Mar 24 2016

Mobile Security Challenges Drive Counties and Cities Toward EMM

Local governments have embraced mobility to give field workers more flexibility, but also need to protect users' devices and data.

Mobility is essential to keeping governments running effectively, which makes the selection of device types an important consideration. Government IT leaders often point to the growing popularity of the Microsoft Surface Pro tablet, which offers the flexibility of a tablet combined with the power and familiarity of a full-blown Windows PC.

Mecklenburg County, N.C., for one, has replaced an array of desktops and notebook computers with a large fleet of Surface Pro tablets. County employees use the new tablets in the field for tasks such as inspecting restaurants, visiting social work clients, conducting medical exams, and collecting payments at county parks and recreational facilities.

The city of Clovis, Calif., is exploring several mobile device options, notes Ryan Nelson, a business workflow analyst for the city. “It’s about function first,” he says. “My personal style of managing a fleet of devices is the smaller you can keep your footprint, the better you can manage it.”

Nelson says city staff members sometimes become vocal about their preferences, particularly if city hardware seems outdated. Ultimately, the use should define what’s bought, he says.

“We’re transitioning to consumer-level technology, so we’re using a lot of iPads and similar devices,” Nelson says. “The forward-looking vision is that in the next year to a year-and-a-half, we’ll be merging them, possibly with a Surface Pro-type device with always-connected 4G LTE.”

But there will always be some programs that require something specialized. He points to the Clovis Fire Department, which uses Panasonic Toughbooks.

Beyond the devices, governments also need robust wireless networks to connect those devices. And they also typically require office productivity applications and specialized electronic forms for updating data and filing reports. Nobody wants to (or should) lug binders of triplicates back to the office and enter them manually anymore.

That’s where apps and specialized mobile app development solutions come in. For instance, the city of Evanston, Ill., relies on an app that lets its building inspectors immediately input report data on tablets and then upload it to back-end systems. And the Metropolitan Transit Authority in New York has a program on its Samsung smartphones and tablets that lets officers mark up images of accident scenes for later retrieval.

Such apps can eliminate the errors associated with paper-based processes and improve workflow and data collection processes, which lets organizations justify their investment in these new mobility programs.

Protecting Data on Mobile Devices 

Mobile solutions may ease information collection, but they also raise issues about how to keep data secure. Shaping a mobility strategy is far more involved than simply handing employees smartphones or tablets.

The most effective way to implement mobile security starts with policy, advises Craig J. Mathias, a principal with the Farpoint Group consultancy. He recommends crafting a carefully considered policy rather than just jumping into a procurement for the latest trendy technology. Otherwise, IT managers might create more problems beyond the ones they originally intended to solve.

“Too often, people jump headlong into solutions without having a policy in place. That's ready, fire, aim,” says Mathias. “You have to know what the goals are and create a sensible policy.” Acceptable-use policies must be very specific, especially when bring-your-own-device initiatives and constituent data are involved. For example, the policy should stipulate what set of devices and operating systems employees can use.

Multiple Choices for Mobility Management 

The delicate dance requires putting in enough safeguards that citizen data isn’t at risk and neither are employees’ abilities to obtain the information they need to do their jobs. “Deploying an enterprise mobility management (EMM) solution is essential,” Mathias says. “I always recommend those as a good strategic direction. There’s plenty of software available, and it’s implemented right in the cloud.”

Companies such as AirWatch by VMware, Citrix, FiberLink and MobileIron provide EMM products. In Philadelphia, fieldworkers use Samsung smartphones loaded with Fiberlink MaaS 360 to collect locations of graffiti and blight and verify the work of cleanup crews. Santa Clara County, Calif., deploys AirWatch tools to provide a centralized cloud approach to manage and secure smartphones, tablets and other cellular-enabled devices. And Dallas County, Iowa, securely mobilizes data through Citrix ShareFile Enterprise Edition.

EMM solutions encompass mobile device management (MDM), mobile application management (MAM) and mobile content management (MCM). MDM systems typically provide features such as device procurement and provisioning, password protection, device lock and remote wiping, and application whitelisting. Additional security strengths include policy enforcement and encryption and VPNs. MAM tools focus more on the applications than the devices, with features such as containerization or app wrapping, and app stores to maintain control over users’ app choices. Finally, MCM solutions provide enterprise file sharing and syncing to securely enable collaboration.

While some large government organizations are able to employ a specialized mobile manager to handle day-to-day issues, having a dedicated position may be out of reach for small agencies. Mobile management services that cover everything from procurement to security can offer deep expertise and economies of scale for IT departments that otherwise couldn’t afford these capabilities.

Finally, additional technologies such as user authentication, anti-virus protection, data loss prevention and host intrusion detection can all help further secure mobile data and applications. This is a critical consideration given the personally identifiable information that permeates government databases.

Government performs a vital and unique role in society, and mobility and proper security helps agencies provide the best possible service to constituents.