Protect the Data, Not Just the Device
By Srivatsan Srinivasan
Over the past few years, there has been an explosion of endpoints - laptops, tablets, and smartphones - in the enterprise, along with the rise of BYOD. IT has responded by incorporating Mobile Device Management (MDM) solutions, but relying solely on MDM is not enough. Businesses need to protect corporate data on all these devices to minimize productivity impacts from data loss, to safeguard their IP, and to comply with regulations.
Protecting the Device
MDM solutions focus on the device, allowing enterprises to keep track of their employees’ mobile devices. With MDM, IT can provision devices, configure settings such as network/VPN, enforce security policies, encrypt data, and apply password requirements. Some MDM solutions also provide mobile application management (MAM) features, allowing them to publish apps, whitelist/blacklist installable apps, and enforce policies on data sharing between apps. IT can even containerize apps, so a remote wipe selectively deletes only the app’s data. With all these features, MDM does a good job of managing devices but not much to protect corporate data on endpoints.
Protecting corporate data on endpoints involves these broader requirements:
1) Corporate data on all endpoints, user-owned or corporate-owned, must be protected from loss should a device fail or be lost.
2) Data breach must be prevented in case an endpoint is lost or stolen.
3) File access and sharing must be in accordance with IT policies.
4) Endpoint data must be available for e-discovery to comply with legal requirements.
The lack of endpoint backup, file sharing, and ediscovery makes MDM an incomplete solution. You need an endpoint data protection and governance solution to gain complete IT visibility and control over your corporate data.