Must-have mobile management tools, policies

IT admins who have to cope with consumer devices spilling into enterprise space should use tools such as virtual desktop infrastructure and data encryption policies to better safeguard data access, market players suggest.
Written by Kevin Kwang, Contributor on

Technology is playing an increasingly important role in people's personal lives which, in turn, is impacting their expectations and use of IT in their work lives. As consumer devices spill over into enterprise arenas, IT departments will have to rethink their management tools and policies in order to keep corporate data safe.

According to Jason Lim, general manager at Windows Business Group lead at Microsoft Asia-Pacific, people are using more affordable, powerful laptops and mobile devices, interacting with each other in new ways on social networking sites and expect always-on connectivity. These mobility trends mean people have more choice, options and flexibility in the technology they use each day and this is spilling over into their professional lives.

"People want to be able to choose what technology they use at work, and they increasingly want to use that same technology in all aspects of their lives, not just at work," Lim said in an e-mail interview.

He went on to cite a Unisys-sponsored IDC research which revealed that 95 percent of information-workers used at least one self-purchased device at work and an average of four consumer devices and multiple third-party apps, such as social networking sites, in the course of their day.

However, Richard Absalom, analyst of consumer IT at Ovum, pointed out many IT administrators still were not doing much to manage the proliferation of consumer devices in the enterprise space.

Sticking to the same policies that do not allow employee-owned devices in the office is not a "secure option" because employees are always likely to find ways around the system, Absalom stated.

"Unsecured access to e-mail alone opens up a large amount of corporate data to the mobile device, and presents an obvious risk to the company in terms of potential data loss or leakage. Further use of corporate applications on unsecured devices adds to the threat," the analyst cautioned.

Crafting enterprise mobility policies
Absalom noted that savvier CIOs are developing enterprise mobility policies that take the influx of consumer devices into account and creating basic security steps. Employees are then required to sign up to the policy, which will normally involve a certain level of corporate monitoring and control over their personal device, before they can bring their device to work, he explained.

"This is the best way to keep corporate data secure while also improving employee engagement and productivity," he said.

One example of this is seen at Verizon Business. John Hines, the company's area vice president of sales for South Asia, said Verizon employees are provisioned with smartphones, laptops and tablets that give them access to e-mail 24 by 7. Network access is also governed by a "comprehensive" IT policy that allows users to securely access corporate networks and applications, regardless of location, Hines added in his e-mail.

The company also uses its own technologies to manage its device portfolio, enable simple network access, push software upgrades, among others, he said.

"Almost every CIO is concerned about the proliferation of devices in the workplace. Our mobility solutions help connects employees to corporate networks immediately and reliably, which helps drive productivity, flexibility and operational efficiency," Hines stated.

As for key security capabilities every IT department should have, Absalom identified password policy enforcement, data encryption and remote wipe as "most important".

The Ovum analyst explained that enforcing password policies provide the first, basic layer of security on a device should it get into the "wrong hands", while data encryption helps protect data stored on the device from being compromised by external threats posed by hackers looking to intercept communications.

Remote wipe--either full or selective--of lost or stolen devices will also ensure sensitive data can be removed, he added.

Microsoft's Lim pointed to the company's Windows Optimized Desktop tool that he said enables enterprise to "embrace consumerization" within the workplace. It provides tools for IT departments to support their company's business processes securely and protect corporate data.

As for non-Windows laptops and tablets such as Apple's Mac and iPad devices, he said a virtual desktop infrastructure-based, which is part of the Windows Optimized Desktop offering, allows users to access secure access to a server-hosted, Windows-based desktop.

Editorial standards