Enterprise Mobile Device Management at Scale - dummies

Enterprise Mobile Device Management at Scale

By Rich Campagna, Subbu Iyer, Ashwin Krishnan, Mark Bauhaus

In large companies, the number of mobile devices in the corporate network can easily be in the thousands. It’s critical to manage the security policies that are deployed on these devices for compliance purposes regardless of scale. Here are some considerations for evaluating the compliance needs for the management of devices in a corporate environment:

  • Management at scale: Whatever management process or system you use must scale for thousands of devices. Remember to estimate for more than you need today because, as your organization grows, the number of devices in your network will grow just as fast, if not faster.

    The management system must be able to deploy all compliance policies to mobile devices in a centralized manner. Seek a single solution, or a single vendor, to offer a centralized solution that can manage all types of mobile devices from a single console.

  • Centralized inventory management: The centralized management console must be able to report an inventory of mobile devices managed within the corporate network. This capability should also include the ability to report the inventory by device type, vendor, and operating system. This allows you to pull up reports to show the number and types of devices connecting to the corporate network.

  • Centralized logging and reporting management: The centralized management console must also be able to generate logs and reports of incidents, as well as compliance and policy violations in the network.

    For example, you must be able to run reports that show the number of virus infections that were immediately caught in the last 30 days, or the number of new devices that connected to the network in the last week or month.

  • Notifications: The centralized management console must provide real-time notifications to IT staff when a critical event happens. Though the virus infections might be immediately caught and corrected by the software, it’s important to have the framework available to report such events in real time.

  • Configuration management: Another part of managing devices is the management of configurations and versions of each device. This may be optional to some companies, who state that only certain OS versions are supported within the network.

Most of the functions we describe in this section are provided by the BlackBerry Enterprise Server for BlackBerry devices only. You essentially have to look for a single solution that does a similar set of functions for all the other devices out there, including those from Apple, Google, Samsung, Motorola, and others.

You may be better off retaining the BlackBerry Enterprise Server to enforce compliance on BlackBerry devices and using a separate solution for all other device types.

Another aspect of managing configuration might be to push settings, policies, or applications as a configuration update to the devices. If your company has proprietary apps to install on your employees’ devices, you need a centralized configuration management system that can manage the deployment of policies and software.

Compliance Policies for Centralized Management
Personal Devices Corporate-Owned Devices
Employ some or most of the policies that apply to
corporate-owned devices.*
Management at scale for thousands of devices
Centralized inventory management
Centralized logging and reporting
Real-time notifications
Centralized configuration management

* Note that it may not be possible to force personal devices to upgrade to a certain OS version, or push out corporate software or settings to them. In those cases, select the appropriate policies to enforce for personal devices.