Small businesses have been Bring Your Own Device (BYOD) pioneers since before BYOD became an acronym. Without large IT departments or equipment budgets, small business staff naturally use their own computers and smartphones to work when and where they need to. Sometimes there’s a formal mobility strategy, but just as often, small businesses embrace BYOD organically, adding devices as they pop up.
At the same time, small businesses often look the other way when it comes to questions of security and managing BYOD access to their applications and networks. But avoiding mobile device management (MDM) — also called enterprise mobility management (EMM) or unified endpoint management (UEM) — is not necessarily the best approach. Taking responsibility for other people’s smartphones seems like a tall, and expensive, order, but it’s not: There are MDM solutions for small business that increase BYOD smartphone security without breaking the bank.
Why MDM for small business?
MDM tools have one major goal: Apply a consistent configuration to every device. Along the way, users get a predictable experience, IT teams find it easier to debug problems and deliver support, and the business itself enjoys increased security. Today’s smartphones are pretty secure to begin with. Smartphone manufacturers got to watch the entire PC revolution and learned from the mistakes of those who came before. But it’s always possible to configure a smartphone to be insecure — and keeping the smartphone and all the data on it secure is one of the big reasons for any sized business to use an MDM.
Small businesses can start by taking advantage of MDM features that automatically apply software updates, establish safe password and lock settings, and restrict application store choices to trusted stores. Enforcing some basic security settings doesn’t take a lot of configuration or control and can give a huge security boost. Just as importantly, it’s unlikely to be a cause for conflict. People want to do the right thing, and when they make poor security choices, it’s usually out of ignorance or expedience rather than malice.
With basic MDM, for example, software updates can be applied soon after they’re released, which dramatically reduces the security risk of a smartphone. End users who don’t know how to install updates aren’t a problem anymore: MDM policies take over and ensure devices are running the latest software releases. MDM tools can also provide status information on each device, so if something is wrong and software isn’t being updated, the IT manager can see this and make a visit to resolve the issue.
Security isn’t the only reason for small businesses to adopt MDM — another is time savings. MDM pushes email, Wi-Fi and virtual private network (VPN) configurations to enrolled smartphones, automatically updating whenever IT makes a change and thus reducing aggravation and confusion for BYOD users. As the small business networking, email and security environment changes, MDM tools make it easy to get those configuration changes pushed to devices. The end result is a happier user community, and fewer panicked phone calls if someone didn’t get the memo on a configuration change.
Choosing MDM solutions for small business
Small businesses interested in MDM should be thinking along the lines of four major criteria: price, features, management model and platform support.
Small businesses are rightly budget conscious, and the good news is that basic MDM won’t be expensive. Most products are priced per user per month, and IT managers can easily find excellent choices for about $1-$2 per user per month. Some products offer a “lite” version for free to get you started. Others bundle lite MDM with other products, so if you’re already buying an existing product (such as Microsoft Office 365), you may be able to activate a minimal MDM at no additional charge.
Generally, the larger the feature set, the higher the price, but even high-end MDM aimed at small business comes with a reasonable price tag and delivers a lot of value for pennies a day.
It’s not necessarily true that a longer feature list is better than a shorter one, so IT managers should focus on the settings they’ll actually use. A dozen settings might be all that’s needed, along with reporting and lost device controls, to find the perfect MDM solution.
Small businesses should focus on features in four key areas: security (including lost device features such as remote wipe and remote lock); software and application controls (including patching and update settings); configuration push for email, networking and VPN; and simple reporting on device status and inventory.
3. Management model
Small business IT managers should start with cloud-delivered MDM solutions. It doesn’t matter how lightweight or simple an on-premise solution is — there’s virtually nothing a small business gains from running the MDM solution on its own servers.
Mobile device management for beginners
The only exception to this is if Active Directory (AD) integration is a critical part of BYOD — which it rarely is for small businesses. Small businesses that have a cloud-based AD (such as the Azure AD that is used as part of Office 365) will have a secure connection available to their AD and cloud-based MDM should be able to integrate quickly with it. Linking from cloud to an on-premises AD isn’t impossible but will involve additional steps, such as installing an agent on your domain controllers. IT managers should evaluate the steps required to link cloud to on-premises AD (including continuing management and security concerns), and use that to influence a decision to go cloud or on-premises.
4. Platform support
It almost goes without saying that whatever MDM you choose should support your users’ devices, but there are some constraints. All the common products work well for the two main smartphone operating systems: Android and iOS. However, small businesses that have Windows phones or BlackBerry devices will find a more limited selection — and higher prices. You should consider that both Windows Mobile and BlackBerry’s own operating systems are long past end-of-life and this might be yet another good excuse to push stubborn users to a supported, and secured, platform.
Another platform issue to research is enrollment: how the MDM tool gets its client downloaded to the user’s smartphone. Many products have a variety of techniques that allow remote and self-service enrollment. IT managers responsible for highly mobile employees should make sure that getting smartphones connected to the MDM solution won’t be a burden or logistical foxhunt.
Cloud-based MDM solutions let small business IT managers gain big-business security for mobile devices without unwelcome complexity or high costs. Spend a little time now, and save a lot of time later by gaining better control of, and delivering better support for, smartphones and tablets.
Learn about Samsung’s cloud-based Knox Manage MDM, and discover more tech solutions designed to support small business security and growth. Then, explore why you may want to install antivirus software on your mobile devices.