There is a lot to be said for allowing consumer mobile devices in the government enterprise. Personal devices can be kept more up to date by eliminating the lengthy acquisition and provisioning cycles of government-issued equipment. And the mass market for these devices is likely to mean that they are robust and reliable, because the more you ship, the better the quality of the hardware.
But the challenge of managing and securing these devices can sometimes be a barrier to their use. Devices that operate outside the managed domain structure, which allows users to authenticate once for access to many resources, can introduce vulnerabilities. They either must be denied access or their users are authenticated to death, inhibiting productivity.
In order to clear these barriers, organizations need to think outside of the traditional domain structure and enable mobile device management across a variety of hardware types and operating systems. This was Microsoft’s goal through the cloud-based Enterprise Mobility Suite (EMS).
EMS can open the door to new productivity tools by allowing agencies to determine the security controls needed for their own circumstances, and then achieving them not only for Windows, but for iOS and Android devices as well. Many employees expect to be able to use consumer devices at work, but that’s not the only reason the public sector should welcome them – BYOD can be much more cost effective than agency-issued devices. Even in the case of military special operations, it can be less expensive, more efficient and less obvious for operatives to acquire and ruggedize smartphones in the field than to carry government-issued devices.
This puts a premium on the ability to manage mobile devices, to authenticate the device and user, and to control access to data. The ability to remotely manage and to wipe work-related data if the device is lost or compromised is essential, even if the user does not realize that the data on the device, could be valuable to others or harmful to an employer if lost.
The right mobile management strategy should have safeguards in place for these types of issues. For example, EMS provides identity and access management through Azure Access Directory Premium, which provides robust synchronization of user identities from on-premises directories for password and group management and to report log-in anomalies and other threats. Windows Intune lets you manage PCs as well as mobile devices from the cloud, configuring, deploying and enforcing policies.
Taking advantage of this shift from the old domain structure for managing networked PCs to a cloud-based EMS that enables management of a variety of remote and mobile platforms can help public safety and national defense organizations gain the full benefits of mobility – creating a highly efficient, productive, and secure workforce that is better equipped than ever to protect our global citizens.