Get Even More Visitors To Your Blog, Upgrade To A Business Listing >>

FAQ IV: IT Security and MDM

Which features of an MDM are especially important for IT security?

\n \n\n \n\nThe main goal of an MDM is to guarantee the safety of Mobile Devices. Furthermore it can be used to manage and maintain the devices in a clearly structured manner.\nThe biggest part of MDM features is still relevant for IT security though:”},{“component”:”hc_space”,”id”:”2YiOT”,”css_classes”:””,”custom_css_classes”:””,”custom_css_styles”:””,”size”:”m”,”height”:””},{“component”:”hc_wp_editor”,”id”:”rm8bc”,”css_classes”:””,”custom_css_classes”:””,”custom_css_styles”:””,”editor_content”:”Enroll & Manage:“},{“component”:”hc_icon_list_simple”,”id”:”RqF79″,”css_classes”:””,”custom_css_classes”:””,”custom_css_styles”:””,”rows”:[{“component”:”repeater_item”,”id”:”zluzQ”,”icon”:”fa fa-angle-double-right”,”text”:”Device Owner Enrollment (Email & QR)”},{“component”:”repeater_item”,”id”:”qqonw”,”icon”:”fa fa-angle-double-right”,”text”:”Apple School Manager Integration”},{“component”:”repeater_item”,”id”:”xUCMz”,”icon”:”fa fa-angle-double-right”,”text”:”Macbook Integration”},{“component”:”repeater_item”,”id”:”6zK44″,”icon”:”fa fa-angle-double-right”,”text”:”Apple DEP Integration”},{“component”:”repeater_item”,”id”:”EGbM8″,”icon”:”fa fa-angle-double-right”,”text”:”Samsung KNOX Enrollment”},{“component”:”repeater_item”,”id”:”B6Cdg”,”icon”:”fa fa-angle-double-right”,”text”:”BYOD Container Management”},{“component”:”repeater_item”,”id”:”fa8QU”,”icon”:”fa fa-angle-double-right”,”text”:”COPE Management”},{“component”:”repeater_item”,”id”:”ZDKqC”,”icon”:”fa fa-angle-double-right”,”text”:”Android & iOS Profile Configuration”}],”alignment”:”text-left”,”icon_size”:””,”list_style”:””},{“component”:”hc_space”,”id”:”nKJQd”,”css_classes”:””,”custom_css_classes”:””,”custom_css_styles”:””,”size”:”m”,”height”:””},{“component”:”hc_wp_editor”,”id”:”Hx2dO”,”css_classes”:””,”custom_css_classes”:””,”custom_css_styles”:””,”editor_content”:”App Management:“},{“component”:”hc_icon_list_simple”,”id”:”mzd5V”,”css_classes”:””,”custom_css_classes”:””,”custom_css_styles”:””,”rows”:[{“component”:”repeater_item”,”id”:”6cwrw”,”icon”:”fa fa-angle-double-right”,”text”:”Android Enterprise Store”},{“component”:”repeater_item”,”id”:”RTp2r”,”icon”:”fa fa-angle-double-right”,”text”:”Apple VPP”},{“component”:”repeater_item”,”id”:”IubUW”,”icon”:”fa fa-angle-double-right”,”text”:”Single App & Multi App KIOSK Mode”},{“component”:”repeater_item”,”id”:”X1hGR”,”icon”:”fa fa-angle-double-right”,”text”:”System-App Einschränkungen”},{“component”:”repeater_item”,”id”:”Z5O3k”,”icon”:”fa fa-angle-double-right”,”text”:”App Whitelisting & Blacklisting”},{“component”:”repeater_item”,”id”:”7L98S”,”icon”:”fa fa-angle-double-right”,”text”:”Allowed & Necessary Apps”},{“component”:”repeater_item”,”id”:”StVph”,”icon”:”fa fa-angle-double-right”,”text”:”Apps install/ deinstall (Inhouse & Store Apps)”},{“component”:”repeater_item”,”id”:”PqHqr”,”icon”:”fa fa-angle-double-right”,”text”:”(Automated) App-Updates (iOS & Android)”},{“component”:”repeater_item”,”id”:”mgEPT”,”icon”:”fa fa-angle-double-right”,”text”:”Shared iPad Management”}],”alignment”:”text-left”,”icon_size”:””,”list_style”:””},{“component”:”hc_space”,”id”:”DLwee”,”css_classes”:””,”custom_css_classes”:””,”custom_css_styles”:””,”size”:”m”,”height”:””},{“component”:”hc_wp_editor”,”id”:”kttrd”,”css_classes”:””,”custom_css_classes”:””,”custom_css_styles”:””,”editor_content”:”Data Security & Safe Communication:“},{“component”:”hc_icon_list_simple”,”id”:”52OAV”,”css_classes”:””,”custom_css_classes”:””,”custom_css_styles”:””,”rows”:[{“component”:”repeater_item”,”id”:”DN2B4″,”icon”:”fa fa-angle-double-right”,”text”:”Lost Mode if device is lost or stolen”},{“component”:”repeater_item”,”id”:”WDfB0″,”icon”:”fa fa-angle-double-right”,”text”:”Remote Block/ Wipe Function”},{“component”:”repeater_item”,”id”:”PdO3e”,”icon”:”fa fa-angle-double-right”,”text”:”Bug Report”},{“component”:”repeater_item”,”id”:”b64J4″,”icon”:”fa fa-angle-double-right”,”text”:”Passcode Policies”},{“component”:”repeater_item”,”id”:”EXGvg”,”icon”:”fa fa-angle-double-right”,”text”:”WiFi Whitelist/ Blacklist”},{“component”:”repeater_item”,”id”:”Qasub”,”icon”:”fa fa-angle-double-right”,”text”:”Per-App-VPN “},{“component”:”repeater_item”,”id”:”3Q4Xg”,”icon”:”fa fa-angle-double-right”,”text”:”Integrated Messenger Application”},{“component”:”repeater_item”,”id”:”gCZ0H”,”icon”:”fa fa-angle-double-right”,”text”:”Define Policies, Restrictions and allowed Apps “}],”alignment”:”text-left”,”icon_size”:””,”list_style”:””},{“component”:”hc_space”,”id”:”zwEXA”,”css_classes”:””,”custom_css_classes”:””,”custom_css_styles”:””,”size”:”m”,”height”:””},{“component”:”hc_wp_editor”,”id”:”KTzTN”,”css_classes”:””,”custom_css_classes”:””,”custom_css_styles”:””,”editor_content”:”These Features are relatively self-explanatory. But it is often unknown how they can be combined or even how they need to be combined in order to secure IT security completely.\nLet’s have a closer look at single security issues that can be solved with an MDM.”},{“component”:”hc_space”,”id”:”9h2WJ”,”css_classes”:””,”custom_css_classes”:””,”custom_css_styles”:””,”size”:”m”,”height”:””},{“component”:”hc_wp_editor”,”id”:”6ImPl”,”css_classes”:””,”custom_css_classes”:””,”custom_css_styles”:””,”editor_content”:”

1. Introduction of a safe communication strategy in the company for IT Security:

\n \n\nThe biggest challenge is that companies rely more and more on Mobile ways of communication like Microsoft Teams or other messenger applications like What’s App, since employees are more mobile and work from basically everywhere.\nCompanies now face the challenge to enable this kind of mobile communication, because it simplifies work and makes them more attractive as employers – but on the other hand this creates more risks for IT security. You can read more about it in this blog article.\n\nIn order to not give attackers any chance of compromising the IT security via chats or SMS (e.g. Smishing attacks), there are certain security policies that need to be enforced via MDM.\nIt helps to envision which kind of tasks the users usually work on with their mobile devices to be more aware of risks.\n\n \n

1.1 Regulate the reception and dispatch of sms:

\n \n\nIf the companys’ mobile devices are solely for work purposes you can restrict the dispatch and reception of SMS. It is also possible to define a whitelist for certain numbers where sms can still be received. Furthermore, to prevent smishing, you can also forbid that websites from unknown sources can be opened or that downloads start without authorisation.\n\n \n

1.2 Secure email and messenger integration:

\n \n\nIn general we advise to integrate an email application that is especially created for business purposes and thus presumably safer. Microsoft Outlook can be used and integrated into an MDM, but also gmail might be used without bigger security issues.\nIt is still important though, to instruct the users to not connect the company mail with online shops or other websites that connect data.\n\nIf you want to use a messenger in your company, we generally recommend to install a safe application. The facebook messenger, slack or Whats App should not be used to transfer important data. Furthermore the App / Play Store should be configured, so that it is not possible to download unauthorized messenger apps.”},{“component”:”hc_space”,”id”:”pC1Xn”,”css_classes”:””,”custom_css_classes”:””,”custom_css_styles”:””,”size”:”m”,”height”:””},{“component”:”hc_image”,”id”:”x8Xvb”,”css_classes”:””,”custom_css_classes”:””,”custom_css_styles”:””,”image”:”https://www.mobivisor.de/wp-content/uploads/2016/12/FAQ_IV_split_image-1024&/#215;341.jpg|400|1200|100010862″,”alt”:””,”thumb_size”:”large”},{“component”:”hc_space”,”id”:”V9wGk”,”css_classes”:””,”custom_css_classes”:””,”custom_css_styles”:””,”size”:”m”,”height”:””},{“component”:”hc_wp_editor”,”id”:”nx70g”,”css_classes”:””,”custom_css_classes”:””,”custom_css_styles”:””,”editor_content”:”

2. Increasing IT Security by solving problems on mobile devices with an MDM:

\n \n\nAnother reason to introduce an MDM to increase the level of IT security is that technical problems can be directly solved via MDM in some cases. Operating errors can be solved with the help of remote support functions.\n\n \n

2.1 Report and Avoidance of errors:

\n \n\nMobiVisor MDM, as a holistic MDM, has a debug log feature.\nThis means that the admin can request a log of the last activities of the device via the MDM. If an error has occurred, the cause can be discovered.\nIf the admin cannot solve the error directly, it is possible to report the bug to the MDM provider. In this way, errors can be corrected without having to reset the device each time.\nThe centrally controlled setup of mobile devices with all apps and policies also prevents bugs from creeping in right from the start.\n\n \n

2.2 Simplifying operation through KIOSK mode:

\n \n\nDevices running in KIOSK mode are characterized by a reduced user interface. That is, there are only a few predefined apps that can be used on the phone. As a rule, the system settings cannot be accessed by the user and thus cannot be changed. This also means that no settings can be made that could paralyze the device or prevent the basic setup.\nAnother advantage of the KIOSK mode is that it acts as a user interface above the actual user interface of the mobile device. All changes that are made are therefore only made on the KIOSK interface, but not in the device itself. If the KIOSK mode is removed, any incorrect settings would also disappear.\nA clear specification of how devices must be operated generally increases IT security. The less the user has to decide and set up himself, the better the implementation of the company’s internal security guidelines.\n\n \n

3. IT security and risk management with the help of MDM:

\n \n\nWhen mobile devices are used, they are exposed to many risks.\nFor example, mobile devices can be stolen more easily, can be lost or attempts are made to root them in order to circumvent security restrictions.\nPublic WLAN networks are also a risk factor, because you can never check how secure they are. If the mobile devices are also allowed to be used for private purposes, there is quickly a risk that private and professional data will be mixed.\nComprehensive risk management therefore increases IT security immensely.\n\nWith the help of an MDM, control mechanisms can be introduced for these threats to IT security:\n\n \n

3.1 Data recovery in case of loss or theft:

\n \n\nEvery mobile device should perform regular backups of the important data.\nThis is because if the mobile device is lost, it can then be locked and wiped via the MDM without also deleting all data from the user’s account. This double data storage is more costly, but also essential if you want to guarantee secure and effective mobile working.\n\nIf a device is lost or stolen, one of the strengths of MDM also becomes apparent: namely, the clear assignment of users and devices. This means that the device in question can be taken out of service immediately. In this way, any attempt to gain access to corporate data can be prevented.\n\n \n

3.2 Preventing the removal of the MDM:

\n \n\nThere is an additional feature in MobiVisor to report rooting or resetting the device as a security breach. This action can then not be performed and in addition a message is sent to the admin that an attempt has been made to remove MobiVisor MDM from the device.\n\n \n

3.3 Secure Internet connections and clean data separation:

\n \n\nIt is always recommended, especially for companies with very sensitive data, to define which Internet connections are allowed to be used through the mobile devices.\nThe ‘Whitelist WiFi connection’ function is available for this purpose. This prevents the device from automatically dialing into open WLANs.\nIf mobile devices are also used privately, private use of the Internet cannot be configured for legal reasons, but by installing an extra work profile on the mobile device, you can at least make a clean distinction between work and private use.\nIn this way, the work profile can prevent unsafe Internet connections from being used. However, extensive training on data security is generally recommended for this type of device use.\n\n “},{“component”:”hc_space”,”id”:”DWCrT”,”css_classes”:””,”custom_css_classes”:””,”custom_css_styles”:””,”size”:”m”,”height”:””},{“component”:”hc_wp_editor”,”id”:”ESju5″,”css_classes”:””,”custom_css_classes”:””,”custom_css_styles”:””,”editor_content”:”

Conclusion: 

\n \n\nWith an MDM, various important layers of IT security can be covered, like an onion. Starting with the professional setup of the devices with all important accounts and apps, to the definition of security policies – to the specification of the way of usage and problem solving. The topic of IT security is, of course, even more complex than simply securing the hardware – but fundamentally, this is the first step in properly protecting companies and their data.”}]}],”section_settings”:””},”column_GtXro”:{“id”:”column_GtXro”,”main_content”:{“component”:”hc_space”,”id”:”nKJQd”,”css_classes”:””,”custom_css_classes”:””,”custom_css_styles”:””,”size”:”m”,”height”:””}},”column_7nIAj”:{“id”:”column_7nIAj”,”main_content”:{“component”:”hc_wp_editor”,”id”:”Hx2dO”,”css_classes”:””,”custom_css_classes”:””,”custom_css_styles”:””,”editor_content”:”App Management:“}},”column_CwxWv”:{“id”:”column_CwxWv”,”main_content”:{“component”:”hc_icon_list_simple”,”id”:”mzd5V”,”css_classes”:””,”custom_css_classes”:””,”custom_css_styles”:””,”rows”:[{“component”:”repeater_item”,”id”:”6cwrw”,”icon”:”fa fa-angle-double-right”,”text”:”Android Enterprise Store”},{“component”:”repeater_item”,”id”:”RTp2r”,”icon”:”fa fa-angle-double-right”,”text”:”Apple VPP”},{“component”:”repeater_item”,”id”:”IubUW”,”icon”:”fa fa-angle-double-right”,”text”:”Single App & Multi App KIOSK Mode”},{“component”:”repeater_item”,”id”:”X1hGR”,”icon”:”fa fa-angle-double-right”,”text”:”System-App Einschränkungen”},{“component”:”repeater_item”,”id”:”Z5O3k”,”icon”:”fa fa-angle-double-right”,”text”:”App Whitelisting & Blacklisting”},{“component”:”repeater_item”,”id”:”7L98S”,”icon”:”fa fa-angle-double-right”,”text”:”Allowed & Necessary Apps”},{“component”:”repeater_item”,”id”:”StVph”,”icon”:”fa fa-angle-double-right”,”text”:”Apps install/ deinstall (Inhouse & Store Apps)”},{“component”:”repeater_item”,”id”:”PqHqr”,”icon”:”fa fa-angle-double-right”,”text”:”(Automated) App-Updates (iOS & Android)”},{“component”:”repeater_item”,”id”:”mgEPT”,”icon”:”fa fa-angle-double-right”,”text”:”Shared iPad Management”}],”alignment”:”text-left”,”icon_size”:””,”list_style”:””}},”column_abBmA”:{“id”:”column_abBmA”,”main_content”:{“component”:”hc_space”,”id”:”DLwee”,”css_classes”:””,”custom_css_classes”:””,”custom_css_styles”:””,”size”:”m”,”height”:””}},”column_mCcWm”:{“id”:”column_mCcWm”,”main_content”:{“component”:”hc_wp_editor”,”id”:”kttrd”,”css_classes”:””,”custom_css_classes”:””,”custom_css_styles”:””,”editor_content”:”Data Security & Safe Communication:“}},”column_1TozK”:{“id”:”column_1TozK”,”main_content”:{“component”:”hc_icon_list_simple”,”id”:”52OAV”,”css_classes”:””,”custom_css_classes”:””,”custom_css_styles”:””,”rows”:[{“component”:”repeater_item”,”id”:”DN2B4″,”icon”:”fa fa-angle-double-right”,”text”:”Lost Mode if device is lost or stolen”},{“component”:”repeater_item”,”id”:”WDfB0″,”icon”:”fa fa-angle-double-right”,”text”:”Remote Block/ Wipe Function”},{“component”:”repeater_item”,”id”:”PdO3e”,”icon”:”fa fa-angle-double-right”,”text”:”Bug Report”},{“component”:”repeater_item”,”id”:”b64J4″,”icon”:”fa fa-angle-double-right”,”text”:”Passcode Policies”},{“component”:”repeater_item”,”id”:”EXGvg”,”icon”:”fa fa-angle-double-right”,”text”:”WiFi Whitelist/ Blacklist”},{“component”:”repeater_item”,”id”:”Qasub”,”icon”:”fa fa-angle-double-right”,”text”:”Per-App-VPN “},{“component”:”repeater_item”,”id”:”3Q4Xg”,”icon”:”fa fa-angle-double-right”,”text”:”Integrated Messenger Application”},{“component”:”repeater_item”,”id”:”gCZ0H”,”icon”:”fa fa-angle-double-right”,”text”:”Define Policies, Restrictions and allowed Apps “}],”alignment”:”text-left”,”icon_size”:””,”list_style”:””}},”section_Bae7v”:{“component”:”hc_section”,”id”:”section_Bae7v”,”section_width”:””,”animation”:””,”animation_time”:””,”timeline_animation”:””,”timeline_delay”:””,”timeline_order”:””,”vertical_row”:””,”box_middle”:””,”css_classes”:””,”custom_css_classes”:””,”custom_css_styles”:””,”section_content”:[{“component”:”hc_column”,”id”:”column_IpBpU”,”column_width”:”col-md-12″,”animation”:””,”animation_time”:””,”timeline_animation”:””,”timeline_delay”:””,”timeline_order”:””,”css_classes”:””,”custom_css_classes”:””,”custom_css_styles”:””,”main_content”:[{“component”:”hc_wp_editor”,”id”:”upKtE”,”css_classes”:””,”custom_css_classes”:””,”custom_css_styles”:””,”editor_content”:”

Do you want to know more about MDM and how it enhances your IT Security? Send us a message to [email protected]

“}]}],”section_settings”:{“component”:”hc_section_image”,”id”:”section-image”,”image”:”https://www.mobivisor.de/wp-content/uploads/2022/06/electronic-background-1024&/#215;240.jpg|375|1600|100009641″,”full_screen”:false,”full_screen_height”:””,”parallax”:false,”bleed”:””,”ken_burn”:””,”overlay”:””}},”scripts”:{},”css”:{},”css_page”:””,”template_setting”:{“settings”:{“id”:”settings”}},”template_setting_top”:{},”page_setting”:{“settings”:[“lock-mode-off”]},”post_type_setting”:{“settings”:{“image”:”https://4469c76b4495f0886ab73.admin.hardypress.com/wp-content/uploads/2016/12/FAQ_IV_thumbnail-1024×683.jpg|800|1200|100010873″,”excerpt”:”The IT Security is many layered like an onion. And an MDM is also a part of that onion, but has many layers itsself. Let’s discover the onion that is MDM. “,”extra_1″:””,”extra_2″:””,”icon”:{“icon”:””,”icon_style”:””,”icon_image”:””}}}}



This post first appeared on The MobiVisor Blog, please read the originial post: here

Share the post

FAQ IV: IT Security and MDM

×

Subscribe to The Mobivisor Blog

Get updates delivered right to your inbox!

Thank you for your subscription

×