From security concerns to people management, consumerisation means businesses must develop high standards for information access.
As CIOs ponder the rollout of consumer IT, one question is usually dominant above all others:
“How can I securely manage device use?”
Mobile security is a serious concern for IT leaders, many of whom climbed to the top of the technology department during a sustained period of locked-down enterprise access. Workers were simply presented with a desktop PC and a bunch of standard tools a decade ago.
Ten years later, employees are entering the workplace with their own devices and apps, and they expect to be able to hook into the enterprise network.
Juniper Research reports that the number of employee owned smartphones and tablets used in the business will more than double by 2014 to 350 million devices, compared to almost 150 million in 2012.
Tools and techniques
Researcher IDC says consumerisation can be best seen as a demand from employees to use their own devices on enterprise networks, a movement that flies in the face of accepted and standardised IT best practice. The analyst says CIOs looking to keep control will need to invest in mobile device management (MDM) tools.
Spending on mobile enterprise management software totalled $444.6 million in 2011, according to research from IDC. Investment is expected to grow by 32% annually through 2016 and total spending will reach $1.8 billion by 2016.
CIOs who fail to take strategic action will see users making their own choices regarding consumer IT. The message from analysts and industry experts is clear: technology chiefs must consider consumerisation now.
Yet analyst Forrester reports that more than a quarter (31%) of UK firms have no policies or tools to enforce security around employee-owned smartphones. And researcher B2B International reports just 11% of businesses currently use MDM, the basic building block for a successful approach to secure data access.
With so much choice, and so many potential security fears, where do CIOs start? Where can the embattled IT leader turn for help? As a first port of call, though, you should identify your key business requirements – and Jigsaw24’s specialist consultancy services will help.
Strategy and security
Data protection is likely to be the key to mobile management. Modern businesses have to deal with increasing amounts of information. Your MDM strategy needs to work towards device agnosticism, so workers can hook in their favoured technologies.
CIOs looking to convince the board about the potential of consumer IT must address security concerns. Senior executives might recognise the productivity benefits of allowing workers to use corporate information on the go, but they also understand the risks associated to data loss – and they will not be eager to see such risks played out in a business environment.
Device security at its most basic level must include complex, alphanumeric passwords. Common security features also include automated removal of noncompliant devices, secure document distribution, and remote locking and wiping.
Other modifications can include application restrictions, such as not allowing employees to use cameras. MDM should also cover application management processes for each device, so that the use of software is controlled and monitored.
IT leaders must also strive for simplicity. Look for an MDM approach that allows standardised administration policies, or which allows you to create role-based rules. Companies can use MDM to assign privileges and restrictions that make the device safe for the manipulation of enterprise data.
Apple technology already has baked-in MDM features that will help CIOs cover off the security basics for iOS devices. The Apple mobile platform can be tweaked and customised to suit organisational requirements, meaning employees can work productively and securely within iOS.
Application security is another key in-built element for Apple users. iOS apps can be sandboxed, so information can only be used in one app, and not forwarded for manipulation in another program. Corporate apps placed on an iOS device can be deleted when an employee departs – an approach that leaves a user’s personal apps untouched.
Policy and people
In short, your policy should be configured with the status of the individual employee in mind. Consider whether your proposed approach to MDM, such as purchasing new mobile devices or specialist tools, fits with your existing enterprise architecture and security environment.
Some CIOs will be looking to add additional functionality to the in-built MDM capability of their selected operating system. A range of MDM tools exist to help CIOs provision for safe mobile use. JAMF’s Casper, for example, is purely iOS and OS X-based, while MobileIron covers all mobile devices.
IDC expects investment in MDM technology to help drive moderate growth of 3.1% in the European software industry during 2012. The researcher expects many organisations to use cloud-based systems as a fast and easy way to get MDM under control.
Do not, however, fall into the trap of believing specialist MDM tools are the straightforward answer to all business questions around consumer IT. Technology leaders should be wary of vendor hype. Chris Taylor, CIO at News International, is one IT chief who says the significance of MDM products can be overplayed.
Mobile security management is not necessarily reliant on the implementation of additional layers of technology. Chris says CIOs looking to manage mobile access need to strive for consistent user policies; successful MDM policies are focused on the individual. “The human link is the weakest link in any organisation’s attempts to enforce secure mobile working,” he says.
We are an integration specialist and can work with you to ensure that you are dealing with your data in the best possible way. Get in touch with us on 03332 409 219 or email B2B@Jigsaw24.com.