BACKGROUND IMAGE: iSTOCK/GETTY IMAGES
Before making a new software or service purchase, it is critical that your security team and organization as a whole weighs its options carefully to ensure it is making the best investment. This is especially true when it comes to mobile device management.
Below is a list of 12 final considerations to keep in mind when selecting and purchasing enterprise mobile device management tools and/or services.
Assess coverage: Heterogeneous mobile device management (MDM) products support a broad range of mobile devices. To meet immediate needs, narrow your candidate list to MDM technologies that support devices of strategic importance to your business. New mobile devices will inevitably emerge, so look at each provider's release history to predict future platform agility and time to market.
Document needs: Making the most of any MDM technology requires a thorough understanding of use cases. As part of that understanding, identify users and applications. Map these populations into groups, and develop use cases that reflect their mobility management needs and associated risks. Let these use cases drive your selection process, working to understand how MDM capabilities would be applied and the features that would streamline associated processes.
Develop policy: Ultimately, your MDM product will provide tools to implement mobile access policies -- that is, decisions about which devices are and are not permitted, the types of network and service access granted, the conditions of access (e.g., security settings, device restrictions), the accounts and applications required to enable access, and so forth. Draft these policies before selecting an MDM product so that you can evaluate candidates based on their ability to implement defined policies.
Refine workflows: Your MDM strategy will help you implement a series of workflows, starting with the device integration process and ending with steps taken to safely retire each device. Use business needs and desired policy to step through these workflows, identifying ways in which MDM technologies can be applied and any dependencies that must be addressed. For example, determine how unmanaged devices will gain access to your in-house or public cloud MDM to kick off enrollment.
Establish visibility: IT cannot effectively manage what it cannot see. MDM products don't just configure devices or applications -- they help you monitor and report on what mobile workforces and devices are doing in the workplace. Look for features such as device fingerprinting and canned reports that can help any organization get a grip on what's really out there to be managed.
Conduct pilots: Once you've narrowed your candidate list to a select few that have strong potential to meet your needs and fit into your organization's workflows, it's time to take each MDM product out for a test drive. Start with a small pilot to test your understanding of each product or service, identifying faulty assumptions, additional needs and workflow tweaks. Cloud-based MDM services can be especially helpful to quickly conduct small pilots without up-front investment.
Test representative devices and users: When conducting pilots, avoid the temptation to simply test a common device in a typical use case. Exercise your plans and policies by applying them to a broad array of devices and users, keeping an eye out for corner cases that cannot be accommodated. Run those cases by the MDM provider to determine when gaps might be filled or where expectations and policies must be tweaked.
Identify dependencies: When piloting an MDM technology, you may take certain shortcuts, particularly with respect to integrating MDM with business systems and processes. But that doesn't mean a pilot can't be used to identify dependencies that will come into play in a larger production deployment. Use pilots to pinpoint those touchpoints and any related limitations (e.g., minimum software versions, storage requirements).
Evaluate documentation and support: MDM products that are difficult to understand and use are unlikely to improve productivity or operating efficiency. Use pilots to train your administrators and assess the quality of product documentation and technical support. Develop in-house documentation around end-user workflows and evaluate the quality of that material during pilots, as well.
Define a phased rollout: When deploying a feature-rich MDM technology, don't try to boil the ocean. Use pilot results to plan a phased rollout that will maximize your return on investment while minimizing business disruption. For example, when you are using an MDM product to check the integrity of mobile devices, start by reporting compromised devices. Use these reports to understand why devices fail this check and work on reducing those incidents before moving into automated active blocking or remediation.
Plan for the long haul: You should consider starting with a cloud pilot and moving to in-house deployment if or when your mobility needs warrant that investment. Some organizations stick with cloud-based MDM services indefinitely, while others may prefer to host their own MDM technology. Calculate cost over time, given projected growth in the number of devices and users, and your plans to roll out advanced MDM capabilities that involve incremental fees.
Don't forget migration: Finally, many organizations already have some form of legacy MDM that's using Exchange ActiveSync or an older version of BlackBerry Enterprise Server. A new MDM product may eventually replace your legacy MDM, or it may involve some degree of integration between the old and new systems such as cut-through management or integrated reporting. Consider ways to assemble this big picture from separate pieces or components in the near-term; plan to deliver a unified "single pane of glass" mobility management experience in the long run.
About the author:
Lisa Phifer owns and is president of Core Competence Inc., a consulting firm specializing in leading-edge network technology. She has been involved in the design, implementation and evaluation of networking and security products for over 25 years. She has advised companies large and small regarding needs, product assessment and the use of emerging technologies and best practices.