Page 39 - IEC Insights Jul-Aug19
P. 39
FEATURE
Companies can also blacklist untrusted > Creating access tiers for different It’s easy to be lulled into a false sense of
apps from cross-communicating with users, devices and environments security and think that a data breach can’t
their enterprise apps, providing more > Educating employees about responsible happen to you, but inaction isn’t a proper
regulation over who or what has device use as well as how to identify way to safeguard your business. Like
access to company data while allowing and report suspicious emails, text purchasing insurance, setting an IT strategy
employees to maintain ownership over messages, websites and applications in motion to protect your data might not
their devices and personal information. seem like something you desperately need —
> Setting clear expectations about device until you do. By implementing procedures
use and when, where and how employees and strategies to face these potential
EMM FOR should access enterprise resources threats head-on, you can bolster your
CONTRACTORS > Developing procedures for reporting and digital defenses, keeping your data only
responding to lost or stolen devices that in the hands of those that should have it.
Unfortunately, neither MDM nor MAM
is comprehensive enough to offer a full had access to enterprise data — whether
employee-owned or company-owned
security solution. That’s why many IT Steve Antill is VP of business
experts recommend a multi-level EMM, > Sticking to a life cycle management development at Foundation Software
or enterprise mobility management, (LCM) plan to keep devices up-to-date and Payroll4Construction.com, where he
approach that aligns devices, > Maintaining compliance for any federal, leads the charge for continual revenue
applications and policies toward the state or local statutes that mandate data growth, including new entry points into
singular goal of information security. protection measures and notification market to serve contractors. He invests
requirements in the event of a breach much of his time building partnerships
Under a typical EMM strategy, a company and relationships across the construction
would use aspects of MDM and MAM industry with contractors, CPA firms,
together, along with user-based policies, EMM STRATEGY associations and technology vendors. Over
to supplement the limitations of each. EMM policies need to be structured 20 years, he’s led more than 1,000 software
For example, the company may require alongside a larger enterprise mobility selections and implementations for
employees to register their devices with IT strategy. This strategy should not only contractors of numerous sizes and trades.
before allowing them to access company outline your current needs and risks but swa@foundationsoft.com
information (MDM). It may also prevent also account for potential changes to (800) 246-0800
employees from transferring documents technology usage and company growth.
from an enterprise app to a non-enterprise
app (MAM). In addition, the company might While your strategy can evolve and
use specific EMM software to expedite change over time, it should still be
the process of isolating and protecting an official company document that’s
company data on employee-owned devices. reviewed and revised at a minimum
However, since IT and EMM software may of every year and after any significant
not be able to manage every possible business changes. By setting a strategy
point of vulnerability, many EMM strategies in writing and amending it regularly,
rely just as heavily on establishing you can keep up to date on changing
policies to minimize exposure to risk. vulnerabilities for your data and adjust
your policies and strategy as needed.
EMM POLICIES
By setting policies for devices with access to CONCLUSION
company information, contractors can begin
to create a working EMM solution. Policies While the construction industry has
that a contractor might incorporate include: historically been slower to implement
changing technology, the presence of new
> Registering each device that has access to technology all around it means contractors
company information, including a record must respond to safeguard themselves.
of the make, model and software version
Even if BYOD isn’t a thing for your company,
> Knowing which devices are the influx of mobile devices that make their
supported and how, as well as how way into your workplaces and jobsites won’t
they’re issued and managed stop, and without security measures in place,
> Establishing roles, or security profiles, unsecured devices present new opportunities
and responsibilities for oversight for theft or corruption of your data.
www.ieci.org | July/August 2019 | Insights Magazine 37
