Be Prepared for BYOD with Mobile-Device Management Software

Mobile-device management software allows IT to control employee-owned gadgets.

From Alaska to Delaware to Florida, a growing number of state and local governments allow workers to use personal smartphones, tablets and notebooks to do their jobs. To protect against security breaches caused by lost or stolen devices, these governments are adopting mobile-device management software for administering employee-owned systems.

IT managers can choose from several dozen MDM packages, including Juniper Networks’ Junos Pulse Mobile Security Suite, McAfee Enterprise Mobility Management, Sybase’s Afaria and Symantec Mobile Management. Not only are these packages useful for controlling agency-issued phones, but they also help IT staff extend security policies (including encryption, antivirus, password protection and authentication) to employee-owned mobile devices such as Android smartphones, Apple iPhones and Research In Motion’s BlackBerry devices.

“We’re seeing a shift from state- and local-owned devices being used for specific tasks to workers bringing in their own iPhones or Androids and wanting personal and work e-mail,” says Mark Jordan, Afaria product manager at Sybase. “They don’t want to carry two devices.”

Wipe It Clean

MDM software allows state and local governments to secure devices and wipe lost or stolen systems. Increasingly, these packages have fine-grained controls to allow IT managers to delete only work-related data from a personal mobile device when a worker leaves the government’s employ. Another benefit of MDM software is how easy it is to provision new devices and distribute applications or software updates.

State and local agencies are embracing the use of personal mobile devices as a means of boosting efficiency while reducing expenditures. California, for example, has shut off nearly 30,000 state-owned cell phones since January, a move that is expected to save $13 million per year.

Agencies are more open to the idea of supporting employee-owned devices “because of the fiscal climate,” says Charles Robb, a senior policy analyst with NASCIO. “They’re under significant pressure to reduce costs. Not everybody can go as far as California, but everybody is looking at this.”

With MDM software, agencies have central visibility and control over employee-owned devices without being too intrusive into how employees work. When choosing MDM products, IT organizations are focusing on the types of devices and operating systems they need to support as well as necessary security controls.

Clackamas County, Ore., is using MDM software to manage 300 BlackBerry devices, iPhones and Android smartphones, a mix of county-owned and employee-owned devices.

“The most useful feature of the software is how easy it is to configure a phone, to bring a phone into the enterprise, because we can push over-the-air configuration files to the phone,’’ explains Julio Cabrera, senior IT manager with Clackamas County.

Work vs. Home

Another key feature of MDM software is that it supports segregation of personal and work-related e-mail and contacts on employee-owned smartphones. “If a person leaves, and it’s a personal device, we’re able to pull off the work-related e-mail and not have to wipe the phone,’’ Cabrera says.

Until now, Clackamas County has used its MDM software primarily as a management and security tool. But going forward, Cabrera sees the opportunity to tap the software for mobile-application development. For example, the county would like to transition its animal control department from ruggedized notebooks to smartphones, and it can use MDM software to deploy the new application.

“We could handle their work in a simple mobile application,” Cabrera says. “We could build an iPhone-specific application, or a web-based application that can handle the device recognition, and present the front end of the data to any device.” 

Sep 28 2011