SBM Labs

Cyber Security Collaboration Project

Implementation of Enterprise Mobility Management. First steps
29 Nov 2014

1. Determine the risks associated to the use of mobile devices for business purposes (BYOD).

- Loss or theft of the device.
- Insecure configuration.
- Malware.

2. Determine requirements to Enterprise Mobility Management (EMM).

- Support of various platforms and operated systems.

In some companies iOS is corporated standard. In another it is also allowed to use Android and Windows Phone devices. You should understand that it will be more difficult to implement EMM in case of support several platforms and operated systems.

- Identification of compromised devices.

Compromised devices (rooting, jailbreaking) are more at risk of malware infection. You should have opportunity to identify such devices and restrict access to company resources.

- Configuration management for mobile devices.

Apply secure configuration for mobile devices is one of the most priority tasks. For example, configuration for company's Wi-Fi access point (WPA & WPA2 Enterprise) which is associated with enterprise root CA certificate.

- Integration with another solutions.

Integration with Microsoft Exchange will allow to manage access to corporate mail and with Cisco ISE will allow manage network access for mobile devices .

- Remote access to company's resources.

Users usually get remote access to company's resources using VPN. In this case all applications on mobile devices get remote access. It will be more secure to grant remote access only for authorised applications using certificate.

- Separation of personal and corporate data.

You should use isolated container in order to work with corporate data. In this case you can apply secure configuration (PIN lock, encryption, remote wipe etc) only for this container. Access to this container must have only authorised applications. Such configuration will be secure and more user friendly because user will not have to enter PIN lock in order to access to camera, contacts and any other personal data.

- User friendly interface.

User friendly interface will allow to work with corporate data in secure and convenient way. Also company will get loyal employees.

3. Analyze results of EMM review by independent experts.

For example, you can read Gartner report (see Magic Quadrant for EMM below).

4. Determine EMM total cost of ownership (TCO).

EMM solutions are not cheap. You should estimate TCO and discuss it with your management.

5. Testing of EMM solutions.