Reduce Business Risk by Deploying EMM Solutions with Conditional Access Capabilities

Chicago

EMM solutions that deliver conditional access to desired services like email, storage and cloud services motivate BYOD users to enroll.

Let’s face it, your BYOD employees aren’t too thrilled about installing an EMM app, agent or container on their device. It feels like an intrusion on one of your most personal possessions and breeds mistrust. That said, the BYOD world is all about gives and gets. Unless your company enforces a corporate-liable policy and buys every employee a smartphone, a compromise must be made to ensure the security of corporate data. This is where the use of the carrot comes into play.

While the BYOD trend was initially about allowing employees to use their mobile devices for work, the trend has shifted. Now you encourage your employees to use their devices because it makes them more productive anywhere, anytime. Whether your company is just allowing or actually encouraging employees to use their devices for work, you have to overcome the “hassle factor” and suspicions of company spying that deters them from EMM enrollment.

First, your Mobile COE must perform exhaustive due diligence to select the most unobtrusive EMM package available with the fewest steps to install that still meets your company’s needs. Next, this system must prohibit access to the systems, apps and data employees want most until they enroll. Some packages even limit access via MAM functionality. Anyway, if you want email, you have to enroll. If you want to access SharePoint, you have to enroll. You get the idea. Gives and gets.

Reduce risk to your business by restricting corporate system access to only those devices enrolled in an EMM solution. What is your company doing to prevent unmanaged devices from accessing sensitive data?

Learn how to digitally transform your company in my newest book, “Mobile Strategies for Business: 50 Actionable Insights to Digitally Transform your Business.”

Book Cover

Click to purchase a copy of my book today and start transforming your business!

Sharing my knowledge and helping others never stops, so connect with me on my blog at http://robtiffany.com , follow me on Twitter at https://twitter.com/RobTiffany and on LinkedIn at https://www.linkedin.com/in/robtiffany

Reduce Risk to Your Business by Ensuring Your EMM Package can Block Malicious Apps

Omaha

To prevent malicious apps from attacking corporate assets, get an EMM solution that disables app stores while blacklisting and whitelisting apps.

Despite what you’re thinking, malicious apps may be one of the biggest threats your mobile enterprise will face. You might believe that device encryption, the use of a PIN to logon and utilizing a VPN to connect to your corporate network means your safe. You’re not.

Within the security envelope your device has created, a rogue app could still drive a truck through your VPN tunnel and attack internal assets. Users routinely download apps without paying attention to the list of permissions and capabilities the app is asking for. They can’t be bothered. What could possibly go wrong with the simple drawing app that somehow needs network access and the ability to read your contacts?

While it’s the job of your company’s mobile COE to vet apps used by employees for work, it’s good to have a backup plan. When performing due diligence on EMM packages for your company, make sure blacklisting and whitelisting are supported to prevent users from downloading objectionable apps. Additionally, EMM packages must prevent rogue apps from launching in the event an employee has already downloaded it. To ensure employees can only use a curated, internal enterprise app store, the ability to disable access to public app stores may also be a requirement. Clearly, this flies in the face of BYOD and some employees may reject having this functionality on their device. Containers may be better in some cases.

Protect corporate systems and reduce risk to your company by blocking apps containing code that can inflict harm. What is your organization doing to protect itself from malicious apps unwittingly downloaded by employees?

Learn how to digitally transform your company in my newest book, “Mobile Strategies for Business: 50 Actionable Insights to Digitally Transform your Business.”

Book Cover

Click to purchase a copy of my book today and start transforming your business!

Sharing my knowledge and helping others never stops, so connect with me on my blog at http://robtiffany.com , follow me on Twitter at https://twitter.com/RobTiffany and on LinkedIn at https://www.linkedin.com/in/robtiffany

Reduce Business Risk by Enforcing Security Policies on Data with Digital Rights Management

Denver

To enforce data security policies directly, get an EMM solution with digital rights management to protect data where it flows & rests.

So far, our EMM journey to secure corporate data has dealt with the issue by broadly securing the entire device via MDM or more narrowly securing the apps that deliver the data using various MAM techniques. The application of security can get narrower still.

The use of digital rights management (DRM) allows IT departments to apply policies directly to documents keeping data secure no matter where it flows or resides. Sometimes DRM is clumped-in with the broader mobile content management (MCM) component of EMM. This security applied directly to data is an effective method of DLP using a combination of enterprise directory services, encryption, user identity along with server and client software to keep information in sensitive files from being viewed by the wrong people or systems.

Imagine the scenario where a confidential business document is uploaded to an Internet file sharing provider or emailed to a competitor. Traditional corporate security mechanisms like firewalls or file server access controls lists won’t save you in this situation. If DRM encryption and security policies were previously applied to this document, it would be unreadable by anyone who tried to open it. This is arguably the most difficult of the EMM security components so not many vendors will offer this.

Reduce risk to your organization by keeping sensitive data secure no matter where it travels or where it rests. What is your company doing to protect its critical data?

Learn how to digitally transform your company in my newest book, “Mobile Strategies for Business: 50 Actionable Insights to Digitally Transform your Business.”

Book Cover

Click to purchase a copy of my book today and start transforming your business!

Sharing my knowledge and helping others never stops, so connect with me on my blog at http://robtiffany.com , follow me on Twitter at https://twitter.com/RobTiffany and on LinkedIn at https://www.linkedin.com/in/robtiffany

Reduce Corporate Risk by Enforcing Security Policies on Mobile Apps with MAM

Oklahoma City

To enforce policies on individual mobile apps, get an EMM solution with MAM capabilities to prevent data leaking from corporate to personal.

Mobile App Management (MAM) allows IT departments to protect corporate data without having to manage the whole device like you would with MDM. Since apps are the delivery mechanism of business data to employees, the thinking is, if you can lock down the apps, you can lock down the data. You may not need MDM anymore.

The BYOD phenomenon has IT departments concerned about the co-mingling of personal and business apps and data. EMM and mobile operating system vendors have tackled this data loss prevention (DLP) problem with variety of approaches ranging from the use of a Chinese wall to proprietary versions of public apps. The MAM component of EMM delivers:

  • An enterprise app store where employees can select internally and externally developed apps and websites
  • Encrypted containers dividing a mobile device into business and personal workspaces where data cannot be shared
  • Ability to allow or block the opening of business documents and the copying & pasting of data between apps
  • Selective wipe of corporate email, apps, data, certs and management policies
  • Secure PIM
  • App wrapping with or without an SDK
  • Apps that prompt for a PIN for devices that aren’t configured to prompt for credentials

Reduce risk to your organization by securing your mobile apps and the data they deliver to your employees with a protective envelope. What is your organization doing to mobile apps and data safe?

Learn how to digitally transform your company in my newest book, “Mobile Strategies for Business: 50 Actionable Insights to Digitally Transform your Business.”

Book Cover

Click to purchase a copy of my book today and start transforming your business!

Sharing my knowledge and helping others never stops, so connect with me on my blog at http://robtiffany.com , follow me on Twitter at https://twitter.com/RobTiffany and on LinkedIn at https://www.linkedin.com/in/robtiffany

Reduce Corporate Expenses by Configuring Devices and Delivering Apps to Users with MDM

Dallas

When you’re ready to deploy apps or provision Wi-Fi, certificates, VPN or email to mobile devices, get an EMM solution to provide MDM.

With the basics of device-level security and policy enforcement covered by Exchange ActiveSync, you’re ready to take the next step in providing value to your employees. Extending access to PIM, delivering apps to devices and provisioning functionality over the air was the reason the earliest mobile device management (MDM) packages were built. I should know since I co-founded the first cloud-based MDM company back in 2003. The space has broadened significantly and is now referred to as enterprise mobility management (EMM) with an evolving set of features. The MDM component of EMM delivers:

  • Support for the most widely used mobile operating systems
  • Software lifecycle management that deploys, upgrades and retires apps
  • Operating system configuration management that enforces the IT policies applied to devices, monitors compliance and provides auditing
  • Simplifies users’ lives by provisioning pre-configured settings for email, VPN, Wi-Fi and certificates via profiles
  • Asset management and usage of devices and apps
  • Telecom expense management
  • Service management and remote helpdesk support capabilities
  • Scalability to support hundreds of thousands of devices

Reduce your expenses and improve user productivity by remotely configuring devices and delivering apps to users without needing additional support staff. What is your organization doing do help employees configure their mobile devices and get the apps they need?

Learn how to digitally transform your company in my newest book, “Mobile Strategies for Business: 50 Actionable Insights to Digitally Transform your Business.”

Book Cover

Click to purchase a copy of my book today and start transforming your business!

Sharing my knowledge and helping others never stops, so connect with me on my blog at http://robtiffany.com , follow me on Twitter at https://twitter.com/RobTiffany and on LinkedIn at https://www.linkedin.com/in/robtiffany

Reduce Company Expenses and Enforce Mobile Security with Exchange Active Sync

Houston

If you don’t have an Enterprise Mobility Management solution, start with Exchange Active Sync to enforce device policies and security.

Baby steps. While you might not say Microsoft Exchange Server in the same breath as enterprise mobility management, this product has managed more devices than any other system over the last decade. Since most enterprises already use Active Directory for identity coupled with Exchange Server on-premises or via Office 365 in the cloud for email, calendar and contacts, this is a simple way to get started. A protocol called Exchange ActiveSync (EAS) that dates back to the Pocket PC and is used by virtually every mobile operating system to allow the magic to happen.

So what does this have to do with managing devices? Well, EAS helps secure smartphones and tablets via policy enforcement. This allows you to require PINs and passwords, device and storage card encryption, remote wipe for lost or stolen phones, and S/MIME email encryption, to name a few. It also lets you disable features like a phone’s camera, removable storage, Wi-Fi, Bluetooth, SMS and others. If you’ve worked in the public sector, this probably rings a bell.

If you think managing your mobile devices via Exchange ActiveSync is unorthodox, remember this was the only way to manage iPhones until iOS 4 and Android until version 2.2 was released. I think EAS facilitated the BYOD movement more than any other factor.

Reduce expenses and risk to your company by enforcing security policies on your mobile devices using the capabilities found in an email server you probably already own. What basic steps has your organization taken to enforce mobile security on smartphones and tablets?

Learn how to digitally transform your company in my newest book, “Mobile Strategies for Business: 50 Actionable Insights to Digitally Transform your Business.”

Book Cover

Click to purchase a copy of my book today and start transforming your business!

Sharing my knowledge and helping others never stops, so connect with me on my blog at http://robtiffany.com , follow me on Twitter at https://twitter.com/RobTiffany and on LinkedIn at https://www.linkedin.com/in/robtiffany

Reduce Business Risks by Creating a Corporate Mobile Center of Excellence

Create a corporate mobile center of excellence to create processes, establish governance & develop a matrix of supported devices.

Your transformation must begin with your people!

Despite the growing maturity of mobile technologies in the enterprise, most organizations have been unable to put the governance in place needed to make mobility work well for employees and employers alike. When BYOD users don’t know the rules for using their devices at work, it’s the same as having no rules at all.

The most important step you can take is to create a mobile center of excellence (COE) comprised of employees from most of your different business units and IT. This team will create processes that make the best use of your technology:

  • Creating a matrix of supported devices that meet the company’s app, security and management needs
  • Creating a document that spells-out all mobile policies and procedures
  • Defining how telecom expenses will be covered via stipends or reimbursements as well as international roaming policies
  • Performing due diligence on the selection of app development, backend integration and device management packages
  • Defining wireless LAN, WAN and cellular standards as well as negotiating plans with mobile operators

Establishing a Mobile Center of Excellence will not only reduce risk to your company by clearly spelling-out what your employees can and cannot do, but it will also improve employee productivity by eliminating all the “guess work.” What steps is your organization taking to assemble relevant stakeholders to build a mobile COE?

Learn how to digitally transform your company in my newest book, “Mobile Strategies for Business: 50 Actionable Insights to Digitally Transform your Business.”

Book Cover

Click to purchase a copy of my book today and start transforming your business!

Sharing my knowledge and helping others never stops, so connect with me on my blog at http://robtiffany.com , follow me on Twitter at https://twitter.com/RobTiffany and on LinkedIn at https://www.linkedin.com/in/robtiffany

Mobile Strategies for Business is Now Available

Book Cover

I’m pleased to announce that my newest book, “Mobile Strategies for Business: 50 Actionable Insights to Digitally Transform Your Business” is now available.

Mobile Strategies for Business is the first book to clearly explain how executives can digitally transform their organization through a simple, step-by-step process.

The mobile tidal wave has permanently transformed the consumer world and now it’s washing up on the shores of the enterprise. This drives the need for an enterprise mobile strategy to mobilize existing applicationsmodernize infrastructuresbuild new apps for employees and customers, and bring order to your environment via enterprise mobility management. Mobile Strategies for Business guides you through this transformation and drives positive outcomes including reducing expensesimproving employee productivityincreasing revenueboosting user engagement and reducing risk.

Based on the top 50 most important enterprise mobility concepts spanning four major topic areas, Mobile Strategies for Business is the first book to clearly explain how to digitally transform your business through a simple, step-by-step process.

You’ll learn how to address the following organizational challenges:

  • How to transform IT infrastructures that are wholly unprepared to deliver on the promise of Mobile and IoT for employees and customers. Learn how to enhance performance, scalability, bandwidth and security to support today’s mobile and cloud workloads.
  • How to reconcile the convergence of the Bring Your Own Device (BYOD) phenomenon and the need to keep corporate data secure. Learn how to support the flexible work styles of your mobile employees while keeping everything safe.
  • How to migrate the millions of out-of-date, insecure and unsupported desktop and Web 1.0 apps that currently run global business to run on modern mobile platforms. Learn how to unchain your line of business apps and web sites from the desktop and move them to the mobile devices your employees actually use.
  • How to rapidly build mobile enterprise apps that run on any platform and work with data from any backend system. Learn how to mobile-enable your existing systems and data to empower your mobile employees and reach out to your mobile customers.

Back Cover

Mobile Strategies for Business is a project plan and an implementation guide allowing your organization to digitally transform so it can ride the mobile wave to employee and customer success. Along the way, it builds a future-looking foundation that prepares your organization for successive technology tidal waves that will impact your business, workforce and customers.

What is your organization doing define and execute on a mobile strategy? It’s time to empower your mobile workforce.

Click to purchase a copy of my book today and start transforming your business!

Sharing my knowledge and helping others never stops, so connect with me on my blog at http://robtiffany.com , follow me on Twitter at https://twitter.com/RobTiffany and on LinkedIn at https://www.linkedin.com/in/robtiffany

Rob Tiffany Interviewed at Mobile World Congress

Rob Tiffany

At Mobile World Congress in Barcelona, Rob Tiffany discusses all-things Microsoft Mobility with Kevin Benedict.

Learn about the current state of Microsoft mobility offerings ranging from Windows Phone, to the Enterprise Mobility Suite, to Azure Mobile Services.

Sharing my knowledge and helping others never stops, so connect with me on my blog at http://robtiffany.com , follow me on Twitter at https://twitter.com/RobTiffany and on LinkedIn at https://www.linkedin.com/in/robtiffany

Enterprise Mobility for 2015 and Beyond

iPhone 6

This last year was full of spectacular moments as mobility continued to consume the world.

We now have almost three billion people online and most of that number is due to smartphones. Mobile apps eclipsed the web as the place people spend more of their time and an estimated 80% of adults will be using a smartphone by 2020. Since the best way to review the most important mobile events of 2014 is through a long, run-on sentence, take a breath and dive in:

Microsoft acquired Nokia, tablet growth slowed, VMware acquired AirWatch, mobile games outsold mobile apps, MobileIron went public, Apple shipped a phablet, Good acquired BoxTone, Gartner’s MDM Magic Quadrant became their EMM Magic Quadrant, Xiaomi ate everyone’s lunch in China, IBM and Apple got together to build business apps, Microsoft brought Office to the iPad, MEAP vanished while MBaaS appeared, Apple launched a Swift way to Pay, HTML5 became a recommendation, Android dominated market share, Apple dominated revenue and the Internet of Things won the hype award. Whew!

With the ‘Year in Review’ out of the way, let’s talk about the things that will make the most impact in the enterprise mobility space in 2015. Expect the ‘Bring Your Own App’ (BYOA) trend to hit a speed bump by corporate mobile centers of excellence that require enterprise mobile apps to meet security standards around authentication, data at rest and data in transit. Mobile developers need to up their game to break into the enterprise. Enterprise Mobility Management (EMM) companies will continue their move from Mobile Device Management (MDM) to Mobile Application Management (MAM) to data protection and on to Identity and Access Management (IAM). The goalposts will always be moving in this space.

In the smartphone space, low-cost devices will continue to garner the most market share. Remember, once you leave the world of subsidized phone plans, economics takes over. The trick for enterprises looking to use them in corporate-liable scenarios is to ensure the mobile operating system meets security and manageability needs while performing well on low-end hardware.

With millions of Win32 apps currently running most global businesses, large investments will be made in moving these apps to modern, sandboxed, mobile operating systems. Unlike many of the large, monolithic desktop apps built for Windows over the last two decades, mobile apps focus on specific tasks. This means for every Win32 app, multiple mobile apps will be built. Additionally, they will take advantage of device sensors to provide employees with better contextual experiences.

With the back end systems of most enterprises unable to speak the language of mobile devices, let alone support their performance and scalability requirements, upgrading these on-premises systems or moving them to the cloud represents another large investment companies will be making. Some companies will wrap their existing systems in REST/JSON APIs; others will connect them to MBaaS offerings, while others purchase new vertically-integrated mobile packages.

Rapidly shrinking wireless and sensor-enabled chipsets with low power consumption have given rise to the Internet of Things (IoT) with IPv6 ensuring there are enough addresses to go around. When combined with things like streaming analytics, machine learning and cloud scale, this descendant of SCADA and M2M is going to help companies unlock insights that lead to cost savings and new revenue opportunities.

In the end, the promise of personal computing is being realized via small, portable, sensor-filled, picture-taking, supercomputing, payment processing, low-powered communication devices that connect the citizens of the world and that’s a good thing.

Sharing my knowledge and helping others never stops, so connect with me on my blog at http://robtiffany.com , follow me on Twitter at https://twitter.com/RobTiffany and on LinkedIn at https://www.linkedin.com/in/robtiffany