These mobile devices just aren't going away. What'll we do, Trevor?
I'm a busy man, lads, but pull up a chair for a bit
Posted in Management, 14th March 2013 09:28 GMT
Free whitepaper – Hands on with Hyper-V 3.0 and virtual machine movement
Good Enough
Sophos Mobile Control leaves me with mixed feelings. Mobile Control circa 2011 was an absolute farce, but it has seen two major versions since then. Sophos still has a ways to go to catch up to competitors like Fibrelink, yet they offer a range of endpoint security products that together can be quite compelling. They have obviously been dumping enormous resources into Mobile Control and I expect it to close the gap with the market leaders some time early next year. Sophos offers a perpetual license; prices start around $56 per user.
Trend Micro Mobile Security and Mobile Device Management for BYOD wins the "most awkward name" award. Their website looks like it was run over by a fleet of marketing bulldozers and the same press release was so heavily SEO'd that there is zero signal to be found amongst the noise. The few people I can find who have used it say it is a middling offering, though it is cheaper than many competing solutions.
Centrify takes a different approach than most others in this space: a freemium model. You only pay if you need premium features; it is great for managing and maintaining your family's device loadout for free, but if you're a business you'll want the paid version. The whole system works by putting an agent on your network that jacks into Active Directory and links with their cloud. You control devices via GPOs. Centrify offers endpoint security for OS X, Unix and Linux and is big unto the single sign-on concept. These folks are worth a look, no matter what size your organisation is.
For the price, you can't really argue
Meraki Mobile Solution gets an honourable mention as the company that the Spiceworks community just won't shut up about. Grab any random 10 people from amongst the 2 million+ Spiceworkers and the time to a Meraki discussion is shorter than the time it takes the barkeep to get me my beer. I haven't had time to investigate these folks myself, but they offer a free MDM solution. If the Spiceworks community is to be believed, Meraki can walk on water while making you coffee and finding the next mersenne prime. If you dig a little, the MDM software is nothing special - it is a loss leader for their rather excellent networking software - but more than good enough for most smaller deployments.
Google have a mobile device management offering built into their Google Apps for Business. At the moment, it only supports Android and is honestly pretty crap. It crashes out on all my Gingerbread phones on a regular basis and exhibits any number of truly bizarre behaviours. That said, it is free if you use Google Apps and if your handhelds are Ice Cream Sandwich or newer then it "just works."
While the above is a brief look at the MDM scene, it is a bit like trying to describe Tokyo in detail while whipping through it on a bullet train. There are a few resources that can help you out further. Enterprise iOS has a nice tabbed interface that really helps drill down on features and support. Solutions Review has a high-altitude overview and the Gartner Magic Quadrant on the topic is worth a look as well.
Let us know in the comments what your experiences with MDM software vendors has been. ®
Free whitepaper – Hands on with Hyper-V 3.0 and virtual machine movement
COMMENTS
Re: MDM @Lusty
I really don't get it?
Your post reads like you take the view that everything that your employers use to ensure their compliance with statute and industry practice is part of a personal vendetta against you. Your post seems to suggest you thumb your nose to them?
By all means stop using corporate devices or corporate solutions on your own device - as you rightly say "they" can't stop you. I wonder though, how using your own unhardened device to store and manipulate sensitive data and perhaps use an unmanaged personal mailbox to share that data would be viewed in terms of your contractual duties around sensitive customer or corporate data.
You may well be right, I.T. Can't stop you, but any number of other people can, be they your employers, regulators or ultimately the cops.
MDM, as much as anything is there to place constraints *and protection* around users. Lose customer details from say a Good Technology mailbox and you're personally protected, but lose it from your mail account or contacts app and you really have no defence. It isn't big and it isn't clever...
Re: MDM
In some places and some industries, some kind of lockdown of IT is a necessity and a legal obligation, and using a non-managed e-mail account for business can get you busted. On the other hand, the Dilbert cartoon has (or had) the recurring caricature charactersof Mordac the Preventer of Information Services, or something like that, the guy who won't let you use your USB ports or a password that you actually can remember and can type. And then he laughs at you. Actually laughs.
Most businesses and other ventures have data that they really don't want to have stolen or damaged. And most device misuse, from the point of view of the company, is games, social, and pornography. And maybe online shopping. So the only way to avoid being resisted by your own staff even when they aren't themselves stealing or damaging your data is to let them enjoy their business devices responsibly in all of those ways. Maybe on a time meter and with an appropriate warning that "You are about to access adult services that may contain unadvertised horsemeat", but flexible.
Let's face it, most people who are reading -this- page shouldn't be.
Re: MDM
If you're working in a regulated industry such as Financial Services or Healthcare, your carefree approach to where data goes would probably result in your employer deeming you worthy of dismissal.
Re: MDM @Lusty
The issue is not about working round IT, per se, it's more about breaking company policy.
For what it's worth, I've seen people get fired for breaking company policy at Law firms, big banks and at a large Financial Services company. One was for sending confidential information to a personal email address, one was for losing data on a USB stick and another was for logging on to a transactional system as someone else because they didn't have the rights to do a task themselves.
In all these cases, the policies were set by the companies, not by a draconian IT department stuck in the 60s.
Typical EU
"Users who create content always have and always will control where that content goes, and there is literally nothing that IT can do to stop them"
No, the "crap" is not to stop you working but to protect the enterprise from fines from regulators because they can not demonstrate that they have made reasonable attempts at protecting data/adhering to the rules.
As a EU, do as you wish, but remember, EU's are not exempt from all those rules and regulations imposed on the organisation. Play dice with your future if you wish.
The new Office:
