Lack of Features
Two big IT trends are colliding, and you’re in the middle.
On one hand, there’s mobile access. According to the Pew Research Center, the percentage of the general public that owns a smartphone rose from 35% in 2011 to roughly 70% in 2015. Among your company’s staff, the figure may be almost 100%. Employees often find it easier to get certain tasks done with an always-on, always-connected mobile device rather than hauling out a laptop or returning to a desk.
On the other hand, there are security concerns with some real costs associated with them. According to the FBI, the average loss from a cybercrime complaint ran over $8,400 in 2015. So, you would like to have employees access systems using their mobile devices, but need them to do so safely. That’s particularly true for administrative access, which must be restricted to a subset of users and devices.
Are there systems that enable the appropriate mobile permissions settings?
The short answer is yes. To flesh that out, it’s necessary to define the elements of a solution.
First, you simply can’t block all administrative access. Some users need it in order to do their job. At the same time, some users should not have any, or very limited, administrative permissions.
Second, those users who do need mobile permissions may only require partial administrative access. A select group will require total administrative authority while on a mobile device.
From this, the outline of a solution emerges. It must be flexible in terms of categorizing classes of access. Given that users may change jobs or responsibilities, it also has to permit you to easily, better yet automatically, move users and their devices from one category to another.
Now, the degree of granularity needed in granting access permission is up to you. Clearly, it has to fit your particular situation. Infinite granularity might lead to a lot of work and headaches, as users constantly ask for tweaks to account for their particular circumstances. At the very least, the mobile device management system should allow for three categories: no access, partial access, and complete administrative access.
It’s also important to recognize that these permission settings apply to clients running on the mobile device. Consequently, mobile device management tools should be capable of setting the appropriate permissions for the clients on devices in the field. With that, setting permissions remotely and over-the-air are a possibility. Without that capability, your options will be more limited, your users will likely be less satisfied with your security arrangements and your workload will be greater.
Beyond that, the management tool should be adaptable, which is a necessity because mobile technology is still evolving rapidly. It also should include a kill-switch features as a requirement because mobile devices can be – and are – lost or stolen much more easily than something tied to a desk.
LACK OF FEATURES