Everything you need to begin drafting a Mobile Device Management policy

Everything you need to begin drafting a Mobile Device Management policy

Thanks to the increasing presence of mobile devices in the workplace, employees are no longer glued to their desks. In fact, a 2015 report by the International Data Corporation forecasted that mobile workers will account for almost three-quarters of the U.S. workforce by 2020.

This trend brings a host of benefits to businesses, such as improved communication and collaboration and greater employee productivity. Unfortunately, however, there are also security risks and compliance restraints to think about.

Instead of throwing the baby out with the bathwater, small- and medium-sized businesses should work on creating thorough and exhaustive mobile device management (MDM) policies.

Allowing Devices and Applications
Mobile devices, including the operating systems and apps they run, change all the time, making it challenging for businesses to stay on top of security and upgrade routines. As such, defining which devices and applications can access business data should be the foundation of any MDM policy.

To reduce costs, many companies implement a bring-your-own-device (BYOD) policy, whereby employees are allowed to use personal devices for accessing and altering business data.

If this is the route you want to take, you’re going to need to set strict policies and limitations. At a minimum, make sure to establish the following rules:

  • No “rooted” or “jailbroken” devices allowed. These devices have stripped the manufacturers tried and tested operating system to be replaced with one that allows unverified apps.
  • Company data should never be stored locally on a device.
  • Every device should have a lock-screen password or PIN code.
  • Devices and applications must receive regularly scheduled updates.
  • All company data must be encrypted.
  • Users must change their login information regularly.

That may seem like an extreme list, but according to Gartner, three-quarters of mobile applications fail to pass basic security tests.

Protecting your data in the cloud
How you manage access to your business’s data is also of the utmost importance. By creating a cloud-based operating environment, organizational communications can be protected by state-of-the-art encryption protocols. In other words, everything gets locked up, and users are forced to prove who they are every time they access and manage any company data.

But even cloud storage needs a little fine tuning. For example, most platforms provide options for offline data access, but this is not a recommended feature. It may seem like a great way to keep employees productive and secure when they don’t have an internet connection, but it could result in a data breach if an employee’s mobile device is stolen.

Another advantage of cloud-based work environments is that they operate independently of the device or software used to access it. Everything works in a web browser and, for the most part, you only need to worry about securing the network rather than the individual devices accessing it.

Despite all this, mobile devices must always be running up-to-date software and have anti-malware applications. Encrypting data, particularly when it’s sent across unfamiliar wireless connections, is extremely important given how easily wireless communications can be intercepted.

Employee training
Including mobile device policies and best practices in your employee onboarding will ensure that no one can access your data without receiving training first. And in a perfect world, you’ll also hold annual updates and refresher courses to stay ahead of cyberattack trends.

Dyrand Systems is the perfect solution to employee training and mobile device auditing. If you’ve partnered with us for managed IT services, we already know your needs and concerns and half the battle is already won. By combining industry-leading advice and advanced mobile device management software, we can provide the best security, compliance, and productivity policies in the Vancouver area.

At the end of the day, mobile device management isn’t different from your other cybersecurity solutions. It’s a constantly evolving field that encompasses new technologies and threats almost every day. And with Dyrand Systems, you’ll never have to worry about it again. Give us a call today.