As a business owner, you should control every device that connects to your company network, cloud accounts or data.
Research shows 97% of organizations have had mobile security attacks. In today's workplace, employee's often use their personal devices for work, and this causes IT security issues, but you can reduce your risk.
Mobile Device Management (MDM) allows you to control access to company data on employee's laptops and phones. Every business - big or small - needs mobile device management and Identity Access Management.
In this post, we answer common questions about Mobile Device Management for small business. For IT support Services, reach out to our Toronto based team anytime.
of organizations faced mobile threats in 2020.
had 1 or more employees download a malicious app that threatened company cyber security.
of unmanaged devices with access to your company data are an unmitigated risk to your security.
What Is Mobile Device Management?
The most secure option of managing devices that connect to your company data is to own them, secure them and manage them yourself, and loan them to employees for use. Or to use a gold standard remote work solution such as Windows Virtual Desktop.
If you allow employee owned devices to access company data, it is imperative that you establish Mobile Device Management policies.
Mobile Device Management (MDM) is an IT security framework which allows companies to better control access to company data on employee's devices, or to restrict it altogether, as well as set and enforce IT security policies to limit risk of data loss and breach.
What are the main benefits of MDM?
The main features and benefits of Mobile Device Management are:
- User Access Control – user accounts and devices are authenticated against approved list before they can connect to company data
- Data Security - enforce Do Not Copy, Do Not Forward, Do Not Download and other data security controls
- Secure Password Enforcement– enforce strong passwords that meet minimum requirements
- Enforce data encryption – prevent non-encrypted devices from connecting to company data
- Enforce screen locks – extra protection on devices leaving company premises
- Remote Device Wipe – in the event of theft, loss or employee exit, company data can be wiped from employee owned devices
Enabling these IT security controls are considered best practice.
Is consent from employees required to use MDM?
If the devices are company owned, you do not need to obtain consent from employees, however you may wish to have all employees sign an Acceptable Use Policy which outlines expectations for each employee to practice good cyber security habits, and not to engage in high risk behaviour.
If the devices are employee owned, you may need to obtain consent, especially if you wish to employ remote wipe of a device after employee departure. Alternatively, with the right MDM setup, you can simply revoke access to company email and documents after employee departure, which is less invasive than a device wipe, and a reasonable security practice.
Open communication about the need for IT security helps team members understand and accept the necessary steps your business must take, and we always recommend open dialogue.
Having employees sign an Acceptable Use Policy which would cover permission to install MDM tools on personal devices, and also expectations for online behaviour, data sharing, and cyber security awareness is recommended, and considered best practice.
Your legal counsel can assist you in drafting your policy, or you can find free templates online like this one here.
TUCU Managed IT Services Inc offers comprehensive IT security & support for small business. MDM services are part of our Managed IT Services plan. Contact us for a free consultation to discuss your IT needs.