How To Take A Privacy-First Approach To Managing Mobile Devices

December 1, 2020

When an organisation takes a BYOD approach to remote access, employees can use their personal devices to access data needed for work tasks. Naturally, the company wants to secure these endpoints, and IT often turns to company-owned hardware or restrictive management software.

Purchasing additional devices for each employee quickly becomes expensive. Plus many people don’t want the inconvenience of carrying around two mobile devices. IT teams seemingly have one option: use mobile device management. 

How Mobile Device Management (MDM) works

MDM allows IT to remotely enrol a mobile phone, tablet or other device and then track it, manage it and secure it through a profile specific to an employee and their tasks. 

A more targeted approach is Mobile Application Management (MAM) - this allows a company to control access to business applications and the content associated with them without controlling the entire device. 

And more recently, another form of management emerged: Unified Endpoint Management. UEM allows IT to remotely provision, control and secure mobile phones, tablets, laptops, desktops and even Internet of Things (IoT) devices.

The issue is that all forms of restrictive management, whichever form of the alphabet/acronym soup it takes, invades user privacy in several ways. What's more, the user and sometimes even to the business itself is not aware of these invasions.

Below, we take a closer look at this problem, and for simplicity, we'll refer to all forms of management as just MDM.

Why organisations adopt MDM secure devices

MDM is a mobile security strategy designed to control the devices used to connect to company resources. There are several reasons to put these devices under some form of control, mainly making sure the right access is available, but also to prevent data leakage. 

For MDM to work, an agent is installed on the device. This agent enforces essential security functions such as minimum password strength, automatic locking of the device after inactivity and the ability to remotely wipe data - all implemented from a centralised administration interface.

The privacy problem

While MDM solutions help organisations to prevent data leakage, they also raise uncomfortable questions regarding employee privacy. Many MDM tools let employers monitor all device activity, including personal calls and web traffic, at any given time. 

In addition to this, MDM allows IT administrators to perform a variety of remote actions such as locking devices, monitoring employee locations through GPS and even wiping data. It's no wonder that there's a growing reluctance among employees to allow MDM agents to be installed on their mobiles.

Soliton Mailzen: An alternative solution

There is an alternative to these MDM solutions - one that strikes a balance between control for the organisation and user privacy: Soliton MailZen. 

MailZen is a productivity app designed for use on personal phones and tablets. It securely connects to company resources, whether they are on-premises or in the cloud. Users can do their work in one single protected environment, called a secure container. 

MailZen offers e-mail, calendar, contact and task management, and also allows the secure downloading and local processing of company documents. It also stacks a secure web browser to browse internal web servers, a camera function to securely scan and upload documents, automated upload and download to internal file server folders and much more.

Benefits of Soliton MailZen

  • Helps the organisation to leverage the use of personal devices for business purposes, preventing the need to buy, install and maintain additional hardware
  • Helps the CISO stay in control over what is happening to company data, even when data is processed on unmanaged devices
  • IT only manages one integrated productivity app instead of multiple applications. Users enjoy the convenience of not having to switch between various applications.
  • Prevents IT admins from the burden of mobile device management
  • Allows users to do their work in one single container application app, providing more functionality than adding additional apps that have similar features - completely separated from personal information and without privacy invasion

By deploying MailZen, organisations can protect their sensitive data without compromising user privacy!

 

Get our newsletter direct to your inbox