we will cover that in another post.