Appendix B. Mobile Device Management
The concept of deploying mobile communication devices in the corporate environment began with the introduction of the pager and has progressed from early Personal Information Management (PIM) devices, to cell phones, to smartphones, and now tablet devices. As more corporate and client data is communicated through and stored on mobile devices, corporate security and Information Technology (IT) departments have sought to protect corporate information. The development of solutions to secure corporate data has grown and these technologies have been labeled Mobile Device Management (MDM) solutions.
The goal of MDM solutions is to secure not only the devices through controlling features such as cameras, GPS, and other functionalities, but also the ability to manage corporate data on the phone. It is important to understand the differences between corporate and personal data when deploying an MDM solution. Many corporate IT and legal departments are concerned about protecting sensitive data; this is often too narrow of a label as some contents within an e-mail or contact data may not contain sensitive data, but are protected because they fall within the corporate mail container.
The requirements and ultimate selection and use of a Mobile Device Management (MDM) product depends on the overall security requirements in the environment and what other functions are trying to be addressed through the implementation of the solution, such as device tracking or asset control. Prior to implementing an additional layer of complexity and potentially expense, it is important to understand the solutions that are available within the environment (such as IBM Notes Traveler or Microsoft Exchange Active Sync) and how they can be leveraged to deploy an effective solution.