by clicking on the page. A slider will appear, allowing you to adjust your zoom level. Return to the original size by clicking on the page again.
the page around when zoomed in by dragging it.
the zoom using the slider on the top right.
by clicking on the zoomed-in page.
by entering text in the search field and click on "In This Issue" or "All Issues" to search the current issue or the archive of back issues respectively.
by clicking on thumbnails to select pages, and then press the print button.
this publication and page.
displays a table of sections with thumbnails and descriptions.
displays thumbnails of every page in the issue. Click on a page to jump.
allows you to browse through every available issue.
GCN : February 2013
GCN FEBRUARY 2013 • GCN.COM 17 IT'S TIME TO STOP TALKING about mobile device manage- ment (MDM). Instead, let s start talking about mobile enterprise management (MEM). That may seem like a minor change, but refocusing an organization s approach to mobile management can have long-lasting e ects on the way it deals with an increasingly mobile workforce. When MDM first came into vogue, it included many of the standard features of PC management solutions (ac- cess control, user permissions and so forth) while adding functionality to address the unique needs of mobile devices such as bandwidth limits, screen real estate and device compatibility. Soon, risk management as- sociated with mobile comput- ing became a chief security concern at government agen- cies. Each new device added to a government network introduces substantial risks. Smart phones essentially bring their own separate network with them into a facility, and data stored on a device can easily leave the facility. Associated challenges for IT managers include deciding which mobile devices should have access to government internal networks, where device data should be stored and the requisite level of security for devices and con- nections. IT managers are torn between protecting security and broadening access to meet employee demands and boost productivity. To respond, government IT planners have sought best practices for mobile comput- ing security, including devel- oping a solid risk management framework. Frameworks for mobile risk management can start with: • Take a cue from the De- fense Department, do a needs assessment to make sure that wired and wireless transmis- sion capability is of su cient size, reliable, available and flexible to support the agency s mission. If upgrades are needed, are they on schedule? • Leverage existing authen- tication and access control solutions. Most can be config- ured to enable secure connec- tions from mobile devices. Find out what exists, what these systems are capable of and what sort of software or hardware upgrade may be needed to enable mobility. • Assess the current state of other security solutions within the organization, including virus protection, firewalls, etc. How can current security solutions best be extended to mobile devices? In some cases it may be cheaper to start over with systems specifically dedi- cated to mobile security. • What current security solutions can t be extended to mobile devices, and what ad- ditional software or hardware will be needed to bridge this gap? • Ensure that networks can handle dynamic allocation of these resources, from IP addresses to allowed client connections. • Assess the technical threats and risks that could af- fect the mobile devices used by workers and how they inter- face with corporate networks and systems. Look at the identity and access manage- ment systems outlined above. Which risks are reduced by these systems, and what risks remain? Based on these findings, organizations can create or enhance policies, standards and processes related to the management of mobile tech- nologies. Such policies will need to address long-term enterprise needs and if there are gaps in current security solutions, policies should include dates when new func- tions will be available. Meanwhile, establishing a framework for mobile ap- plication management helps set rules by which specific mobile devices can be admin- istered, secured and distrib- uted by IT organizations. Such solutions typically allow for enhanced policies to individual applications. All of these issues are starting to merge into a set of solutions best described as full mobile enterprise management. Companies such as AirWatch, BoxTone and Fiberlink have stepped into this space, o ering solutions to address many of these issues. Meanwhile, Fixmo Inc. s Sentinel and SafeZone products were developed to meet the government and de- fense agencies strict security requirements, focusing on mobile management, security and risk management. Here s the bottom line. Mo- bility governance must move beyond device management to encompass much broader enterprise business issues. IT managers must develop a framework to evaluate the mobile security needs of their organization, and launch their own enterprise security framework focusing on risk management. • --- Shawn McCarthy is research director for IDC Gov- ernment Insights. DON'T MANAGE MOBILE DEVICES, MANAGE THE ENTERPRISE INTERNAUT BY SHAWN McCARTHY Mobile devices bring so many security risks into networks that governance must move beyond device management to encompass the broader enterprise.