October 23, 2017 By Aubre Andrus 3 min read

Everyone else had already left for the day, but the Apprentice felt like his day was just beginning. He knew his internship with the IT department at Wizard, Inc. would be a challenge, but he never expected how challenging his final project — enterprise mobility management (EMM) — would be. The chief information officer (CIO) tasked him with securing all devices used for business purposes. If he could prove himself, maybe he’d get a job offer when this was all said and done. Fingers crossed.

The Apprentice’s Enterprise Mobility Management Challenge

But he was getting ahead of himself. First, he had to deal with the task at hand. There are so many devices of all kinds being used, and he needed to get a handle on every single one. It was clear that there were two cauldrons of users and devices: corporate-owned and employee-owned. The corporate-owned devices were already enrolled and managed, but their security policies didn’t seem to be set up correctly. Where to start?

The Apprentice turned to the company-issued mobile phones first. “A devicewide six-digit passcode strategy should do it,” he said to himself. Things were feeling better already. But he was getting ahead of himself again — what about those employee devices? He knew that employees had complained that Wizard, Inc. may be taking too much control or snooping on their personal devices. Nobody wants an employer to have access to personal pictures or see what apps they have installed.

He needed a container solution in which the user privacy was protected and the password strategy was only for corporate apps — that’s it! In other words, he needed a password for apps instead of the device itself. This job offer was looking more and more like a reality. The Apprentice was an enterprise mobility management wizard! He was about to press send on an email to the CIO to tout his genius, when he realized a brutal truth: There was still more work to be done. Lots more.

Securing Rogue Devices

Some kind of rogue devices were on the network. These devices weren’t enrolled or protected with corporate IT policies. “Oh no,” he said aloud. “These are devices being used at home!” Hundreds of tablets, laptops and personal phones were accessing corporate data and were completely unprotected. It was a nightmare! And some of them were running an even greater risk: They weren’t compliant with IT’s minimum system requirements. Outdated operating systems with known vulnerabilities — what an absolute mess.

The Apprentice got up from his seat and covered his face with his hands. He was in over his head. He thought he had everything secure, when the exact opposite was true. How can he lock down these devices without threatening employee privacy? How would he ever get a job offer now?

He should have understood the enterprise mobility management risks from the outset and made sure their defenses were protecting the right devices. It’s better to start out with a unified endpoint strategy than to struggle after the fact to control a wide range of insecure devices. There’s no shortcut to achieving sound mobile security. Why wasn’t that more clear in the beginning?

UEM Is Like Magic

The Apprentice acted immediately. He imposed an overarching unified endpoint management (UEM) strategy so all the devices were in control. He was able to set up granular policies that detected these rogue devices and automatically blocked them or forced enrollment into UEM, ensuring that the devices could be seen and protected prior to accessing corporate resources.

IBM MaaS360 with Watson is great for teams like his that are strapped too thin and don’t have the time to babysit every device. With the click of a button, a trusted advisor could guide him through any process surrounding enterprise mobility management. The Apprentice breathed a sigh of relief. It was almost like, well, magic.

Learn more: Read the Unified Endpoint Management for Dummies eBook

Click here to read more lessons in security and discover how all our favorite fairy tale characters learned to live securely ever after.

More from Endpoint

Unified endpoint management for purpose-based devices

4 min read - As purpose-built devices become increasingly common, the challenges associated with their unique management and security needs are becoming clear. What are purpose-built devices? Most fall under the category of rugged IoT devices typically used outside of an office environment and which often run on a different operating system than typical office devices. Examples include ruggedized tablets and smartphones, handheld scanners and kiosks. Many different industries are utilizing purpose-built devices, including travel and transportation, retail, warehouse and distribution, manufacturing (including automotive)…

Virtual credit card fraud: An old scam reinvented

3 min read - In today's rapidly evolving financial landscape, as banks continue to broaden their range of services and embrace innovative technologies, they find themselves at the forefront of a dual-edged sword. While these advancements promise greater convenience and accessibility for customers, they also inadvertently expose the financial industry to an ever-shifting spectrum of emerging fraud trends. This delicate balance between new offerings and security controls is a key part of the modern banking challenges. In this blog, we explore such an example.…

Endpoint security in the cloud: What you need to know

9 min read - Cloud security is a buzzword in the world of technology these days — but not without good reason. Endpoint security is now one of the major concerns for businesses across the world. With ever-increasing incidents of data thefts and security breaches, it has become essential for companies to use efficient endpoint security for all their endpoints to prevent any loss of data. Security breaches can lead to billions of dollars worth of loss, not to mention the negative press in…

Does your security program suffer from piecemeal detection and response?

4 min read - Piecemeal Detection and Response (PDR) can manifest in various ways. The most common symptoms of PDR include: Multiple security information and event management (SIEM) tools (e.g., one on-premise and one in the cloud) Spending too much time or energy on integrating detection systems An underperforming security orchestration, automation and response (SOAR) system Only capable of taking automated responses on the endpoint Anomaly detection in silos (e.g., network separate from identity) If any of these symptoms resonate with your organization, it's…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today