As mobile computing becomes ubiquitous, network security vulnerabilities increase. To address this concern, state and local governments are turning to mobile-device management systems that help control far-flung network endpoints, be they notebooks, tablets or smartphones.
Mobile-device management systems can enforce rules across an enterprise. These rules can restrict what applications can be installed on a device, raise a red flag when excessive charges are being racked up on a smartphone, force data backups for safety, choose strong passwords for a device, locate lost devices or remotely wipe all data from a missing device.
The challenge for agencies is to find the management system that best fits their needs. “Mobile devices introduce a new level of complexity for many government offices,” says Shawn McCarthy, director of research at IDC Government Insights. “Such devices can be more challenging to manage than traditional PCs, and the wide variety of hardware and software solutions, and even the variety of mobile operators, can make it more difficult to set standards and management practices.”
While newer versions of some popular network workhorses, such as Microsoft Exchange, have added features to address the burden mobile devices place on network security, many agencies need more features and greater control.
“Exchange ActiveSync is what we call lightweight mobile-device management because it does institute some policies,” explains Phillip Redman, vice president at Gartner Research. “But it’s not nearly as full-featured and rich as you would get in what we call a heavyweight platform, which allows much more minute detail to be managed on these devices.”
Organizations looking for a mobile-device management product must understand what features they need and must set clear policies for deployment of the product, according to a July 2011 report from Gartner Research, “Critical Capabilities for Mobile Device Management.”
For IT shops with limited security and management requirements and users who will not accept heavy control of their mobile devices, Gartner recommends a lightweight approach.
Products from manufacturers such as MobileIron, BoxTone and AirWatch give the IT shop the ability to enforce policies on the server side, but they don’t provide heavy control of devices, or of user behavior.
Environments with strict security and compliance requirements should consider products that use client-side management software and that can enforce strong IT control on mobile devices, including local data encryption and remote wiping. Sybase’s Afaria product fits the bill here.