Enterprise Mobility Management Challenges
Britt Womelsdorf, Principal Systems Consultant, Sybase iAnywhere
Having been an active participant in the mobile industry for roughly ten years, I often get asked what I believe is the most difficult challenge to overcome when considering mobile device management.
The question is a simple one, and the answer is simple too - it depends.
Why does it depend? It depends because the context of the question matters, and a single answer doesn’t apply to every situation.
When I receive this question from engineering, it’s usually with the purpose of determine which feature to add or not add in the next version of the product.
When it’s from sales, the objective is to find a compelling argument to further an opportunity in the sales cycle.
And when it’s from customers, it’s usually about creating policies or best practices to avoid pitfalls that they may encounter.
With that in mind, I have my thoughts.
Poor Prioritization: While this one is changing, some enterprises still seem to wait until after the first application has been created and delivered to even start looking for a way to deploy and protect it.
Trust me, the earlier you think about the topics of management and security, the better.
Taking a Tactical Approach (aka the “All I’ll ever need to do is ‘X’” Syndrome): So many times I hear from customers who think that they only need to perform a very limited number of functions with their management tool, or that maybe they don’t even need one.
I strongly encourage customers to think strategically, think about all the possibilities and lastly, think about the next application that they plan on writing (there will be another if this one is successful).
What requirements will it have? Do you even know what device it’ll run on?
Sometimes this boils down to a matter of dollars and cents. It’s important to not look at managing and securing devices as a cost item.
Sure, software costs money, but in the end it’s the total cost of the solution that matters. NOT having a management solution in place will cause support and maintenance costs to skyrocket.
If you need help creating an ROI for management and security, I strongly suggest you use the Afaria ROI Tool. You can find it by navigating here, then clicking on the “Getting Started” page. It’s the first link.
Balancing management, security and user acceptance: This is a really tough one, particularly from a security perspective. A perfectly secure system I guarantee you will be used by no one.
Solving this problem takes time and involves the study of the human/machine interface as well as gaining a better understanding of process flow and operations.
Fine tuning here is almost always necessary.
As you can see, many of the most formidable challenges I perceive with mobile device management and security are more about mindset than technology.
That just reflects reality, right?
Oftentimes understanding what problem you’re trying to solve is harder than actually solving it.
In 10 years I’ve pretty much seen the entire spectrum. I’ve been asked to participate in early design and I’ve also arrived onsite only to find out that the first business application has already been rolled out to 1000 users.
Oh and by the way it needs upgrading and they’re having battery life issues.
This is one of the main reasons that I really enjoy working with Afaria - no matter what the situation, where we are in the project timeline, and regardless of the device, network topology, business, operational or security requirements,
I KNOW that when I sit in front of that administrative console, I can make my customers’ lives easier.
That’s enough from me - what do you think?
Britt Womelsdorf works for Sybase as a systems consultant. Britt enjoys a focus on wireless and mobile solutions for the enterprise customer, and is an expert on device management and security. Britt spends most on his time with Afaria customers and enjoys sharing tips and tricks, little known features in Afaria, and creative uses of the product.
Learn More about Sybase Products
Sybase iAnywhere, a subsidiary of Sybase, Inc. (NYSE:SY), enables success at the front lines of business. The company holds worldwide market leadership positions in mobile and embedded databases, mobile management and security, mobile email, mobile middleware and synchronization, and Bluetooth® and infrared protocol technologies. Sybase iAnywhere plays an important role in the Sybase Unwired Enterprise strategy, which focuses on managing and mobilizing information from the data center to the point of action. Tens of millions of mobile devices and over 20,000 customers and partners rely on the company’s “Always Available” technologies, including Sybase Unwired Platform, SQL Anywhere, Afaria and iAnywhere Mobile Office.
* * *
Stay Informed With ISR News Feeds and Email Alerts Here:
The Publisher gives permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author and to Information-Security-Resources.com
Filed under: Breach, Britt Womelsdorf, D&O Liability, FEATURE ARTICLE, Financial, ISR News, Insider Threat, Sarbanes-Oxley, Sybase, Uncategorized, due diligence, hackers, identity-theft, malware, privacy
Comments
One Comment on Enterprise Mobility Management Challenges
-
Skip Taylor on
Mon, 13th Jul 2009 11:44 am
Like many people today, I am away from my office on a regular basis, often visiting with customers and industry analysts. Though travel is by no means a glamorous event these days, it does create the opportunity to discuss the “issues of the day” with senior IT and security management from companies around the world.
During these discussions, it’s not uncommon for me to hear comments like, “We’ve got mobile device security and management covered” or, another favorite, “We’re going to wait until something happens first…”
With increasing cybercrime and motivated hackers looking for any possibility to obtain user credentials, credit card numbers, and even intellectual property, I can’t understand this apathetic position. Events of large companies falling prey to data theft, often having dramatic impact on the company’s health, are very well documented. Apathy is not a tactic or strategy for organizations to stay protected and out of the press.
Now, IT does have tools to help monitor and change devices they can touch but, if the user is not coming to the LAN, these tools are ineffective in providing the awareness and control over these mobile devices. They do a great job on LAN based devices but have no visibility, and lack reach to the mobile devices in this scenario. You can’t solve problems that you don’t know exist.
The fact is, most companies recognize the importance of securing their data but they really don’t know how it’s being used or whether data leakage has occurred. A lost device can have a very negative impact on a company’s reputation.
Think about taking THE CALL from executive management when they find out a device was lost or stolen. How long will it take to verify the conditions of that device, in terms of data value or whether it was encrypted? You may think “you have it covered” but how can you prove it to an auditor? This can be a very messy situation.
Companies need to look for solutions that provide visibility and control over device and data whereabouts while the device is off that LAN and most vulnerable. Having the awareness that an event has occurred and the ability to implement a change to prevent if from re-occurring, is critical to successful mobile device protection.
These types of solutions will help you protect your company’s most important asset; proprietary data, while also providing timely visibility when your IT management gets … THE CALL.
Tell me what you're thinking...
and oh, if you want a pic to show with your comment, go get a gravatar!
