Microsoft made a strong move in to the world of enterprise mobility management with the launch of its enterprise mobility suite.
Mobility management starts with identity. Identity of individuals and devices. That means account management. The challenge for IT is that it must now manage who has access to the company’s resources from outside the perimeter across multiple devices with varying levels of authorised access for different people within the company.
When it comes to devices the strategies deployed range from BYOD (bring your own device) to COPE (Corporate owned, personal enabled)
The MS view is that ‘today’s end users vigorously resist having their devices managed because the productivity apps (or emulated apps) are awful, the devices get slower, and the organizations that manage these devices never really grasped how to best empower their workforce.’
Just the sheer number of devices entering the corporate network can make for a massive challenge. But what happens when devices get lost, stolen, sold or used by unauthorised parties.
Enterprise mobility is really only about accessing apps for productivity gains. But just the remote access can cause vulnerabilities.
"IT departments must take care to fully understand which apps will be supported and how they will be managed to help protect company data. IT needs effective mobile application management tools."
When it comes to apps, Microsoft offers the following advice:
– Define which apps will be available for the users to consume using their devices
– Validate if those apps need any type of adjustment to correctly run on different platforms
– Assess possible threats on each app that will be available for mobile users and verify if there is any flaw that can lead to a security risk
– Mitigate potential flaws by fixing the root cause of the problem or adding countermeasures that can reduce the risk
– Verify how these apps will be available for users’ consumption from those different devices
– Enumerate the options that are feasible for your business to make those apps available (for example, deployment via Web portal, access via remote app, access via VPN, and so on)