By Brian Trzupek, Senior Vice President of Emerging Markets at DigiCert;
IT departments juggle many moving parts to support remote employees. With more than 40% of the U.S. workforce working from home during the novel coronavirus pandemic, managing mobile device use should be among them. Increasingly, employees rely on mobile devices to access the corporate network. Mobile device management (MDM) is an IT solution that enables companies to manage, control and secure connected devices for remote employees. It’s worth exploring MDM and its relationship to modern public key infrastructure (PKI) and digital certificates for a few compelling reasons.
Remote work is going everywhere
Even as social distancing guidelines ease in certain states, many companies say remote work will continue. Some firms, including Facebook, are allowing employees to work from home through the end of the year. Many more want to support increased remote work in the future and are adopting more flexible remote work policies.
“The views around work from home have completely changed,” said Stanford University economist Nicholas Bloom of the National Bureau of Economic Research, in the article “Coronavirus has lifted the work from home stigma. How will that shape the future?” “There is no stigma around working from home now.”
No stigma and, in fact, plenty of reasons to embrace remote work, including:
- Increased employee productivity – as much as 35% to 40% more, according to the Forbes article “5 Proven Benefits of Remote Work for Companies”
- Ability to attract the best talent no matter where they live
- Operational cost savings – an average of $11,000 per year per part-time remote worker, according to the Forbes article
- Happier employees because of improved work-life balance and higher employee retention as a result
- Maximizing the investment in remote tools made during the pandemic
BYOD can cause headaches for IT
Purchasing mobile devices for all employees is impractical for most companies. Bring Your Own Device (BYOD) policies will likely remain popular. However, BYOD introduces complexities into IT management and represents a major reason for MDM. Even in the U.S., where the Apple iPhone has garnered overwhelming popularity, more than half of people use a different device. Worldwide, device choices are even more diverse.
Different providers mean different operating systems and increased management challenges. The huge jump in remote employees means more people are using their personal mobile devices for business. Those devices could be unpatched or feature outdated software, potentially putting the network at risk when employees connect via VPN. It amounts to leaving a door ajar for a cybercriminal, inadvertently offering access to the device or VPN and potentially even serving as a launchpad for a network attack.
With MDM, companies gain visibility into all employee mobile devices, including BYOD, and can manage them in one place. That includes enrolling, deploying and configuring these devices, controlling access to enterprise services and apps, and enforcing compliance with network security protocols and data management policies.
Remotely control mobile devices or cybercriminals might
MDM’s security benefits are so important, they deserve a deeper dive. The number of smartphones and tablets connected to the corporate network pose a “substantial security threat to enterprise,” according to the blog post “Top 5 Reasons Why Enterprise Needs Mobile Device Management.” Mobile devices are tempting attack vectors for cybercriminals.
“MDM addresses this concern by providing consistent, state-of-the-art mobile security throughout the enterprise network.”
Among other ways, mobile device management increases the security of mobile devices by:
- Ensuring that devices have the latest software patches and are in compliance with company security directives
- Automating the deployment and provisioning of digital certificates, especially when combined with multi-factor authentication (MFA) or public key infrastructure (PKI), for secure employee login
- Enforcing compliance for devices based on multiple statuses (device, location, user or threat protection)
- Monitoring privacy controls, managing passwords, data and application restrictions
- Controlling remote access to sensitive data, and siloing corporate and personal data
Protect employee devices with mobile device management
While the number of remote employees may be unprecedented now, the popularity of both remote work and BYOD policies means remote work will thrive even as the pandemic eases. This highlights the need for heightened security for employee devices and the value of mobile device management. MDM lets companies manage, secure and control mobile devices so they can protect the network from hackers attempting to gain access during the pandemic and into the future.
And what about zero trust?
Perhaps you have heard the term zero trust? If not, let’s briefly explain what this means. Zero trust is a method of network security that takes into account multiple factors (like time of day, device attributes, OS, IP Address, requesting network, resource being accessed, etc.) to allow an escalation of device trust on the network (or to network resources) rather than (like traditional VPN) putting a ‘gate’ at the entry point of your network and allowing the attackers to work on breaching that gate. Zero trust is not for everyone though; depending on your organization’s size and sophistication, it may be too complex or costly to deploy. Look for another article from DigiCert on PKI and zero trust in the near future.