For mobile management in the enterprise, organizations must establish policies for the acquisition, security and usage monitoring of mobile devices. Enterprise IT departments need to develop and set up mobile usage policies that are molded and customized for the organization’s needs and processes.
The following five guidelines will accelerate mobile deployments, helping customers manage risks, control expenses and realize immediate ROI.
1. Identify target user groups for mobile policy
Define target users for the usage policies individually and group them based on job profile, location, or organization hierarchy. Typical user groups may be employees in a department such as sales or finance, executives who frequently travel overseas or temporary employees such as contractors or student interns. Keep in mind that you are grouping employees for the purpose of assigning usage policy limits.
2. Decide what types of usage will be tracked and set limits
Typical usage types may include voice minutes, text messages, multi-media messages, international roaming minutes, data plan limits. Spend limits should be defined by user or group for voice, text, data, roaming, and international usage. Identify policy rules that can help reduce expenses. For example, when employee approaches threshold limits for voice or data usage (say 80% of maximum limit), issue alerts to employee to contain usage within budget or alert admin to upgrade plan; or if an employee calls 411 for directory inquiry, automatically redirect to a free service.
3. Define device and service plan acquisition policies
Put together pre-negotiated procurement bundles of devices and service plans and map them to groups. For example, you may have different configurations for sales department, finance, and executive management. Define approval process flows for new device requisitions, including how orders will be generated and automatically routed to suppliers and carriers.
4. Define security policies for provisioning and ongoing management of mobile devices and usage
Security policies will need the most attention. At the outset, if the device is not running the latest version of iOS or Android available for the device, policy should alert the user to upgrade before she can connect to the corporate network. Similarly, block jail broken iPhones and rooted Android phones from accessing the corporate network. Device passcodes should be required on all company owned and BYOD devices that access corporate network. When an employee tries to connect to the corporate network from a BYOD device, security policy should block access unless the device meets the security policies and is secured with an approved solution.
Define conditions that will trigger control steps and map them to appropriate control actions. Conditions may include geographic location boundaries such as company business locations; unprotected Wi-Fi access at airports or cafes; international roaming status; missing, lost, or stolen device; device registered to terminated or departed employee.
Control actions may include alerts to users and admins, initiation of approval processes for automatically ordering money saving service plan when an employee is travelling internationally, or even shutting down data plan, disconnecting service, remotely locking a device, or wiping device contents. When a mobile device is lost or stolen, it should be locked and all corporate data and apps wiped clean.
5. Develop Mobile app, device feature and content policy
Policy should require that mobile apps are installed only from approved App Stores (e.g. Apple App Store, Google Play, private enterprise app store). When employee is within work location boundaries during regular work hours, “blacklisted” apps such as games and social media and the device camera can be disabled. When employee uses a corporate mobile app to access enterprise data, the data must be delivered in a secure container which is automatically wiped upon exit from the corporate app.
Clearly defining these five policies for mobile management with trigger conditions and associated actions can help IT gain control over mobile usage without sacrificing flexibility for users. The ability to push policies over the air and across user groups helps ensure compliance. When policies have been set up and pushed to devices, a mobile device management solution can automatically monitor and enforce cell phone policies, flag outliers that are not complying with policies, and automatically send alerts to users and admins as well as audit reports to managers responsible for the appropriate cost centers.