Enterprise Mobile Device Content Control - dummies

Enterprise Mobile Device Content Control

By Rich Campagna, Subbu Iyer, Ashwin Krishnan, Mark Bauhaus

Corporate policies regarding security and risks, may require you to inspect and tightly control data and applications residing on corporate-owned mobile devices. This includes Windows and Mac computers as well as mobile devices.

What policies might make sense if you’re required to comply with strict requirements controlling the data and applications on your corporate-owned mobile devices? Here are the various types of contents on mobile devices that are liable to being controlled for compliance purposes:

  • SMS messages

  • Contacts

  • Photos

  • Videos

  • List of apps installed

Controlling these types of data involves sending copies of the data to the central management console. From that console, an administrator can analyze the types of messages being received on devices that are used within the corporate network, or the photos that are being taken on them, or the applications that are installed on them.

You can restrict the apps installed on devices within the work environment to a list of corporate-approved apps. For example, your company may decide that the Facebook app should not be installed on any device that is used for work-related purposes, such as checking e-mail.

For compliance purposes, any of the previous types of data could provide forensic information, if it were needed to analyze the causes of a data breach. But again, it might not be required (or even legal!) in your company, depending upon the industry type, geographic location, and federal or local laws.

In addition, the nuances of personal and corporate-owned devices may provide a distinction between the types of content that are allowed to be inspected. For example, in many companies in the U.S., employees would balk at their employer inspecting and controlling their photos, videos, and contacts. This is an example of a compliance policy that may differ in nature, depending on the type of employer, industry, or location of the company.

Compliance Policies for Monitoring and Control
Personal Devices Corporate-Owned Devices
Some, maybe none, of the policies enforced on corporate-owned
Some or all of the following content may be inspected,
depending upon your company’s need: Contacts SMS messages
Photos, videos, and apps installed