Mobile device policies need to be liberal but firm: Gartner

Analyst recommends mobility policies that are not too loose, nor too strict

Companies that put in dedicated policies for trusted work systems are now faced with a deluge of mobile devices in the workplace, particularly consumer level products.

What Gartner VP and distinguished analyst, John Girard, suggests they do is adapt to this environment and quickly, starting with the basic configuration and security policies they feel the need to preserve.

Girard gave tips on how to develop and implementing a robust mobile device policy during the recent Gartner Security & Risk Management Summit in Sydney.

One of the several mobile device management (MDM) reality checks that Girard shared with the audience covered the pitfalls of the mandatory device reset.

“There was a case of a toddler who reset C-level daddy’s tablet that was left in the living room,” he said.

“Of course, daddy didn’t back up the data.”

Then there was the less than ideal hospital honour system.

“Doctors accessed patient databases and hospital scheduling systems via unmanaged and unsupervised BYOD practices,” Girard said.

Girard also spoke about how a mobile honour system failed when IT operations at a company enabled Microsoft ActiveSync through the firewall, however there was no credentials process in place.

In additions to setting limits on data exposure, Girard recommends that IT administrators also limit access to a certain extent.

“Have email pass through certification control and a basic MDM security policy in place,” he said.

“Having BYOD model restrictions is also necessary.”

Control and encryption also go hand-in-hand with a comprehensive MDM policy.

“A ‘trust nothing’ approach reduces policy headaches,” Girard said,

When it comes to managing multiple device and OS platforms and settings, there are some questions that Girard says need to be addressed.

“What’s your baseline and how thoroughly are your PCs managed?” he asked.

“Do you encrypt mails and work station data?”

In order for mobile device management to be effectively implement, Girard suggests people be prepared for enterprise concessions.

Some of the top policy failures that Girard highlighted included BYOD rules that are too rigid or lax, and policies that do not address use cases and job needs.

“If a company lectures but does not mandate, it’s not going to work,” he said.

“It also doesn’t help if management doesn’t support the policy.”

In order for a mobility strategy to work, Girard suggests that business give users the choice to opt-in to company’s MDM, and use “trust” and their supporting technology as a decision point.

Register now for the ARN Security Forum 2013 on June 4 at the Sydney Mint

More about: Gartner, Microsoft
Comments are now closed.
Related Whitepapers
Latest Stories
Community Comments
ARN Directory | Distributors relevant to this article
ASI Solutions , Bluechip Infotech , Com1 International , Compucon Computers , Dicker Data , Express Data , Express Online , ICT Distribution , Impact Systems Technology , Ingram Micro Australia , Leader Computers , Multimedia Technology , NewLease , Synnex Australia , Topstar Computer International , Wholesale IT , XiT Distribution
rhs_login_lockGet exclusive access to ARN's news, research and invitation only events.
ARN Distributor Directory
Find distributors by name | vendor | location
Channel Deals
/deals/aca-pacific/510_imation-rdx-promotion-free-rdx-usb-30-dock-wit
ACA Pacific

Imation RDX Promotion. Free RDX USB 3.0 Dock with Every 5 Imation RDX Cartridges Purchased.

More details »
ARN Vendor Directory
Find vendors by name | category

iAsset is a channel management ecosystem that automates all major aspects of the entire sales,marketing and service process, including data tracking, integrated learning, knowledge management and product lifecycle management.

Latest Jobs