Mobile management policies are a necessity in businesses now. All of our employees use mobile devices to access files and data. Most organizations allow remote access of some type.
Simple policies are not enough; we have helped organizations with basic or no policies. The end result is chaotic to say the least; IT administrators do not know whether devices are up to date, who has access, or even how many mobile devices are accessing the network.
Achieving better mobile policies is not difficult. We are constantly fine tuning our policies and implementations; every organization must do the same as devices and threats evolve.
Create Effective Policies
The first, and most important thing, is to create effective polices that are clear and effective. For example, we’ve read quite a few that simply state “keep your device updated.” That is a fine starting point, but what does it mean? Does the organization want the OS updated, antivirus, apps, or some combination thereof? How often should employees install or check for updates? Should users wait on major updates ensuring compatibility with the business’s apps?
We recommend creating effective policies and review all current polies, consider expanding to ensure clarity and effectiveness. Unless users fully understand policies, they won’t follow it. For example, a business should state that if a device isn’t running certain system versions or higher, the devices ill not access any business files or apps.
The next step is to educate employees.72% of respondents in a Tenable survey stated that their organization allowed BYOD to all employees; concurrently, 39% stated that those same devices downloaded malware at some point. While this is bad enough, 21% stated a security breach occurred resulting from malware.
We train every single end-user on mobile management policy even though our team is filled with IT experts. We go through regular cybersecurity training to recognize newer types of threats, including more sophisticated phishing scams.
It is vital to fully train users on how to avoid security threats, so they do not become a threat to a organization’s network and data.
Important elements of effective mobile management policies include up to date apps, operating systems, and security solutions such as antivirus and firewall. However, even we do not trust that all of our users stay on top of updates. This is why updating is an essential part of policy. Organizations should provide guidelines on what should be updated and when then send out notifications to remind all users.
We know this can be tricky, especially when users provide their own devices. Organizations usually have a mixture of Android, Windows, and iOS devices. Plus, mobile devices come from different manufacturers and carriers, which changes when OS and system security updates are released. However, organizations should push certain updates if employees agree, such as antivirus and app updates, especially with business apps.
Manage From A Single Endpoint
70% of people worldwide work remotely; we acknowledge it is a major headache just trying to keep track of everything. This is why we use Microsoft Intune to manage the wide variety of devices from a single solution. It is daunting to manage mobile devices or numerous dashboards; Intune aggregates device management while reducing toolsets required for mobile device management. We’ve seen the full spectrum of the various methods organizations manage its mobile devices, it’s not pretty.
Most commonly, we see spreadsheets, individual solutions for different platforms, or no real management beyond simple inventory lists. Microsoft Intune provides a single endpoint management solution for iOS, macOS, Android, and Windows devices. This allows IT admins to automate deployment of security and policies, deliver apps, push updates, and much more.
Intune is a concise method for managing a complex issue. The part we particularly enjoy, besides the single endpoint, is the cloud insights. These valuable insights assist organizations in creating better baselines for security and configuration settings. An Additional benefit is being able to let users configure new devices quickly. A self-service option allows users to choose between different devices and apps to accelerate their provisioning.
Secure the Data, Not Just Devices
As a final recommendation, it is beneficial for organizations to secure data in addition to its devices. Users mainly use a single mobile device for remote access; it is possible that they may need to use another device temporarily. This happens due to a battery dying or simply forgetting their device.
Microsoft Intune allows organizations to the access data from remote devices. By offering granular control for Office 365 files, from all types of user devices. The data itself is protected; users only have access to specific files at any given point.