We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
78,145 News Articles

Mobile device policies need to be liberal but firm: Gartner

Analyst recommends mobility policies that are not too loose, nor too strict

Companies that put in dedicated policies for trusted work systems are now faced with a deluge of mobile devices in the workplace, particularly consumer level products.

What Gartner VP and distinguished analyst, John Girard, suggests they do is adapt to this environment and quickly, starting with the basic configuration and security policies they feel the need to preserve.

Girard gave tips on how to develop and implementing a robust mobile device policy during the recent Gartner Security & Risk Management Summit in Sydney.

One of the several mobile device management (MDM) reality checks that Girard shared with the audience covered the pitfalls of the mandatory device reset.

"There was a case of a toddler who reset C-level daddy's tablet that was left in the living room," he said.

"Of course, daddy didn't back up the data."

Then there was the less than ideal hospital honour system.

"Doctors accessed patient databases and hospital scheduling systems via unmanaged and unsupervised BYOD practices," Girard said.

Girard also spoke about how a mobile honour system failed when IT operations at a company enabled Microsoft ActiveSync through the firewall, however there was no credentials process in place.

In additions to setting limits on data exposure, Girard recommends that IT administrators also limit access to a certain extent.

"Have email pass through certification control and a basic MDM security policy in place," he said.

"Having BYOD model restrictions is also necessary."

Control and encryption also go hand-in-hand with a comprehensive MDM policy.

"A 'trust nothing' approach reduces policy headaches," Girard said,

When it comes to managing multiple device and OS platforms and settings, there are some questions that Girard says need to be addressed.

"What's your baseline and how thoroughly are your PCs managed?" he asked.

"Do you encrypt mails and work station data?"

In order for mobile device management to be effectively implement, Girard suggests people be prepared for enterprise concessions.

Some of the top policy failures that Girard highlighted included BYOD rules that are too rigid or lax, and policies that do not address use cases and job needs.

"If a company lectures but does not mandate, it's not going to work," he said.

"It also doesn't help if management doesn't support the policy."

In order for a mobility strategy to work, Girard suggests that business give users the choice to opt-in to company's MDM, and use "trust" and their supporting technology as a decision point.


IDG UK Sites

8 cheapest 4G smartphones in the UK 2014: Best budget 4G phones

IDG UK Sites

Apple MacBook Air lab tests and benchmarks: 11-inch & 13-inch, 256GB, 2014 Mac laptops tested

IDG UK Sites

How to prank people using Google Glass

IDG UK Sites

Brian Cox to step into will.i.am's shoes with IBC keynote