Good enterprise mobile device security is about more than just securing individual pieces of equipment. Mobile devices connect to critical network resources and drive a large portion of how the global workforce operates. That means device security protects not only the equipment itself, but it also protects your company’s revenue and overall strategy.
Enterprises that rely on extensive inventories of mobile devices will benefit from adopting a longer-term view of equipment management that aligns with their business strategies’ time frames. Here are 10 things you do and don’t want to do when managing mobile devices that will improve your company’s long-term performance.
1. Do start by inventorying everything.
Before you start tagging and tracking equipment, you first need to develop a good understanding of everything you’re working with. If you don’t have a complete mobile device inventory that has been updated within the last quarter, start by conducting a thorough, top-to-bottom audit of all mobile devices in use in your organization.
You don’t need to track every last Bluetooth headset or calculator, though. The rule of thumb is that if losing the device would meaningfully hurt your organization’s performance until you replace it, it should be inventoried and secured.
A good inventory records more than just device names. It records everything a company needs to know to manage a device. That can include:
- Designated contact owner or department
- Model and serial numbers
- Warranty information
- Purchase date
- Lifecycle end date
- Maintenance history
2. Don’t neglect BYOD equipment in your security program.
BYOD stands for bring your own device. Many organizations will tolerate personally owned mobile devices on their network to some degree. But some rely on them almost exclusively as a cost-saving measure.
No matter how your organization chooses to approach BYOD equipment, make sure to adapt your security program to accommodate devices in the workplace that your organization doesn’t own. You will need to do this through a combination of physical security measures and usage policies.
For example, you could craft a policy that prohibits BYOD devices from entering sensitive locations, such as R&D departments, to prevent leaks of new test products or trade secrets. Any user entering the facility could be required to deposit their devices in a secure storage system.
3. Do coordinate mobile device security with IT.
Mobile devices require both physical and network security. To properly manage them, you must craft a program that straddles both traditional and IT security teams’ domains.
IT security experts recommend securing connections between mobile devices and enterprise network resources. In the workplace, corporate and BYOD devices should connect via an encrypted wireless network.
Devices outside the workplace should also use secure connections. Virtual private network (VPN) tunnels can secure all communication from a mobile device over the internet to corporate resources when you have a higher security need.
4. Don’t neglect device authentication.
If either a petty criminal or a determined hacker gets their hands on one of your enterprise mobile devices, you need to ensure they can’t access stored data. You need to set strong authentication requirements on your mobile devices. Using a combination of authentication policies and IT tools is usually the most reliable way to do that.
Almost without question, every enterprise should enforce password or PIN complexity requirements on their mobile devices. No matter how often you remind staff to use strong passwords, if you don’t implement that as a requirement, someone will invariably just use “password” or “1234.”
Companies running higher-security facilities will want to consider additional authentication measures beyond passwords or PINs. Instead of replacing those methods with even more complex tools, which can inhibit usability, consider taking a “defense in depth” approach. In enterprise mobile device security, that usually takes the form of multifactor authentication (MFA).
MFA pairs a required password or PIN with one or more other forms of authentication. If you’ve ever entered your password into a website that then prompts you to enter a texted or emailed code, that is multifactor authentication.
In addition to email codes, biometric authentication or presenting a physical security token are common high-security MFA methods. Both of those methods are commonly available in the latest generations of enterprise-ready mobile equipment.
5. Do track how your mobile devices are used.
Automated asset tracking gives you a better understanding of how your devices are used. Many businesses first attempt tracking by requiring users to log device sign-outs and usage manually, but that practice doesn’t scale well. Someone will eventually have to analyze those text logs to extract any meaningful information.
Manual tracking is also prone to human error and leaves staff accountable for remembering every pertinent detail of their use. These are problems many organizations quickly discover when they first go through digital transformations of their processes.
Consider using an automated asset tracking system that can log every detail that matters to you about how stored mobile devices are used. That can include exact transaction times, the requester’s authenticated identity, late device returns, and reported technical problems.
6. Don’t disrupt your existing workflows.
Training in new security practices is unavoidable. But any new policies or technology you deploy will be most effective if they complement how your workers already run your business. Integrate any enterprise mobile device security system you deploy into the way your organization already works.
Craft policies that make sense for each different department. Look to purchase new management technology that you can customize for your needs and facility footprint. Be very wary of supposed one-size-fits-all security solutions. Those usually fit no one.
7. Do select a management system with intuitive software.
Asset management systems can be very worthwhile investments. They can automate the most time-consuming tasks that come with securing and tracking mobile devices. But be aware that these systems’ functionality depends as much on the quality of their software as their hardware.
In addition to considering how new policies and technology integrate with your workforce day-to-day, consider how the administrative software driving that technology will be used by your managers. For example, if you’re managing an inventory of rugged laptops used by field technicians, will you be able to track and modify distribution without holding up service calls?
The software should also be able to provide valuable insights into how your mobile devices are used. You might discover that your first shift posts 80 percent of all lost devices in a loss prevention report. Or you might see that the second shift is overutilizing one particular handheld scanner model, which could indicate you need to stock more.
8. Don’t forget to integrate with your other security systems.
Mobile device management systems use access control terminals to authenticate users when they sign devices in or out. If you already use electronic access control, look for a device management system that can integrate with it.
Integrating management systems streamlines administration and reduces overall maintenance. IT only has to manage a single user database. You’ll also get better, unified insights on how people and devices move through your facility, which can help you optimize operations in which those devices are used.
9. Do review performance.
Like any complex process, you should monitor and adjust your mobile device security program based on the feedback you collect. That feedback can come from users and intelligence gathered by any management technology you’re using.
Useful, actionable intelligence can help you adapt your processes to better align with overall business goals. Good intelligence is also helpful in staying ahead of regulatory compliance issues.
10. Don’t stop tracking when users turn in devices.
You can monitor devices at rest in a storage system using what is called content surveillance. This is a set of sensors and connections designed to automatically gather information about the identity and condition of assets placed in the storage system.
For example, wireless RFID tags attached to components in a hard kit can identify whether each component is present when the kit is turned in. Scales inside storage compartments can verify the weight of consumable materials to determine whether any have been used. Wired USB connections can confirm the ID number of an attached laptop, tablet, or smartphone.
Content surveillance adds extra accountability into what is otherwise an automated, unattended process. Wired connections can also charge mobile devices, so they’re always ready for their next use.
Enterprise mobile device security is the foundation for your business’s future.
Mobile devices are powerful business tools. But they are only as effective as the processes you put in place to secure and manage them. Establishing good security practices today will lay the foundation for your business’s future success.
Want to learn more about mobile device security? Check out our e-book, Increasing Efficiency and Decreasing Costs with Mobile Device Management: A Step-by-Step Guide.
About the Author
Jay Palter, VP of Marketing