It can be tempting to buy a business mobile phone through a consumer outlet when supply is constrained. Doing so will bring your IT team a world of pain.
When the supply of mobile devices gets tight it is the business channels that dry up first as manufacturers and carriers prioritise consumer sales.
This is frustrating for corporate procurement teams tasked with sourcing mobile devices. How do you explain to a senior executive that the phone they want is not available when they can see it for sale at their local store.
In these circumstances, it is tempting to consider purchasing a device from the manufacturer's website or from a electronics retail outlet. However, there are consequences in doing so. Ensure that you are willing to wear the following outcomes if you buy a business device from a consumer channel.
Five reasons why businesses should NOT buy from consumer channels
Purchasing a corporate-owned device from a consumer outlet or website will cause considerable issues for corporate IT teams who are required to manage the device.
It will impact on the ability to manage the device security, will compromise the corporate network, be difficult to align the device ownership and access warranty services, and will be non-compliant with corporate governance and policies.
Reason #1. The device will not be enrolled
The device will not be added to its aligned enrolment program - Apple Business Manager, Samsung Knox or Google Zero-Touch. This enrolment must take place at time of purchase by an authorised reseller. Enrolment ensures the device ownership is aligned to the organisation. Enrolment also enables the device to be put into a 'supervised' state allowing UEM profiles to be automated and deployed OTA.
Reason #2. The device will not be supervised
The device will not be in a Supervised state. Being 'supervised' allows an additional layer of security and device management to be available to IT admins. It also allows the automation of Enterprise Mobility Management (EMM) deployment, patching and application updates. Unsupervised devices will sit outside the corporate compliance and governance model and are a risk to the corporate network.
Reason #3. The device will be unable to be remote managedHaving an EMM profile pushed to the device on enrolment enables IT teams to remote manage the device. This could include updates to OS and applications, applying security patches, and remote troubleshooting of the device itself. It is possible to enrol the device in an EMM environment but without enrolment in the manufacturers device enrolment program this will become a manual process which will need to be completed by the end user. Alternatively the device will need to be physically provided to IT admins to enable.
Reason #4. It will be difficult to prove corporate ownership
A device purchased through a consumer channel is not aligned with a corporate account at point of sale. It is difficult to align ownership of the device with the company retrospectively. When the device is not considered to be owned by the company, it is difficult for IT administrators to support the end user if they need to access manufacturer warranty replacement or repair.
Reason #5. The device is a security threat
Just because a user is able to verify their identity, this shouldn’t vouch for the health of their device. Authenticated users with misconfigured or compromised devices are a risk to corporate applications and business operations. Devices bought through the consumer channel are unlikely to be enrolled or managed through a UEM platform which would enforce security and identity management protocols to protect the corporate network.
Mobile phishing is a growing threat vector because the way we interact with mobile devices is inherently different from traditional form factors, something phishers have quickly learned how to capitalise on. Smaller screens mean that features like URLs are truncated or obscured. Mobiles are used when we’re in a distracted state and continual context switching reduces attention to detail. Limited experience of phishing means users lack of an innate ability to inspect links prior to a click.
A study by Wandera/Jamf found that 1 out of every 10 people have clicked on a phishing link while using their phones. Meanwhile the success of phishing attacks has increased constantly over time with a 160% year on year increase in the number of people falling for phishing attacks,
Four Actions required if buying a business device from a consumer channel
If a company decides it absolutely must buy a mobile device from a consumer channel, it should attempt to find a reseller who also has a business channel to enable the following actions:
- the device is purchased with a corporate credit card
- the device is able to be enrolled in Apple Business Manager, Samsung Knox or Android Zero-Touch at point of purchase
- the device is enabled during enrolment for Supervision
- the device asset details are recorded in the corporate asset register
How having a Telstra Partner can help with device procurement
Organisations who are purchasing their devices from Telstra or who are a Telstra customer can leverage the services of a Telstra Partner.
When mobile device shortages occur, a Telstra Partner, like MobileCorp, can assist customers to secure stock in the fastest timeframe, and also ensure devices are deployed with zero-touch end user onboarding and automated enrolment in UEM platforms.
A Telstra Partner
- has access to Telstra network systems to check stock availability in close to real time
- can take on the burden of constantly searching for availability of supply across multiple channels
- will manage the ordering process, monitor back order fulfilment, and provide honest timeframes for fulfilment
- can speed and simplify the process of getting a new device to an end user by provisioning the device with a Telstra plan, providing and activating the SIM or eSIM, supplying a protective case and screen protector
- will capture asset registry data including device manufacturer and warranty details, end user ownership details, cost centre allocation allowing the business to keep an accurate asset inventory
- can ensure the device is enroled in the manufacturer device enrolment program at point of sale
- can apply an Enterprise Mobility Management (EMM) profile to the device, enabling zero-touch deployment for end users
- can provide an ongoing EMM service including management of end user changes, and management of security, application, content and identity profiles and policies
MobileCorp is a Sydney-based communications technology company. We support enterprise and business by providing managed endpoints and ICT services including mobile device security, mobile device management, expense management and managed connectivity solutions. We are an Apple Authorised Reseller, a Samsung Authorised Reseller, and a Android Enterprise Reseller. We are also a Wandera/Jamf Partner, a Telstra Platinum Mobility Partner and Telstra accredited 5G specialist partner.