If there is one thing this lockdown has taught us, it's that ignoring the management and security of endpoint devices is a really bad idea.
There would be no remote work without endpoint devices
After all it is endpoint devices - and their connection to our networks - that has kept our world turning in these days of remote working.
There has been lots of end user excitement about video calling, but there would be no Zoom, Teams or Workplace meetings without the endpoint devices the software is installed upon.
There would be no working on corporate documents, no accessing the internet or web-based drives, no sending and receiving emails, no instant messaging... no remote work at all without an endpoint device in our hands, or perched on our kitchen table or home office desk.
Our mobile devices are critically exposed
Endpoints are the critical foundation of remote work. Without our laptops, tablets, smartphones, there is no remote work, and yet most Australian companies do not have in place the means to protect or manage these devices.
Many Australian companies have failed to put in place even the most rudimentary protections or remote management capability for their corporate-owned endpoint devices, says MobileCorp CTO, Phill McSherry.
"The pandemic will have made many IT teams reconsider how they manage endpoint devices; and come to the realisation that these devices need the same security, management and support as desktops have always enjoyed."
Whereas desktops are heavily secured and tightly managed as they sit snugly inside the office network, by contrast, mobile phones and tablets often have little or no management or security.
Desktops are secured to minimise the chances of malware or ransomware entering the network through email or browsing, but corporate mobile phones accessing the same company network have no security protection applied to them.
Laptops, which have replaced desktops in some offices, fall somewhere in the middle being managed when connected to the corporate network, but may lose that functionality when remote.
"It has always surprised me that business leaders would lock desktops down so workers could not access social media or other inappropriate websites, but the same employee could sit at the same desk, on their corporate mobile phone connected to the corporate network, and consume whatever they liked."
Why do most companies not have MDM in place?
In the beginning the only corporate mobile devices were phones. Mobility snuck under the radar of IT teams when smartphones began accessing corporate email. Initially many IT teams did not consider managing mobile phones to even be 'real' IT. However over the past 7-10 years, there has been a monumental shift as corporate mobile phones, tablets and laptops have become commonplace and critical workplace tools.
MDM vendors mirrored the shift so their products no longer applied just to smartphones, but expanded to include tablets, laptops, IoT devices, and even PCs sitting remote from the network. MDM had evolved to unified endpoint management or UEM.
However, many IT teams didn't make the knowledge upgrade - or just did not see the value in MDM, says McSherry.
"Prior to the pandemic, no one wanted to talk about mobility. It was an after-thought in a lot of cases, or a 'nice to have'. There was a gap in knowledge about what MDM can do, what the full features are. And because people still call it MDM instead of UEM, many don't realise it's not just about phones."
"There are two main reasons so many Australian companies have not adopted an MDM solution. Either they do not perceive mobile devices are a significant risk to the business or they don't realise the automation features that MDM provides to greatly reduce IT workload."
What is the danger in ignoring mobile device management?
There are clear risks which arise when mobile devices are not managed says McSherry. There are also IT efficiencies that are not being realised.
Depending on the number of devices in an organisation, these risks may not have been considered significant. But then we never had everyone working remotely before.
The dangers of not having an MDM solution in place to cover laptops, tablets and phones are fast becoming obvious in the Covid-19 working-from-home world. These dangers include:
- no means of rapidly configuring and deploying new devices to employees
- an inability to update or push new applications -like maybe that video conferencing or IM app
- an inability to deliver security patches or ensure the most recent OS updates have been installed
- no way of locking or wiping a device that is lost or stolen
- malware or ransomware being introduced to the corporate network from compromised devices or email phishing scams
- threats to employee productivity by delivering a poor user experience with applications that are not updated
- a risk of increased costs due to an inability to prevent non-work-related use especially streaming data
- no means of enforcing compliance to corporate policies or values
- a lack of asset inventory - just who has that $2,000 laptop, that $1500 iPhone?
Why is MDM essential now?
Covid-19 has resulted in entire workforces camped outside the corporate network using mobile devices to complete every task.
Some organisations have had to purchase and deploy hundreds of new laptops, tablets or mobile phones. These endpoint devices all needed to be configured for email and for access to the network, probably via a VPN. They likely needed to have various software installed - unified comms or custom apps.
This would have been a time-consuming and tedious job without MDM which will apply a company profile containing custom configuration and security settings which are pushed OTA to devices which may be geographically dispersed. This bulk deployment functionality saves IT from a laborious task and give the end user an out-of-the-box experience.
Going forward, MDM allows remote management of the device including securing the device, deployment of applications, and the ability to disable the device in the event it is lost or stolen.
The longer we work from home, the more important we all realise mobile device security is. Employees are human and make mistakes. They use their corporate devices to access public internet. They click on fake websites and open malicious emails.
MDM allows security rules to be put in place which minimise the risk of compromised devices, malware, or unauthorised access to the corporate network.
Why will MDM remain essential post-pandemic?
Because there is no going back! Okay probably most employees will go back into the office, at least initially, and for most of their working week...but the mindset has shifted.
A reckoning will take place as business leaders weigh up the economic pro's and con's of having a 'partially' remote workforce and all the leading pundits predict that there will be a whole lot more remote work in the future.
Understanding the value of IT managing endpoint devices will have become obvious across all levels of the business during the pandemic, says McSherry, and this will form the basis of a business case for MDM.
"Having visibility and control over ALL devices connecting to the corporate network will be the new normal. MDM will therefore be both critical and foundational to future workplaces."
MobileCorp is an Australian communications technology company providing Mobile Device Management, Managed Mobility Services, Complex Data and IP Networks, and Unified Communication solutions. It has a proven track record providing solution architecture, build, deployment, and managed services for Australian enterprise and business.
Have some time to invest in knowledge-building during lockdown?