Do your eyes roll back in your head from boredom when someone starts talking about policies? Stop it. Policies are cool and they keep everyone (and everything) in line. Think of policies as a Marvel character: they would be the bespectacled, overlooked, but super-effective nerd or nerdess whose structured, sensible approach saves the world. Again.
If you can’t already tell, we are big fans of clear, effective policy around here. That’s why we suggest carving out some time to build a solid mobile device management (MDM) policy. You’ll thank us later.
But I Don’t Even Have MDM…
It’s time you did, my friend. If your business is reliant on a fleet of devices like smartphones, laptops, tablets, etc., then MDM is your way of managing those bad boys – and, yeah, we’re talking about reducing the risk of a data breach, speeding up onboarding, welcoming all the platforms, and basically making everybody happy – even your new hires.
We bang on about it so much that we just can’t even. If you’re new to it, go read what it is, why it’s good for your business, and why BYOD isn’t an issue. Then come back here.
Right, you’re back. Great to see you again.
Why a Good Mobile Device Management Policy Is What You Need, Like, Right Now
If the mention of ‘policy’ dumps a truckload of teeny-fonted word risotto onto your happiness, know this: a policy is just an agreed-upon plan of what happens in a particular situation. A good policy is a powerhouse of guidance. It saves time in decision-making, raises standards, guides people to take the right actions, and embeds good practice. And that’s why a good MDM policy is your new bestie.
An MDM policy will help you build, develop, and maintain a fully operational and secure mobile fleet, and here’s why:
It Means You’ve Thought Things Through
When you create a policy, you’ll work that awesome brain of yours to identify what you want your MDM to achieve. Things like:
- How it might support your business objectives, now and in the future.
- How it might best protect your business (and your people).
- How you want your people to use their devices.
- How it might support your ambitions for compliance with all the acronyms (such as SOC 2).
It Clarifies Roles and Responsibilities
Clarity sheds the light of a thousand suns on who’s responsible for different aspects of MDM.
Your MDM policy will clarify:
- What your people are responsible for, e.g., maintaining the security behaviors that are asked of them.
- What your IT people are responsible for. This could mean things like daily monitoring for insecure devices, enforcing updates and passcodes, locking and/or wiping stolen devices, or being available to help employees when they need it.
- What the CEO, head of IT, or management team are responsible for. For example, reviewing and updating the policy or giving people the resources, authority, and support they need to be able to carry out the policy.
It Gives Your People a Clear Set of Guidelines
A shiny new corporate MacBook Pro might make your people cry happy tears, but that doesn’t mean they won’t be tempted to take it on vacation, play 24hr Wordle, open up an Etsy store, or use dumb old pa55words to access your corporate IPR.
But, because your mobile device management policy clearly states that responsibilities do not include playing games, downloading dodgy apps, changing security settings, or using rickety old OS, you won’t have to worry. Your MDM policy will clearly state your expectations of behavior and the consequences of misbehavior. And, don’t forget that MDM gives you omniscience, as your MDM dashboard will reveal that Mags in Sales is downloading something far too RAM-hungry to be remotely legal.
Some common MDM policy guidelines for employees might include that they:
- Keep their device OS and apps up to date by accepting updates.
- Use strong passwords and passcodes and change them often.
- Understand that “often” does not mean every three years.
- Never use public or other unsecured wifi.
- Use (and not disable) antivirus software.
- Take and complete device security training when asked.
- Use only authorized apps.
- Never bust open security settings or use workarounds.
- Comply with corporate security requirements if using a personal device for work.
If you work in a regulated industry such as the healthcare sector, it’s important for your people to understand the particular requirements or laws around personal data too.
It Helps Your People When Things Get Difficult or Nasty
MDM policies aren’t just about slapping knuckles. They encourage and help your people too. It gives them a clear path of action if something’s not working, if they’re stuck with something, or if their device is compromised, lost, or stolen. It’ll tell them:
- To whom they can ask for help when they need it.
- To whom they should report lost or stolen devices.
- Any remedial action they need to take and when to take it.
It Helps Your IT Asset Register
A plump, healthy MDM policy will clarify how you manage spare devices. It’ll outline:
- How devices are returned to base after an employee leaves, where they are stored, and who’s responsible for the icky spit and polish work (Ahem. We do this).
- How old is too old? Older devices can be unsecure. Your MDM policy will clarify how many birthdays a device has to endure before it’s taken out and shot. Sustainably, of course.
MDM Policies Are Kind of Cool
You might ignore and disrespect policies every day of your life (most for good reason), but a strong mobile device management policy should be something you salute. It’s a safety net for your people and for all those corporate devices roaming in the wilds of Hackerland and beyond. And it makes MDM, well, a whole heap easier. We’ll show you how. Grab a coffee and call us now.
Ignition is Silicon Valley’s best (and friendliest) IT security, compliance, and support team. Call us now–chatting about IT support and cybersecurity is our favorite thing to do!