As a business owner, you should control every device that connects to your company network, cloud accounts or data.
In today's workplace, employee's often use their personal devices for work, and this causes IT security issues.
Mobile Device Management (MDM) allows you to control access to company data on employee's laptops and phones. Every business - big or small - needs mobile device management and Identity Access Management.
In this post, we answer common questions about Mobile Device Management for small business. For IT support Services, reach out to our Toronto based team anytime.
Need help with Techaches or IT challenges?
Book a discovery call for options & an estimate.
The most secure option of managing devices that connect to your company data is to own them, secure them and manage them yourself, and loan them to employees for use. Or to use a gold standard remote work solution such as Windows Virtual Desktop.
If you allow employee owned devices to access company data, it is imperative that you establish Mobile Device Management policies.
Mobile Device Management (MDM) is an IT security framework which allows companies to better control access to company data on employee's devices, or to restrict it altogether, as well as set and enforce IT security policies to limit risk of data loss and breach.
The main features and benefits of Mobile Device Management are:
- User Access Control – user accounts and devices are authenticated against approved list before they can connect to company data
- Data Security - enforce Do Not Copy, Do Not Forward, Do Not Download and other data security controls
- Secure Password Enforcement– enforce strong passwords that meet minimum requirements
- Enforce data encryption – prevent non-encrypted devices from connecting to company data
- Enforce screen locks – extra protection on devices leaving company premises
- Remote Device Wipe – in the event of theft, loss or employee exit, company data can be wiped from employee owned devices
Enabling these IT security controls are considered best practice.
If the devices are company owned, you do not need to obtain consent from employees, however you may wish to have all employees sign an Acceptable Use Policy which outlines expectations for each employee to practice good cyber security habits, and not to engage in high risk behaviour.
If the devices are employee owned, you may need to obtain consent, especially if you wish to employ remote wipe of a device after employee departure. Alternatively, with the right MDM setup, you can simply revoke access to company email and documents after employee departure, which is less invasive than a device wipe, and a reasonable security practice.
Open communication about the need for IT security helps team members understand and accept the necessary steps your business must take, and we always recommend open dialogue.
Having employees sign an Acceptable Use Policy which would cover permission to install MDM tools on personal devices, and also expectations for online behaviour, data sharing, and cyber security awareness is recommended, and considered best practice.
Your legal counsel can assist you in drafting your policy, or you can find free templates online like this one here.
Learn more about protecting your company data with these helpful articles:
TUCU Managed IT Services Inc offers comprehensive IT security & support for small business. MDM services are part of our Managed IT Services plan. Contact us for a free consultation to discuss your IT needs.