SBN

Mobile Device Management Wish List. Secure those iPhones and Androids

Mobile Device Management(MDM) is a hot topic in businesses the world over right now. As is no surprise, the proliferation of iPhone, Android, iPad and other smart mobile devices are driving the need for solutions that can secure these devices. Several start-ups, as well as a few established players, are trying to capture this new security market. All sorts of ideas and solutions are being given a go. However, I have yet to find one that really hits the mark yet.

Here are some of the MDM features that I see and hear both customers and consumers want for their devices. I mention the consumer aspect because with the rapid consumerization of IT we need our solutions to play nice with non-corporate owned assets. Gone are the days when we just issue everyone a company blackberry that is fully managed and controlled by corporate.

Alas, I digress. So here is my list of most wanted/needed MDM features. These features should bring us a step closer to properly securing and managing our iPhones, Androids and iPad devices flooding onto corporate networks.

– Corporate controlled partition on the device. This could be done through a hypervisor on the device, disolvable per application virtual machines, a secure vault technology, separate memory space, etc. The goal is to provide a consumer partition and a corporate partition on a device. The corporate partition must be separately managed, wiped, controlled and secured from the consumer partition.

– Centrally control what applications can be installed on the device
– Centrally control and deploy wireless, active sync, mail, calendar and vpn connection profiles. This must include certificate and token authentication support.
– Centrally control all security features on the device (screen lock, passcode, etc.)
– Ability to remotely wipe and track a device that is lost or stolen
– Whole disk or file based device encryption
– Centrally deploy, remove, update and install applications and apply OS patches onto the device
– Ability to send pop-up messages or txts to devices easily
– Ability to remote desktop into the mobile device to ease helpdesk support of end users
– Ability to periodically scan device for known malware.
– Ability to control the transfer of controlled data or documents. This includes screen capture features, email forwarding, syncing with laptops, etc. Data should be categorized at the folder or application level; file level is not required but a bonus.
– Ability to control and lock down network related device settings so the end user cannot override changes.
– Ability to quickly and easily provision the mobile device to use the MDM solution
– Robust central reporting, inventory and logging
– Scalable to thousands of devices, support for major mobile OSes

Claroty

What other things do you want that I missed? Did I list some things you think shouldn’t be listed? Have you found a MDM vendor that has a great solution already? Comments away!

To read this article in full, please click here

*** This is a Security Bloggers Network syndicated blog from Network World Cisco Security Expert authored by [email protected]. Read the original post at: https://www.networkworld.com/article/2228390/mobile-device-management-wish-list---secure-those-iphones-and-androids.html#tk.rss_ciscosecurityexpert