Personal Phones in the Enterprise - Who is In Charge?
Many corporations are selecting mobile device management technologies to configure and manage phones in the enterprise. Mobile device management technologies provide a detailed view of the phone including what calls were made, what apps were installed, what data is on the phone, and who the carrier is. Additionally, it can impact the operation of the phone by allowing or blocking apps, forcing passwords, sharing the location of the device, and allowing for data wipe, backup, and restore. This is a rich set of functionality which allows corporate IT to ensure your phone works, help you trouble shoot issues, and preserve the integrity of their intellectual property in a robust way.
Unfortunately, a mobile device management strategy neglects the smartphone user’s right to privacy especially in today’s world where we use our personal phones for work. Should corporate rules against social networking sites apply to your personal phone? Does your personal data become viewable and usable by the corporation because they backed it up? Are your phone calls automatically subject to scrutiny by corporate HR? Using a personal phone for work ensures you are readily reachable and connected to your work place. Your ability to utilize the device for productive work across email and apps dramatically increases. The employee paying the cost of the device and cellular plan reduces the overall expenses of the corporation. In exchange for these benefits, the corporation must respect the phone owner’s rights while ensuring the corporate specific settings and apps are protected.
The obvious solution to this is moving from mobile device management (MDM) to mobile application management (MAM), where manageability occurs at the application level. This allows corporate applications to be managed, authorized, and monitored independently of other applications on the device. In essense, there should be a strict partitioning between apps from my corporation and my personal apps.
This means consumer applications cannot interfere with managed corporate applications. And unmanaged or unapproved corporate applications cannot access corporate networks and infrastructure or other corporate applications. The curated Apple App Store seems to ensure applications are well behaved and inherently isolated from each other. The less managed Android store seems to have a greater preponderance of malware which requires a stronger technical solution like a hardened sandbox before it is acceptable to corporate IT.
We think a mobile application management solution will enable both personal and corporate worlds - I will be in charge of my phone and applications and my corporation can feel comfortable I’m adhering to their standards with their apps.
