Mobile Device Management

Inside Track: Mobility mash-up a must for some

Longform
Image: Stockfresh

24 July 2015

On a more basic note, for companies still querying the right operating system or device for their company’s employees, O’Connor said currently the main operating systems deployed are iOS and Android, followed by Windows Phone and Blackberry. “MDM must be able to manage a multitude of devices and operating systems from the same interface.”

Harrison said Apple’s iOS is “still very much dominating the enterprise mobile device space.” Though he was quick to note that Windows Phone has made “in-roads in certain sectors,” often due to familiarity with the Microsoft suite or reduced CapEx budgets, he added, with Android growing in popularity as well.

Philip Harrison, Technical Director, CWSI

On the agenda for many companies, added Harrison, are enterprise browsing solutions to provide access to internal web portals and mobile data gateway solutions to provide PC-like proxy-based browsing and data control, Philip Harrison, CWSI

Gale of Dell Ireland agreed with much of Harrison’s sentiments, saying “Windows machines [and] devices remain the preferred in IT departments due to manageability and familiarity, but on the mobile OS front, iOS remains the most popular, followed by Android and a significant upturn in Windows mobile devices.”

Blackphone
She continued, “Very often, one of these three mainstream mobile OS will be deployed to ensure compatibility with the applications and mobile security mechanisms such as MDM that are out there. Securing a niche third party with an encrypted client is not so easy to commit to, whereas there are mainstream security measures for Windows Mobile, iOS and Android.”

While the experts in the field were asked about the much-publicised, privacy-focused Blackphone from Silent Circle, as yet the concept — which has been a hit on many conference floors — has not really impacted the Irish marked. O’Connor noted, “Technologies like Blackphone and Privacy Phone have not penetrated the corporate network to any great extent as yet.

“Currently the Privacy Phone is only useful in the US, but the Blackphone could be a runner here. However, I do think it will be a while yet before it builds up sufficient trust to take hold, especially in the light of the recent discovery of a bug that rendered many of its security features useless. These security features are its main raison d’etre.”

Powerful tools
For companies still operating on the edges of mobility solutions, a number of the experts to whom TechPro spoke broke down the essentials for an enterprise level mobile management option worth investing in. Trilogy’s Cusack said a range of “powerful tools” should be included — including MDM, mobile application management (MAM), secure file-sharing and mobile data loss prevention (DLP) solutions. “It must include secure, remote mobile access with robust enterprise identity management, authentication and authorisation, and granular application and data access controls,” she added.

O’Connor meanwhile said that control over applications deployed is a vital aspect of mobile device management. This is particularly important when the devices are owned by the enterprise, she added. “Organisations seek to control what applications are deployed so that only trusted applications are used. When the device is owned by the employee, it’s important to be able to control applications depending on where the device actually is.”

Ward Solutions’ Hogan meanwhile said “there are lots of products and solutions available, and often different vendors use a slightly different approach.” Some, he said, are deployed and integrated on premise, others are delivered from the cloud.

Hogan added, “When comparing solutions its key to understand what your specific requirements are. Is it mobile device management — i.e. polices and configuration — and if so what devices need to be supported? Are secure data and filesync the main drivers? Or are you mainly concerned with a secure email client or secure web browser?”

Karen O'Connor, Datapac

Technologies like Blackphone and Privacy Phone have not penetrated the corporate network to any great extent as yet. Currently the Privacy Phone is only useful in the US, but the Blackphone could be a runner here. However, I do think it will be a while yet before it builds up sufficient trust to take hold, especially in the light of the recent discovery of a bug that rendered many of its security features useless, Karen O’Connor, Datapac

De-facto standard
CWSI’s Harrison made the point that the authentication, authorisation and “joiners, movers, leavers processes are among the most important for larger enterprises from a security perspective, so any mobility management solution must integrate closely with existing directory services, such as Active Directory, Azure, Domino et cetera.” Certificate-based authentication is becoming the “de-facto standard” for enterprise multi-factor authentication or secure single-factor, he added. “Integration with internal or managed public key infrastructure (PKI) services is therefore becoming critical to any IT system. Tying in to enterprise network access control (NAC) and security information and event management SIEM systems is also becoming common.”

Dell’s Gale said too that much consideration must be given to the location of data being accessed and the use case of the employee to access certain applications. “Some clients may wish to force all traffic, including Internet, back to a data centre and scan via a firewall,” she told TechPro. “Others are happy to run split VPNs, or simply allow a user to access the internet from their work machine, but access corporate data via secure L3 tunnels, each solution has its merits so the solution should have consultancy embedded to make sure it is fit for what he customer needs to achieve.”

Complete stack
Elsewhere, McGloin added that “in the distributed world of mobile devices and mobile apps, security requires a multi-faceted approach.” Touching on the points made by O’Connor and Cusack, the Red Hat man also commented that businesses “have to consider the complete technology stack from infrastructure to user and device and everything in between. You may have an app deployed that has plenty of security features built in, but if server-side code is deployed in an insecure environment, this will increase the risk.”

McGloin continued, “An enterprise-grade technology and software stack is not to be underestimated in terms of the inherent security that spans the architecture and components underlying an organisation’s mobile app projects.” An appropriate deployment model is key too, as is encryption from device to backend systems and implementing user access, authentication and authorisation to “ensure that data only gets into the right hands is critical in enterprise mobile app development.”

Read More:


Back to Top ↑

TechCentral.ie