In this age of multiple, trusted operating systems running a variety of different devices, many users have preferences for specific tools to use. These preferences are usually based on familiarity with an operating system, the applications that are available on the operating system or the capabilities of the device.
The result of this variety of preferences is that many organisations are starting to reduce the costs of hardware by sharing them with their employees. Bring Your Own Device (BYOD), as it has become known, sounds like a straightforward way to reduce costs however there are several considerations to aid a successful implementation of a BYOD policy:
- Consider the impact of users leaving the business
- Consider the impact of devices being shared with family members
- Consider the licencing of software packages that a user requires to carry out their duties
- Consider the requirements for data security regarding access, the ability to download and the ability to print content
In many cases the implementation of policies will provide a framework within which users are contractually required to operate, however policies require policing to ensure that they are adhered to. The level of policing varies quite dramatically based on the industry and type of content.
To address these challenges in implementing policies, many companies offer Mobile Device Management (MDM) solutions. MDM solutions vary in their approach to the challenges and many target specific challenges, operating systems or devices.
Available solutions come in variety of flavours, including cloud hosted and on-premises. When the solutions are hosted on-premises, the architecture is usually based around a proxy server to accept all traffic from external devices, authenticate the device/user and then allow the traffic to pass through into the internal network.
For most of the devices, the solutions will create a partitioned area on the device which will then allow the installation of Apps to that area and the storage of corporate data to that area as well. Access to the partition is only available through the MDM solution. The MDM solution will usually require authentication.
Many solution providers have APIs that allow App developers to integrate the ability for MDM solutions to control App features such as the ability to download or print content.
Comparison
Below is simple comparison of features for some of the bigger MDM solutions currently available:
Mobile Iron | AirWatch | Xen Mobile | Good Technology | Intune & Windows Server 2012 | |
---|---|---|---|---|---|
iOS | Yes | Yes | Yes | Yes | Yes |
Android | Yes | Yes | Yes | Yes | Yes |
Windows | Yes | Yes | Yes | Yes | Yes |
Windows Phone | Yes | Yes | Yes | Yes | |
Blackberry | Yes | ||||
Symbian | Yes | ||||
Selective Wipe | Yes | Yes | Yes | Yes | Yes |
Secure access gateway | Yes | Yes | Yes | Yes | |
Wi-Fi/VPN configuration | Yes | Yes | Yes | Yes | Yes |
Certificate Management | Yes | Yes | Yes | ||
App Management | Yes | Yes | Yes | Yes | Yes |
Extensible | Yes | Yes | Yes | Yes | Yes |
FIPS 140-2 Cryptography | Yes | Yes | Yes | Yes (based on device) |
Summary
In summary, there are a lot of solutions that are available and they all have their strengths and weaknesses. To decide on the most appropriate solution, an assessment of corporate requirements and solution capabilities should be undertaken.