Tips for Field Service: Security and Mobile Device Management
Guest author: Kerry Doyle
The increased use of smart devices in field service poses significant control and support challenges for IT. Data security is a central issue because sensitive information can be compromised through lost or stolen technology. Mobile devices, especially laptops, also increase the possibility of malware infiltrations and viruses that can quickly spread throughout a network. Moreover, rampant device disorganization requires an already overextended IT to systematize and monitor an ever-expanding range of devices.
Mobilization, whether corporate-sponsored or BYOD, is also accelerating cloud adoption because of the types of available services which can be helpful for field-service efficiency (PaaS, IaaS, SaaS). However, companies who adopt the cloud end up spending considerable amounts of time creating security work-arounds for surviving outages, data breaches or related infrastructure issues.
The enterprise-level support found in private clouds, a feature lacking in public cloud instances, goes a long way in providing effective security. For example, companies can retain firewall rules or maintain company policies across private or hybrid cloud instances.
The situation is similar to controlling mobile device usage. When it comes to MDM adoption for field service, companies must carefully consider the best approach and the steps that are necessary for effective mobile device control.
In this first part of two articles, we look at the three stages of device lifecycle management as it relates to MDM: Provisioning/Configuration, Production, and Decommission. In Part 2, we’ll explore the five steps necessary to achieving successful adoption. These include: 1) Defining a Mobile Strategy 2) Identifying the Number of Devices 3) Reliability 4) Customization and 5) Choosing a License Model (on-premise, cloud, etc.).
Provisioning/Configuration: For field technicians in a range of industries, scheduling, creating task records, checking inventory, collecting data, and supplying logistics are just some of the types of functions that they’re responsible for. For MDM to function at a high level, self service capabilities (offering access to applications, for example) and remote enrollment can function smoothly only if device provisioning has been properly executed. At this stage, IT defines and grants all access privileges and authorizations. Any omissions in defining policy and user authorizations can have serious repercussions that compromise the security of a network.
Production: During the entire period of device functioning, it needs to be managed and updated to guarantee operational efficiency and network security. During this phase, the important tasks that need to be performed are: asset tracking, software updates, device monitoring/performance, remote control, maintaining and modifying device/application configurations, and updating data. In general, most MDM solutions rely on a single pane of glass for maintaining production control.
Normally, these include dashboard-like consoles to simplify the securing and managing of devices. Consoles function as push/pull access points. Via an MDM console, administrators can push out applications, security patches, software updates and forced lock-downs. End users can access (pull) enrollment services, provision tasks, download software, synchronize data, and back up files.
Decommissioning: Like the previous stages, this final phase of the mobile device lifecycle is critical to infrastructure security. Decommissioning a device is predicated on a range of issues. One cause for decommission might be employee departure, another reason may be due to a lost or stolen device. Regardless of the reason, having full control over functionality and being able to remove access is essential for true security. All MDM solutions should have the capability to perform data restoration and complete, or selective, remote wipe implemented via the administrative console.
The mobile device lifecycle is made of these three distinct stages. Each stage must be addressed for a truly effective MDM solution to meet the needs of end users as well as fulfill organizational requirements. In the not-too-distant future, smart devices and tablets will access dual-core processors, increased memory, enhanced screen displays, high-functioning cameras, and card slots for peripherals. Such capabilities will require MDM solutions to evolve as well, but the security requirements and end user needs will remain the same.
Next week we’ll take a look at steps to take to implement a mobile device management (MDM) policy.
Learn More: Download the business paper, Moving Into a Consumer IT Model