Left to their own devices

If you're still trying to control and manage your employees' mobile devices, you're doing it wrong.

By Ilva Pieterse, ITWeb contributor
Johannesburg, 24 May 2016
George Kalebaila, Data Corporation Sub-Saharan Africa.
George Kalebaila, Data Corporation Sub-Saharan Africa.

Mobile device management, or MDM, has certainly become a contradiction in terms. One of the major benefits of the Bring Your Own Device (BYOD) concept is increased employee productivity, yet MDM often inhibits work output to such a degree, it renders this, and other advantages, largely irrelevant.

Research firm Gartner believes as many as 20 percent of BYOD programs this year will fail due to enterprise deployment of MDM measures that are too restrictive.

MDM essentially allows the business to lock down a user's phone. What ends up happening with this draconian approach is it often exacerbates the problems it's supposed to solve, says Citrix's country manager Brendan Mc Aravey. "MDM really isn't the best route for companies to take."

Consider security and privacy, for instance. MDM's `big brother' style has a considerably positive effect when it comes to keeping corporate data safe, but the stringent security controls and excessive access required greatly compromises employee freedom and trust. "Users feel disempowered, and they start looking for ways to get around the restrictions set on them by the company. And this, of course, exposes the company to increased danger," he says.

When it comes to BYOD, there needs to be a balance, which is something MDM doesn't provide. "Employees have a similar experience using their devices in the workplace as they have outside the workplace, and at the same time ensure that corporate data is kept secured. Maintaining this balance is key." This is according to Amit Kaundinya, practice manager, Digital-BPM-Integration Africa at Wipro.

App management

He believes this harmony lies in the use of mobile application management (MAM) platforms. "It's time for organisations to stop thinking about the complete device and start focusing on the corporate information and corporate apps stored on the device," he says.

MAM lets IT manage corporate applications while leaving personal apps untouched. "Instead of controlling the entire device, a MAM platform can be used to apply security policies on the corporate apps itself, bypassing the need for an MDM profile on the device."

George Kalebaila, senior research manager at International Data Corporation Sub-Saharan Africa, concurs: "Companies are responsible for ensuring a balance between user freedom and productivity through enforcing policies that aim to balance user access and security controls. These policies can increase the variety of devices and platforms people can use, while still enforcing enterprise controls to ensure security standards are met."

However, BYOD needs to be within the boundaries of acceptable devices and open standard types, which means companies have to avoid solutions or policies that embrace or accept everything, he warns.

Employee education, an often overlooked element in business, is especially important in the context of enterprise mobility. Says Kalebaila: "Organisations should invest more in educating employees on their rights and responsibilities in order to drive employee co-operation. From an employee perspective, a good understanding of corporate benefits of such BYOD programmes will result in more successful implementation rather than an impression that management is trying to spy or monitor activity on their device. Every employee who wishes to have access to BYOD programmes also has to give consent or authorisation to avoid infringing their right to privacy."

MDM really isn't the best route for companies to take.

Brendan Mc Aravey, Citrix

Due to the speed at which the enterprise mobility industry is advancing, it's easy for both businesses and employees to become overwhelmed, but it's important to remain informed and aware of the progress in this area. As a recent study from Citrix and Centre for Economics and Business Research found, the increased use of flexible working could add 0.4 percent to South Africa's GDP.

"Enterprise mobility does not only have the potential to benefit organisations and those who work for them, but the country as a whole," Mc Aravey states. "It should definitely be a key priority for organisations."

The importance of implementation

The modern enterprise must embrace digital and mobile apps if it is to succeed in unlocking business process efficiency and possibly access transformational business opportunities.

Carmen Whateley, MD at Accenture Digital in South Africa, believes that although modern solutions such as Airwatch, Mobile Iron and Afaria are robust and flexible, their implementation can cause difficulties.

"In the enterprise today, BYOD is making way for Choose Your Own Device (CYOD), where the employee can choose from a catalogue of pre-approved devices. Enabling some choice, good control by the enterprise and still leveraging from the large business buying power when it comes to voice and data," she says.

It's time for organisations to stop thinking about the complete device and start focusing on the corporate information and corporate apps stored on the device.

Amit Kaundinya, Wipro

She maintains that when a user has chosen a device, or brought their own to the workplace, the last thing you want is your data to be compromised or deleted or suffer from a draconian overlord approach to MDM administration.

So the modern mobility competency within the enterprise must implement its policies with a gentle hand. It must engage in appropriate and carefully considered change management communications.

"It's possible to implement policies with a heavy hand by immediately cutting off users who are non-compliant, or it's possible to advise users, provide support, communicate and manage the user base towards compliancy, with denial of service being a last option," she says.

One of Accenture's large clients has an MDM solution in place that is carefully managed by Accenture and another outsource partner. "Recently, a number of users' mobile devices were found to be compromised; they were either rooted Android devices, jailbroken Apple phones or port-compromised devices," she recalls. "Since the user base was new, and the team wanted to promote the use of mobile applications, rather than appear draconian, it was decided that a softer approach was needed."

The service centres were enabled to deal with user issues. Employees receive notifications when their devices are being compromised and are advised where and how to get the problem solved. A period is given for compliance and multiple follow-up mails and calls are made. Only the hardened user who will not respond or cannot be reached will have their service terminated and even then only in extreme circumstances.

"So it's all in the implementation. You can implement MDM policies with a light touch or heavy hand. But if you do so with a heavy hand, you stand the chance of alienating your user base and having your initiative fail," she concludes.

This article was first published in the May 2016 edition of ITWeb Brainstorm magazine. To read more, go to the Brainstorm website.