Tag Archives: BYOD

Mobility Management 101: Talking Tech to Teachers & Staff

As schools and universities across the globe trade their textbooks for tablets and slide rules for smartphones, the IT staff of these institutions must rise to the challenge of protecting and managing these new endpoints of burgeoning knowledge.

To aid in this vital endeavor, Fiberlink, an IBM company, hosted a 1-hour Webinar to help translate common mobility management terms into staff and teacher speak . According to webinar hosts Frank Gentile and Tyler Hoy, education mobility specialists with Fiberlink, the toughest challenge facing IT in education is evangelizing the virtues of mobile device management, mobile app management and mobile content management to budget approvers and teachers within the school district.

Unlike other industries, educational organizations often rely on bootstrap resources to manage smartphones and tablets. There are even scenarios where there are no IT resources within a district, leaving teachers with the burden of managing a technology landscape that is still misunderstood even within the most erudite IT circles.

To find out just how many schools are currently contemplating mobility, the Webinar opened with a simple poll to determine the audience’s timeframe for mobile enablement. 40% of attendees were already in a pilot program for implementing mobile devices. Another 40% had plans to initiate a pilot program before the close of this school year, while the final 20% were ready to launch a program before the end of the current calendar year.

Mobile Policies Prevent “Running in the Halls”

School is as much about learning societal rules as it is about facts and formulas. With the proliferation of mobile communication and productivity applications, students would be wise to learn the mobile rules of conduct they will be expected to follow when they enter the workforce. Policies within a mobility management platform are those first lines of defense, just as a hall monitor stops kids from pushing and shoving their way to class.

According to the second Webinar poll, over 50% of attendees were not enforcing basic policy protection (like passcodes) or remediation for lost or stolen devices (like blocking or wiping a device).  To take the severity of the situation another step, policies also quickly enable access to WiFi, apps and school content. Some participants said they were relying on Apple Configurator to meet some of these needs, but the need to physically tether devices to a management console leaves little to no room for scalability. Also, this approach only addresses one OS, Apple. In a world where Android dominates the consumer market and schools look to cut costs by relying on Bring Your Own Device Programs, the Configurator model breaks down rapidly.

With mobility management solutions like MaaS360, all devices are enrolled into the system and configured over the air. This means with the push of one button, IT (or a teacher) can easily push a notification to students via SMS or email. Once a student hits “accept”(or whatever custom End-user Licence Agreement, or EULA, the school wishes to enforce), the device is enrolled and policies are enforced.

Now, not only are devices connected to network resources, but also the administrator now has a clear view of the school’s digital footprint. Device types, installed apps, OS types and versions are all easily accessible from the front-page watchlist. If a student tries to jailbreak or root the device, policies spring into action to place the mobile rapscallion in digital detention until they are back in compliance. Digital detention can also be used when passcode entries reach their limit or for devices not on the latest and greatest operating system version (or to keep devices on older OS versions until all the bugs are worked out in the latest and greatest).

Learning: There’s an App for That!

school-lockersIn actuality there are thousands of apps that can harness the power of young minds and further foster the teacher student relationship in the digital age. However, IT has struggled with the best way to distribute the apps they want on phones and control time wasters like Flappy Bird or Candy Crush.

Enter Mobile App Management. With this tool in place IT can blacklist (ban) or whitelist (allow) both public and custom developed apps. Another popular control model is Kiosk mode, while often used in retail environments for point of sale or inventory lookup, this mode can be customized to turn school owned devices into running just the apps set by IT.

Mobile Container: The School’s Cleanest Locker

For enterprising schools that want to reap the cost savings of Bring Your Own Device, a mobile container would be the wisest choice for true security.

The container acts as a partition keeping school email, documents, apps and even web browsing in a separate passcode protected space. Even school-owned devices can benefit from these controls especially from the perspectives of web access and content distribution. A safe internet playground is not only the norm these days for students at home it also allows schools to meet Child Internet Protection Act (CIPA) requirements with robust filters based on categories or specific URL blocking.

Also of security note: within the containerized document sharing environment schools can abandon free cloud collaboration tools like Dropbox and Google Docs for a private cloud alternative. This low-cost, but infinitely more secure, alternative facilitates permission controls, sharing and even editing of the most popular file types being used today.

For the final poll of the Webinar, Fiberlink asked attendees what part of mobility management was most pressing for their district. App management was the clear winner taking 50% of the votes, while over-the-air configuration, digital detention, content control and secure browser shared the rest of the votes.

Educating (and Monitoring) the Educators

While much of the webinar and following Q&A focused on the needs of students, Frank and Tyler were quick to mention the ability to bring teachers and staff into the mobility management fold. Since MaaS360 policies can be customized into groups, the rules for adults on campus can be more flexible than the rules placed on students while ensuring their devices that are carrying sensitive student records can be located, blocked or even wiped in an adverse event.

Savvy school budget and IT leaders are rapidly learning that mobile is a first, not second screen experience, requiring the same controls and safety measures as more archaic endpoints like laptops and desktops.  Mobile device management, mobile app management and mobile content management are questions of when, not if.

Android Acceptance Accelerates in Enterprise BYOD [STATS]

IT departments have had a love/hate affair with Android since the first time the Google’s Green Guy raised his antennae: they loved the devices for themselves, while loathing the idea of end-users having access to such and open and flexible mobile OS.

In the early days of mobility, this fear of Android was a good survival instinct for these warriors of the firewall frontline. No forced email encryption…an App store rife with nefarious blackhats trying to capture data…and more fragmentation than a jigsaw puzzle when it comes to device type and OS version were all strong signs for IT to beware.

Android-enterprise-KingToday, management tools for mobility have assuaged those initial techie trepidations to make Android smartphones and tablets a viable entrée for enterprise palpability that can sit right beside Apple’s iOS. Recently, Fiberlink, an IBM company, scoured the millions of devices currently being managed by their Enterprise Mobility Management solution, MaaS360, to see just how Android is enabling enterprise mobile productivity.

Smartphones Smolder Tablets

When looking at all Android usage across MaaS360’s platform, smartphones trump tablets 84% to a paltry 16%. This stat isn’t really rife with surprise since email is the original killer app and since leaving behind the dark days of 2.0 the OS has become infinitely more secure.

However, IT still needs to be wary. Even though the Android OS lives in a 4.0 world, many users have yet to leave behind their elder operating systems for fear of change (and updating a slew of apps and other logins). This requires IT to use some form of Mobile Device Management to get these OS laggards up to current standards using policy controls for security and mobility management sanity.

 Samsung: Android’s Enterprise Savior

Device diversity has always been a hallmark of the Android OS. It’s this wide stratum between high-end and more affordable manufacturers that has made Android the clear consumer choice across the globe.

Currently the Android device leaders in the enterprise consist of:

Top 5 Android Manufacturers Managed by MaaS360 MDM

The top 5 make up 90% of all Android devices in the enterprise, and include:

  • Samsung: 56%
  • Motorola: 22%
  • HTC: 8%
  • LG: 2%
  • Asus: 2%
  • Other: 10% (Amazon, Huawei, Sony, CASIO, Pegatron)

While a short list, it’s broad enough that IT seriously needs to take a minute when considering BYOD programs allowing Android devices. Despite sharing the same “engine” each of these devices are very different under the hood. To make an impact in the market, all of these devices share their own unique features and custom baked apps that IT must decide either to allow or block until work is over. From the useful Samsung SAFE feature to less than useful bloatware beleaguering other devices, all features must be part of an enterprise mobility planning conversation.

The diversification of Android is only going to continue if the rumor’s flying out of Mobile World Congress 2014 hold any credence. With the Nokia X Window’s skinned device Android device representing the low end of the market and Samsung’s possibly waterproof, iris scanning S5 feature bonanza at the high end, the Android management challenge for IT will only increase in 2014. Fortunately, Mobile Device management solutions have also evolved in line with devices, experiencing their own evolution from simple device watchdog programs to fully enabled Enterprise Mobility Management protecting devices, apps and content.

Tactile Touchscreens at CES 14 Bludgeon BlackBerry’s Last Bastion of Hope

Say what you will about BlackBerry, but there was always one saving grace for their devices – a tactile keyboard. This one simple feature of user experience kept many in the enterprise tapping away gleefully on these “bricks with clicks” despite fallacies from apps to…well…everything else…when compared to iOS and Android devices.

Now, Tactus technology has taken all of the teeth out of BlackBerry’s bite with the invention of tactile screens for all of today’s smartphones and tablets.

tactus tactile touchscreenYou CAN Touch This

Here’s how it works: Tactus adds a small polymer layer to the Gorilla Glass on tablets and smartphones that when activated by the user adds fluid stretching the surface with micro-fluids above the device’s A to Zs. While keyboards will be the first and prevalent use for this technology, Tactus can also elevate the gaming experience by making joysticks slip free as well as A & B buttons for the more serious mobile gamers.

Oh the Places Tactile Screens Can Go

Tactus unveiled their uplifting mobile experience at the 2013 Consumer Electronics Show (CES) in beta form. CES 2014 shows the technology ready for wide market adoption.

Let’s take a minute though to speculate what Tactus might be showcasing at CES 2015 and beyond, especially when it comes to transcending beyond the basics of business or simple consumer wants.

Healthcare: Fiberlink Communications, an IBM Company, saw a record number of hospitals and other healthcare organizations sign-up for their mobile device management platform MaaS360 in 2013. Doctors and nurses are foregoing hospital provided computers on wheels (COWs) and traditional laptops for the easier to use (and carry) smartphones and tablets. This was especially prevalent in nursing staff where Bring Your Own Device (BYOD) isn’t a luxury, but a necessity considering many are transitory between facilities.

Currently, many of these devices are simply being used to access medical records. However, as I recently learned at my dermatologist, the App market is exploding for medical devices. My mole mapping has transformed from being written down in sentences to being visually displayed on a cartoon of my body. One tap at a time the doctor was able to place my most suspect moles on a virtual figure of my frame. With Tactus technology the weight and density of each malicious spot could be displayed in startling 3-D accuracy.

Move forward a few more years and we could see raised buttons on screens become the console for performing robotic assisted surgeries that today require a Pac-Man size joystick. While the patients might find it disconcerting, doctors will appreciate the world of 2020 when they can do emergency surgeries remotely from their tablet.

Financial & Legal: How many email signatures have you seen apologizing for typos because a message was sent from a mobile device? For the financial and legal markets, there are no excuses for the famed fat fingering of information. In the beginning of the smartphone craze, email security was the main reason these industries shunned the hysteria for touch screens. Once email encryption became the norm though, there was still a leeriness to move away from BlackBerry because the touch keyboard ensured accuracy. When you are in an industry where the terminology isn’t standard in spell check, one must rely on themselves to write the right words. With Tactus technology, tort won’t be as easily changed to tortoise.

Retail: I’m stretching here a bit (pardon the pun), but I truly envision a tomorrow where the feel of these new tactile buttons will be able to be manipulated to finally bring bricks and clicks together in the virtual world. How many times have you loved an outfit online, only to have it arrive on your doorstep with a fabric that’s scratchier than Laura Ingalls Wilder wear. Wouldn’t it be a wonderful experience to actually feel the fabric before you add it to your cart?

Obviously we could extrapolate this technology to every industry if we just imagine: In education where phones could become a “Please Touch” museum on the go, or in manufacturing where again precision level joysticks could move human intervention on the assembly line to a lounge chair affair. Tactus is the advent technology we’ve wanted since the television entered our living rooms. For today the technology is a simple keyboard, with a little imagination though, Tactus has the potential to finally obliterate the virtual and physical divide.

Drawers Filled with Deactivated Devices Don’t Delete Data

By Rob Patey

As people unwrap their shiny new smartphones and tablets this holiday season, a majority of their archaic devices will be destined for drawers and donation bins. Before these relics head to the mobile mausoleum, are you ensuring they don’t carry company secrets to the grave with them?

device_trashWhat do you do with your old smartphones and tablets? If you’re like my wife and I, you probably slip the last generation into a discrete junk drawer in case your newest tech takes a nose dive. The devices that were already in the drawer from the last culling then make their way to a worthy charity. Since I’ve always been an IT marketer, I know the dangers of leaving data on a dead device, so I ensure factory settings are restored before administering last rites. My wife, an IT neophyte, never thinks to take this crucial step despite the fact her smartphone carries data ten times more sensitive and regulated than the marketing materials on my device. It’s not her fault and the research shows she is far from alone.

Ho, Ho, Oh No!

Black Friday and Cyber Monday were dominated by mobile tech purchases, and current estimates from the Consumers Electronic Association show that 50% of people plan to make smartphones and tablets part of their Holiday shopping sprees. Each of these gorgeous new gadgets will inevitably send last year’s iPhones, Androids and Windows to the death drawer…if you’re lucky. In a poll conducted by Harris Interactive on behalf of Fiberlink at the end of the last holiday season, 68%of respondents said data leak protection was the last thing on their minds before their devices met the following fates:

  • 58% of respondents kept the device
  • 16% had the data professionally wiped
  • 13% turned the device into the service provider (without wiping the data first)
  • 11% donated the device to threw it away in the trash
  • 5% had the device securely destroyed
  • 9% other

Let’s assume for a second that the “other” responses actually had data protection on their minds before decommissioning their devices. This still leaves a large percentage of BYODers paying forward corporate connectivity credentials to Wi-Fi, email and any other content that can be accessed via mobile (which these days means all content). And rest assured all those devices that were kept for now, will meet one of the other fates when it comes time for spring cleaning.

Hope for Post-Holidays

Fortunately, this reckless abandon with company data does not have to be the norm. Corrective measures though require one part diligence on the part of the IT department and one part education for employees. Fiberlink’s Chief Security Officer, David Lingenfelter offers the following advice:

  1.  Notify Your IT Department. Once you receive a new device and want to use it for your company’s BYOD program, send your IT department a note and let them know you will be swapping devices.
  2. Transfer Corporate Materials to Your New Device. Have your IT department quickly transfer all corporate materials from the old device to the new device through their mobile device management (MDM) platform. This generally involves enrolling in an MDM solution which pushes down corporate e-mail and Wi-Fi profiles, applications and corporate documents. If you don’t have an MDM solution, ask your IT department to assist with transferring data, although don’t be surprised if IT is no longer your best friend since this is a very time consuming process.
  3. Extract Personal Data from Your Device. Now that your corporate data has been transferred to the new device, remove and save all personal files. This can be accomplished with the native tools and back-up services of the operating system or the manufacture (e.g., Apple’s iCloud and Google Drive).
  4. Erase all Remaining Personal and Corporate Data. Fully decommission the old device by removing all personal and corporate data. Most devices have an option in the setting menu to perform a factory data reset which will wipe the data completely. This can also be accomplished remotely by an MDM platform. Note: In some tablets and smartphones, you should manually remove the storage card and use it in your new device or erase the data from it as well.

While seemingly simple, remember that corporations have more than one employee. If 74% of the company arrives on January 1st with requests for new device enablement, IT will need to shelve any other projects on their radar for the next few weeks. With mobile device management in play the identification of new devices is automatic as are the requests to enroll, enable and distribute content and apps. As the capabilities of mobile devices grow, the need for data vigilance grows exponentially faster.

Can IT COPE with BYOD? Apparently Not! [Infographic]

Can IT COPE with BYOD? Apparently Not!

By Rob Patey 

In our acronym-happy world, Corporate Owned Personally Enabled (COPE) is simply a new way of saying  “mobility as it has always been.” Basically, the company owns the employee’s phone and decides exactly what is and is not permitted on the device. From apps to encryption, IT makes the majority of the rules. While some personal freedom exists for the employee, the limitations are greater than the liberties.

Bring Your Own Device (BYOD) is the upstart concept that gained notoriety when tablets hit the scene, smartphones got smarter with connectivity to corporate resources like email and Wi-Fi, and data plans became infinitely more affordable. While many companies showed boons in productivity from BYOD, security concerns and support of multiple mobile operating systems caused much consternation for IT.

Mobile Device Management became the great mediator in this debate. With MDM, IT finally had the ability to identify the devices connecting to resources and then apply policy rules to rein in any rogues on the network. Technically speaking, with MDM in their arsenal, IT could apply controls on email and apps to BYOD devices as easily as they could to devices they procured for employees. But that’s technically speaking. Persnickety little things like freewill and the mantra of “not on my device” has apparently left many BYOD devices far more open than their COPE counterparts – and now we have the data to prove it.

BYOD Freedom

Fiberlink recently pulled data on their security policies to see whether BYOD devices were being held to the same security standards as corporate owned hardware. As you can see from the chart below, BYOD workers retain far more personal liberties with their devices.

Again, while it’s technically possible to impose the same rules for all devices, many organizations still respect their employees’ ability to make sound choices with their own devices. Now, with personal liberty kudos out of the way, we can ask whether IT is making the right choice in this regard.

Security and control are issues that must be examined industry by industry and company by company. While certain tenets like email encryption should be applied across the board, other facets of mobility like apps, YouTube access and cloud file sharing get a bit stickier. In highly regulated industries like finance, healthcare and government, access to applications like Dropbox should be a concern on any device. However, for an SMB working on a lean IT budget, Dropbox becomes a must-have to keep the business growing and information flowing amongst employees. Likewise, with YouTube and other apps, restricting marketing access is a serious impediment to employees’ jobs as they look for inspiration to create campaigns. Folks in finance though, could probably live without access to a million silly cat videos.

As the data shows, COPE is still a more secure option, but that’s a cultural choice versus a technological imperative. At the end of the day, you need to decide what is right for your business and your employees’ well-being and productivity. Whether you choose a more stringent or more lax approach is up to you. Just know that MDM solutions are available to accommodate the security and control you need along whichever path you choose.

COPE-BYOD Infographic

 

Embrace a Zombie for a Healthy Marketing Jack

What to do when your list is exhausted and Halloween is approaching – embrace the Holiday for registrations that go through the roof. Concept and copy by moi. Execution by my very good design friends.

Zombie-Header-Eloqua

They shuffle mindlessly through the halls; satiating an unquenchable thirst for bandwidth off the corporate WiFi and gurgling a unison mantra for eeeeeemail and aaapps. They are your employees and they have been infected by the alluring glow of their smartphones and tablets .

The only thing standing between enterprise data security and the BYOD apocalypse is you – the IT Hero. And here are your weapons of survival!

MaaS360 Productions Proudly Presents
The BYOD Survival Zone

Starring 

BYOD_meaty_resources

MARVEL at meaty resources and templates field tested against the most gruesome of BYOD attacks!!!!

BYOD_bloody_good_reads

BASK in the bloody blogs boasting beat downs of BYOD infractions!!!!

 BYOD_terror_tubes

TURN-ON the terror tubes of m-zombie demise!!!!

BYOD_stories_of_survival

CHASE down the chilling case studies chastising the unchaste of BYOD!!!!

iOS 7 – Helping Business Quit CrackBerry

While BlackBerry has been on a downward spiral since the first touch devices started to hit the market, events over the past few weeks seem to have taken the company that first inspired our love of all things mobile from on-the-ropes to down-for-the-count.

blackberry-death-smallThe first crushing blow came from the news of the “king of tiny keyboards” opening up the doors for sale: a 4.7 billion dollar cry for salvation from lackluster BB Z10 sales that was exacerbated by market fervor for Apple’s new darlings, the iPhones 5S and 5C.

Next came Gartner analyst Ken Dulaney’s ominous advice, “Gartner recommends that our [BlackBerry enterprise] clients take no more than six months to consider and implement alternatives to BlackBerry. We’re emphasizing that all clients should immediately ensure they have backup mobile data management plans and are at least testing alternative devices to BlackBerry.”

Despite the popularity of iOS and Android devices, BlackBerry has been a dominant force in security-conscious industries like finance and government. With BlackBerry’s tenuous future, can these or any industry afford to sit on their hands and wait for BES support to just go dark? Quite simply, no, they can’t. The productivity boons that come from smartphones and tablets have become a matter of course for getting things done whether part of a corporate owned program (COPE) or as part of a Bring Your Own Device (BYOD) program. So what’s the alternative to keep the wheels of mobile productivity moving while ensuring the same lock-tight security that was offered by BlackBerry?

iOS 7 & Mobile Device Management – Soothing the CrackBerry DTs

While the physical keyboard has gone the way of the dinosaur, the other benefits offered by the BlackBerry experience—like native OS security and isolation of corporate data—have taken exponential leaps forward with iOS 7 and Mobile Device Management (MDM) solutions.

The walled-garden of Apple apps and lack of fragmentation have made it the corporate go-to choice for mobility especially with the rise of BYOD, but BlackBerry was still a favorite for organizations that wanted that small extra level of security and control of corporate data.

Recently, Fiberlink held iOS 7 Webinars (Part 1 & Part 2) to introduce the enterprise-features available in the updated operating system. With these changes comes the extra assurance for IT, compliance, and legal that they will maintain the same levels of control and security they found in the days when BES reigned supreme.

A few business-ready features include: 

  • Open In Management: Control data leaks from corporate apps, documents and accounts with MDM right out of the box.
  • Per App VPN: Enable your managed apps to securely connect to corporate networks and information.
  • Volume Purchase Program (VPP): Save money by retaining full ownership and control over VPP licenses of apps and books when users no longer need them.
  • MDM enrollment Options: Includes a number of new commands, queries, and configuration options that make third-party MDM solutions even more powerful.
  • Enterprise Single Sign On (SSO): Enable authentication into corporate apps just once, making it easier for your users to be more efficient and productive.
  • Third-Party App Data Protection: Leverage encryption of app data automatically using the user’s passcode to create a strong and unique encryption key.

Further control can be found in the implementation of the right MDM solution—one that can support iOS and Android and handle your legacy BlackBerry devices until they are phased out. Some control features include:

  • Touch ID Control: Turn on/off fingerprint unlocking and report whether it is enabled on a device.
  • Silent App Install: Automatically install apps on supervised devices.
  • Report on Activation Lock: Know when Activation Lock in Find My iPhone is enabled (used as a theft deterrent) locking a device to the user’s Apple ID.
  • Personal Hot Spot Control: Turn on/off personal hot spot provided through a carrier and report whether it is enabled on a device.

The final piece of the security puzzle can be found in container solutions that provide a dual persona experience, like the MaaS360 Secure Productivity Suite. With these capabilities in place, all corporate emails, documents and apps with access to network resources are held within a “sandboxed” environment to control the movement of data and avoid leaks.

While BlackBerry devices may linger for a little while longer, business is run on planning. You need to know what tomorrow will bring so you can avoid any unnecessary downtime.