Managing Mobile Devices for the Real World

BYOD can pose a challenge to organisations, but by mixing models of device and data management, companies go mobile while staying secure, says Noman Qadir, Acting Regional Director, MENA and Turkey, Citrix

Tags: Citrix Systems Incorporation
  • E-Mail
Managing Mobile Devices for the Real World (ITP Images)
By  Noman Qadir Published  March 10, 2013

With increased mobility and the use of personal mobile devices for business tasks, sensitive data and enterprise secrets have now been made available anywhere at any time and on any device — creating a security nightmare for the IT department.

Organisations have tried — and failed — to apply draconian IT tactics to this Bring Your Own Device (BYOD) trend, and it is increasingly clear that while strict device security measures are required for some use cases, this is not the way to manage a BYO program.

An effective mobile management strategy balances the desire for increased productivity with the requirements for protecting sensitive data. The strategy needs to consider three elements: devices, including device wide configuration, network settings, capabilities, security certificates and approved applications; applications, with configuration and network settings specific to individual applications, wrapped applications and an app store; and data, to ensure proper management when it is in use, in transit and in storage. There are three major models for Device, App and Data management:

• Mobile Device Management (MDM) — Management of mobile phones, tablets, embedded systems, printers.
• Mobile Hypervisor — Split personality switching between personal and work. The virtual equivalent of carrying two phones.
• Mobile Application Management (MAM) — Granular management of applications and data. Simple and powerful support for any device and ownership model.

These three major models aren’t exclusive — in fact, MAM is complimentary to MDM and provides more granular control over applications and data than current MDM solutions. Mobile management solutions overall should be concerned with specific aspects of mobility, namely: Control over the location and usage of sensitive data; specification of approved apps and networks; asset management to specify and direct how devices can be used; and consistency of OS, configurations, applications and policy. Solutions that address these different aspects can be combined to create deployment models that suit the requirements of specific industries. The following two examples highlight mobile management use cases in healthcare and government.

Healthcare Use Case

Today’s physicians are typically highly mobile independent contractors who work for multiple practices, clinics and hospitals. To maximize productivity and mobility, many physicians are also BYO users — and often iPad users. Compounding mobility is the fact that healthcare usage involves some of the most sensitive data: personal healthcare information (PHI).

Using CloudGateway, Citrix’ enterprise mobility management solution that securely delivers mobile, web and Windows apps and data to any device, the physician connects into their personalized set of applications delivered and managed via the enterprise appstore. When local applications are desired, native mobile apps are already available in the appstore — wrapped with all the required configuration and security settings to run natively on the physician’s iPad, in the secure MDX App Vault, which creates secure business containers for corporate and personal apps and data. A doctor who works for two different hospitals, simply visits each practice’s app store to select desired apps and the unique apps required for each hospital are automatically delivered as separate groups or accounts on the device. Each hospital’s IT organisation manages the required versions and updates to their set of apps and places them in their respective app stores.

Application and desktop virtualisation through XenDesktop ensures that sensitive PHI remains protected in the data centre. Data that must be mobilized can be delivered through ShareFile for encrypted local storage as well as cloud-based file sharing and sync services. ShareFile allows for seamless access to data whether the physician is using an iPad or a healthcare workstation.

With application access and use managed automatically, healthcare professionals gain back valuable time, allowing them to concentrate on the primary goal of patient care.

Government Use Case

Governments require the ultimate control over their sensitive data. The lure of tablets and smartphones has been strong with government employees, but these devices must remain strictly managed government owned devices with clearly defined control boundaries. Not all government employees work with secrets that require the ultimate security, but the one-size fits all approach to device security doesn’t reflect this reality.

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code