Phishing attempts are proliferating as quickly as the use of mobile devices — bringing malware onto smartphones along with it.
In the first post of this series, we looked at how federal workforces will continue to work remotely and the importance of security to enable agencies’ “work-from-anywhere” strategies. We also examined how a new government fiscal year is the ideal time to rethink those strategies to better support remote personnel with mobile solutions that can be significantly more effective than bulky laptops or desktops.
But there is a lot to understand before making that investment, as not all mobile ecosystems can provide the same level of capability to a remote workforce — and to the IT teams who support them — when it comes to three key areas:
- Endpoint security
- Device deployment and management
- End-user productivity
This time, we’ll dive into deployment and management — from enrollment and provisioning to mobile device management (MDM) — and how to choose solutions that augment your workflow instead of slowing everyone down.
Low touch, high impact
For IT teams, deploying and managing mobile devices (smartphones and tablets) is a necessary but often overly complicated process. The issues are compounded by a workforce that currently is anywhere but in a federal office; for some agencies, nearly 100 percent of the workforce is teleworking for the first time, while for others — from law enforcement officers to inspectors to researchers — field work and remote operations are standard procedure.
This means it’s more difficult and time-consuming to set up, deliver and ensure all of those users’ devices are loaded with the correct software, configured to meet security standards and able to connect to networks and use applications as needed. COVID-19 has amplified those issues by limiting interactions, or “touches,” between IT and end users.
What’s required, then, is a method to reduce the number of times IT needs to “touch” each device (remotely or directly) while still ensuring that devices are configured and connected no matter where the employee is located. This would get new devices into the hands of remote personnel faster, more efficiently and with minimal security, operations or human error risk.
Not all automated enrollment solutions are equal
Enterprise mobility management (EMM) systems have been essential to lessening the deployment burden, but the best case scenario for both IT and users is a device that’s configured to work out of the box. While most EMM platforms provide some form of automated configuration, they don’t all deliver the same results. As Phil Hockmoth, program director for enterprise mobility at research firm International Data Corporation (IDC), put it, “Some vendors are further along than others in terms of a full set of features and having the broadest set of devices supported.”
Samsung’s Knox Mobile Enrollment (KME) directly addresses this issue. Used throughout multiple federal agencies and the Department of Defense (DoD), it allows IT teams to enroll large numbers of devices into an MDM or EMM quickly and easily; the user just needs to power on and connect to their local cellular service or Wi-Fi — even at home. The typical out-of-the-box setup process is skipped, and the phone is instead set up to IT’s approved configuration. Over 150,000 federal devices have been provisioned with Samsung Knox to-date.
Plan a successful CYOD program
Download our comprehensive 8-step guide to planning and deploying a CYOD initiative at your company. Download Now
Going forward, using the free Knox Service Plugin (KSP), new features are supported as soon as they are available, including a unique capability that ensures both productivity and privacy for users: Samsung’s exclusive Knox App separation solution allows IT administrators to containerize unapproved apps and data — such as for travel, entertainment and personal calendars and email — from productivity apps required for agency use. This allows personnel to carry one device for agency and personal use while ensuring unapproved apps and data stay out of the protected work-only environment. With KSP, administrators can access this function in any EMM, such as Knox Manage.
Visibility, control and confidence
With Samsung Knox, agency IT admins managing the fleets of smartphones and tablets gain total visibility into where the devices are and what they are doing, and can push policy and configuration updates whenever circumstances demand.
To ensure ongoing device operation and security, Samsung’s E-FOTA One solution allows IT to control operating system (OS) updates and security patches per user requirements, so an update won’t interfere with a critical operation or business process. Unlocked devices can download updates directly from Samsung, without needing to rely on carrier schedules for delivery. It also lets administrators remotely control the OS version on devices without end user interaction.
As remote work becomes a more substantial part of agencies’ strategies, managing a growing population of devices could become burdensome, leading to increased risk, configuration errors and slow rollouts of devices and updates. Instead, Samsung Knox empowers IT administrators to simplify and reduce the effort needed to deploy and manage smartphones and tablets, optimizing the process to support a work-from-anywhere strategy for FY2021 and beyond.