Jul 05 2016

Organizations Need to Balance Value and Security When Adopting New Mobile Devices

As new products hit the market, enterprises must decide whether to introduce the device or wait.

Consumers flock to the newest mobile devices the very day they hit the stores, lured in with better graphics and better screens or, in the case of the Samsung Gear VR, the ability to become a virtual reality headset.

While users want these devices, that does not mean enterprises should welcome them with open arms.

Early next year, enterprise administrators will face that same pressure. Samsung will release the Galaxy S8 to tempt a whole new legion of fans.

Unfortunately, enterprises don’t have the luxury of constantly equipping their workforce with the latest and greatest new products. Doing so is not only financially irresponsible, but presents a security risk if the new technology lacks robust security like multi-factor authentication.

That doesn’t mean new devices cannot be of value. The question is simply when to incorporate them into the enterprise.

Determine How Mobile Devices Bring Value

The lines between mobile technology in the consumer and enterprise markets continue to blur. For some organizations with a liberal bring-your-own-device program, users already bring new devices inside the gates.

In more closed-off environments, users surely pressure administrators to allow their favorite personal device for work, especially when new products appear in stores.

Mobile phones, like everything else within a well-run enterprise, need to contribute to the bottom line to justify their existence. Their value comes from saving employees time, replacing an expensive manual process or simply moving an organization closer to its goals.

As the first step in choosing a mobility platform, enterprise leaders should perform an internal audit of the company’s current business process. That includes users at all levels of the organization in every division. This will reveal areas where users need more mobile solutions, and areas where mobile provides little value.

For example, enterprises still exist where users drive to meet clients, collect information on paper at the beginning of the week, and input that data into computers back at the office.

In between, those papers — some with sensitive information — sat inside the trunks and backseats of personal vehicles. In that case, a secure tablet could be used to collect the information and reduce the workloads of the user.

Not every process audit will unearth such an obvious case for mobility, but almost any large enterprise will find some areas in which the technology will improve productivity.

Testing Devices and Software is Crucial 

Once enterprises identify areas that can benefit from mobility, IT leaders must locate any needed applications and the platforms that support them. The LG G5 could end up perfect for an organization, but starting with the device tackles the problem from the wrong end.

During the process audit, enterprises can learn, at least in theory, what applications will help efficiency. With suites of programs and applications that can help with almost any problem, organizations must first research these devices to determine how they fit with existing operations.

This research may require purchasing a single device with different operating systems. Organizations should test all major platforms, along with trial versions of the desired applications. Doing this might reveal, for example, that a device can support every application that users need, but can’t reliably sync with backend systems.

Security is Everything

In World War II, the medical staff aboard large Navy ships braced themselves whenever the boat docked at an exotic port. The staff feared that sailors on leave would return with strange diseases from their time on dry land.

That situation is similar to mobile use today. Administrators worry that when mobile devices go out into the world they will return with strange computer viruses that could threaten the enterprise.

Along those lines, it is best to look at mobile devices as portable workstations out of direct control most of the time.

At a minimum, a mobile device should have two-factor authentication, such as biometrics or signature capture, in addition to the standard name and password login.

For enterprises, a Mobile Device Management (MDM) system like the popular Citrix XenMobile can control which programs users can download to devices, and how and when approved apps can be used.

A good MDM system also allows for bricking tablets when the device is lost or stolen. Organizations lose the device, but protect the more valuable data.

In the end, the question of when an enterprise should add or upgrade mobile devices is easy to answer: Whenever doing so adds more value than cost, it’s worthwhile. From there, it is simply a matter of finding the right apps and MDM for the environment.

Darryl Sebro

Learn from Your Peers

What can you glean about security from other IT pros? Check out new CDW research and insight from our experts.