ilolab - Fotolia


MDM services: Three best practices for managed services providers

As a trusted business advisor, you should help your customers take advantage of the benefits of the mobility trend without suffering any of its pitfalls.

Let's face it. There's nothing stopping the progression of the mobility market space. Manufacturers continue to push the envelope of the next-generation device -- including "wearables" -- that lives in our pocket or purse, giving us notifications, alerts, text messages and more. We're constantly surrounded with technology that is becoming smarter all the time.

But what happens when your customers want to allow employees to use their personal mobile devices to access the company's corporate data? Most of us are familiar with the terms bring your own device (BYOD) and, increasingly, choose your own device (CYOD). Many companies -- even small and medium-sized businesses (SMBs) -- now offer one of these two options. And, at companies without such a plan in place, some end users log onto the network from their personal devices without IT's or the business owner's knowledge.

As the trusted business advisor, you should help your customers take advantage of the benefits of BYOD without suffering the drawbacks of this trend. Following are three industry best practices that should guide your foray into managing personal mobile devices. (We've focused on mobile device management [MDM] here since we consider that the first step to mobility management. After MDM, you can introduce mobile application management, or MAM, and mobile content management, or MCM, to your customer.)

Make security job No. 1

Brandon GruttadauriaBrandon Gruttadauria

The biggest risk personal mobile devices introduce to your customers is that they can provide access to sensitive corporate data that can easily leave the company when employees quit or are terminated. To mitigate this risk, you'll need to first help your customers create BYOD security policies that explicitly prohibit employees from keeping copies of corporate data upon termination. Additionally, you'll need to install MDM software on each device, so the devices can be managed the same way you manage other IT assets connecting to a customer's network.

Avoid an all-or-nothing approach to security         

One of the key features of MDM software is the ability to remotely "wipe," or delete, all the data on the device when the user loses his or her phone or is no longer with the company. Unfortunately, some MDM software cannot distinguish between corporate data and personal data, in which case, wiping the device means deleting everything -- family pictures, personal emails, texts and contacts. As you can imagine, this can make a difficult situation -- such as a termination -- even more difficult.

Calling special attention to mobile devices when delineating charges can create objections and lengthen the sales cycle unnecessarily.

To avoid this problem, be sure to select software that supports dual persona or secure container technology. This feature allows you to create a separate corporate profile on each managed smart device, which is the key to being able to selectively wipe off all traces of corporate data while preserving all personal data.

This technology also has the ability to control how users interact with the data. Fine-grained policies can be activated, such as blocking cut/copy/paste operations or exporting data to a different app, or even preventing users from deleting specific apps or documents on their mobile devices.

If you're managing more than a handful of mobile devices, manually enrolling each device and provisioning devices with a customer's policies will be a daunting and unprofitable task. Instead, make sure your MDM software includes automated enrollment and provisioning functionality that allows each employee to self-provision their device by opening an email, selecting a hyperlink, and following step-by-step instructions via a software wizard.

Don't create unnecessary MDM price objections

Mobile devices play a key role in a worker's productivity, and if they're not managed properly, they can become a source of lost revenue, stolen intellectual property, or even hefty fines in the case of a HIPAA, FINRA or Sarbanes-Oxley violation. And your customers often don't view mobile devices in a separate silo from their other IT assets. Calling special attention to mobile devices when delineating charges can create objections and lengthen the sales cycle unnecessarily. Instead, MDM services should be part of your comprehensive remote monitoring and management (RMM) solution, and mobile devices should be managed throughout their entire lifecycle.

By selecting and deploying an MDM solution that addresses all key aspects of a customer's MDM services needs as part of your end-to-end IT management -- from enrollment and provisioning to ongoing monitoring and even end-of-life processes -- you'll ensure your customers' mobile workers stay productive, your customers' data stays protected, and your role as the trusted business advisor becomes even more valuable.

About the author:
Brandon Gruttadauria is a senior technology solutions engineer at Ingram Micro. He maintains the highest level of tech training and certifications across multiple products and categories and has a specialization in IBM software and hardware. Brandon enjoys traveling with his wife, inventing with his 3-D printing "factory," flying with radio-controlled aircrafts and cruising in his '68 Chevelle SS.

Next Steps

Identify and implement mobility strategies for your customers

Tips for uncovering add-on technology and services for mobility projects

Dig Deeper on Managing mobile devices in the enterprise