Mitigating the Risks of BYOD with MAM

Organizations need to decide how to manage BYOD, says Johnny Karam, Regional Director, Middle East and French Speaking Africa, Symantec

Tags: Bring Your Own Device (BYOD)Symantec Corporation
  • E-Mail
Mitigating the Risks of BYOD with MAM Karam: Companies need to understand the limitations of MDM solutions, and look to managing specific applications.
By  Johnny karam Published  November 14, 2012

Bring your own device is on the rise, but organizations need to decide how to manage it, and understand the tools available to them, says Johnny Karam, Regional Director, Middle East and French Speaking Africa, Symantec.

Bring-your-own-device, or BYOD, is the latest technology trend nipping at the heels of nearly every CIO across the Middle East. But make no mistake, it is more than just a buzzword; it is a true movement.

According to a recent Symantec survey, 59% of enterprises are making line-of-business applications accessible from mobile devices in an effort to increase efficiency, increase workplace effectiveness and reduce time required to accomplish tasks.

Businesses can use mobile device management (MDM) and mobile application management (MAM) tools to help maintain an inventory of the devices connecting to company resources and also make sure employees are adhering to policies. Reputable MDM tools also allow businesses to ensure both personal and company-owned mobile devices are wiped of business information if an employee leaves the company or a device is lost or stolen.

There are many concerns with BYOD including lost and stolen devices, data leakage, unauthorized access to corporate resources, and the spread of security infections from mobile devices to the company network. With mobile devices now delivering critical business processes and data, the cost of security incidents can be significant. The average annual cost of mobile incidents for enterprises, including data loss, damage to the brand, productivity loss, and loss of customer trust was $429,000 for enterprise. The average annual cost of mobile incidents for small businesses was $126,000.

According to Symantec’s State of Mobility Survey, 67% of companies are concerned with malware attacks spreading from mobile devices to internal networks. In addition, Symantec’s latest Internet Security Threat Report highlighted that mobile vulnerabilities increased by 93% in 2011.

The concept of BYOD is simple: Allow employees to supply their own devices to increase employee satisfaction and reduce capital – and perhaps even operational – expenditures. However, despite the benefits, BYOD is not the right mobile strategy for every employee in every organization as it involves relinquishing some control over the devices connecting to corporate networks, resources and data – introducing a variety of concerns.

These concerns can be mitigated by being properly equipped with appropriate protections and employing strategies and technologies, such as MAM, to avoid the hazards associated with BYOD. Before analyzing how MAM can be an effective BYOD accident avoidance technology, it is important to acknowledge the three primary considerations around BYOD implementations.

To manage or not to manage:

The first question every business must ask around BYOD is: How much management of user-owned devices connecting to corporate resources does the company want? This is critical because the degree to which an enterprise is involved in managing various aspects of user-owned mobile devices has consequences. For example, a key anticipated benefit of implementing BYOD means often no longer having to fully manage employees’ mobile devices. In return, support costs are hopefully reduced.

However, fully managing user-owned devices often results in intruding on the personal information and activity of those devices. This might include enforcing device-level authentication and encryption policies and complete device remote locking or wiping, including users’ personal content.

Delivering corporate resources

A mechanism for delivering corporate apps and resources to BYOD users must be put in place. Organizations must also consider where the apps and resources will be hosted and how the company will grant access to only the resources appropriate for each user.

Securing corporate resources once they are delivered

Finally, organizations need to consider how to secure the corporate apps, including email access and the potentially sensitive data tied to them, once they are on user-owned mobile devices.

Providing access to business-related apps and corporate resources to user-owned devices is only the first part of the equation. The main issue is how an organization maintains the security of those resources and data while not hindering users’ experience with their personal devices. This takes us back to the first consideration – how involved a company wants to be in managing user-owned devices. If user-owned devices are fully managed by an enterprise, the apps and resources can be made secure, but all the issues associated with the complete management of user-owned devices are brought to the surface.

The most common tool used to implement secure BYOD up to this point in time has been MDM technology. MDM is a viable method to deliver applications to user-owned devices, secure the corporate apps and data on them, and provide the ability to push applications to managed devices. In addition, MDM solutions allow enterprises to enforce security controls on properly prepared corporate-connected, user-owned devices.

However, using MDM to address these BYOD considerations means enterprises are forced to fully manage user-owned devices. Thus, all of the concerns and issues associated with complete enterprise management of user-owned devices are fully set in motion.

In contrast, MAM enables enterprises to avoid device-level management and instead implement application-level management on user-owned devices. As a result, MAM negates the issues that are associated with fully managing user-owned devices via MDM by allowing enterprises to “wrap” each of their corporate apps and the data tied to them in their own security and management layers. This gives enterprises control of their apps and data while leaving the rest of the user-owned devices they are on.

With MAM controls such as authentication, encryption and expiration – apps and data can be manually expired or set to automatically remove themselves from devices based on perimeters established by administrators.

In addition, MAM solutions provide app portals tailored to each user to deliver the appropriate corporate apps to individual user-owned devices. In this way, the user experience of downloading necessary corporate resources is as simple as visiting a public app store, but enterprises can ensure that users are only being given access to the resources they have permission to download.

Implementing BYOD without the proper tools is unsafe and puts the entire organization at risk. However, with the right solutions the secure use of user-owned mobile devices in companies without hindering users experience with those devices can become a reality. Symantec’s MAM solution offers the cross-platform mobile management needed to help organizations containerize corporate applications and protect sensitive data.

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code