How notable an issue is fragmentation in the Android space? Take a gander at this comparison of Android devices supplemented by this OS usage share chart, and you’ll quickly see why corporate IT directors place Android management and Android security at the top of their mobile device management (MDM) priority list.

Employees are bringing their own devices to work at an unprecedented rate. A significant portion of these devices are smartphones and tablets from different manufacturers running different versions of the Android operating system. Take the time to learn how to manage and secure separate devices by putting the right tools to use.

If you’d like to access the slides, poll results, or on-demand recording of the webinar prior to reading the recap, all can be found in this MaaSters Center post.

The Android Fragmentation Problem

When the topic of Android fragmentation is breached, the first thing that comes to mind is device variety. The broad spectrum of Android smartphones and tablets of course come equipped with very different software versions and the user interfaces (UI).

Since Bring Your Own Device (BYOD) programs have become commonplace, three brands have made the biggest stamp in the enterprise: Samsung, HTC, and Motorola. Before we get into how you can manage all of your Android devices in one screen, let’s discuss what makes them different.

Samsung devices run off of a stock version of the Android mobile operating system with a custom UI on top. Samsung dubbed this simpler user experience TouchWiz. One of the first things you will notice after powering on a TouchWiz device is the easier navigation through menu items. Another unique aspect of the TouchWiz UI is its approach to applications. With TouchWiz, Samsung has packed in their own app gateway instead of requiring a connection to Google Play (formerly the Android Market).

HTC has a different custom interface, known as Sense. This UI is heavily modified in all areas, especially the email client. If you are a device manager at your organization, you may be familiar with the quirkiness characteristic of Sense devices. Often times you will receive inaccurate metrics in your reporting, for example 2 or more device IDs appear for the same device We’ll get into solving this issue, don’t worry. In addition to the major changes to email, Sense features a different web browser, calendar, and camera than the typical Android user would be accustomed to.

Last of the big three, Motorola uses Blur. Similar to HTC, device reporting with Blur devices may yield inaccurate information depending on the agent or application used to manage the device. Merging may be required to cut multiple device IDs down to a single device. Blur is also well known for its EDM API differentiation. Devices running on Android 2.3 and above have the added benefit of VPN and Encryption configuration options, which we will gt into more.

Provisioning to Achieve Complete Android Management

Using an application, agent, or APK, you can successfully manage Android devices connecting to your network, regardless of make, model, or year. Here are a few ways these can be leveraged to manage devices:

• Remote service
• Apply Android software updates to devices
• Push policy to devices
• Enroll and receive reporting on a particular device

Often times, an administrator will rely on Exchange ActiveSync or Lotus Notes to manage the devices connecting to email and other corporate resources. Be aware that these agents do have considerable drawbacks:

• Compliance monitoring is not possible
• Selective wiping is not possible
• Reporting functionality is very limited

Optimize Your Android Policy in Four Steps

Once you have identified a means to manage your mobile devices, you are ready to get started creating policy to keep your end-users in line from their smartphones and tablets.

1) Start with Profile Management:

• Denote which Apps, Resources, and/or Documents users will have access to
• Set restrictions
• Apply security settings

2) Corporate email, WiFi, and VPN Configuration all fall into the same bucket. Make sure you:

• Secure data
• If lost, you need to be able to locate it and wipe if necessary
• Keep in mind MDM is only option to set up requirements and implement device control

3) Consider how you will manage applications on devices:

• Full access to apps? Limited? No apps?
• Blacklist or Whitelist applications?
• What compliance rules do you want to set, and how will you take action?

4) Will you enforce encryption? Keep in mind:

• IT can protect sensitive data through encryption
• Encryption comes standard on Android devices running 3.0 and above
• You can leverage MDM to force users to encrypt sensitive data

Take Automated Actions with Mobile Device Management

You may have noticed mobile device management comes in handy when implementing policy on your Android devices. Here are more ways a mobile device management solution can assist (where a mail client cannot) in the process of taking automated actions when devices become non-compliant:

• Send Alerts to user or admin when apps exist that shouldn’t be there or not meeting set policy

• Restrictions or Wipes
  • Removal of access to corporate resources such as Email, WiFi, and VPN
  • Selective or Full Wipe of the Device

• Merge
  • Android fragmentation can cause multiple devices to appear after enrollment
  • Using MaaS360, you can auto-merge device IDs via the Cloud Extender

Things to Consider Before Rolling Out MDM

Once you are ready to make the jump to mobile device management, make sure you have a realistic policy that takes into account device variety and the presence of employee-owned devices. Enforce basic security precautions such as password protection. We recommend a multi-platform inventory tool that will grant awareness of how many devices are connecting to the corporate network and the information required to make informed decisions. Once this tool is put into use, you’ll be able to discover unsupported devices to aid in troubleshooting users to connect securely and safely.

Looking to learn more about mobile device management (MDM)?

In a recent interview by WatchIT.com, I broke down three separate but equally important topics in the growing enterprise mobility space, and shared why pro-mobile enterprises should look to the award winning MaaS360 as their preferred device security and management service.

If you’re looking to learn, I encourage you to watch each video. You’ll find out how MaaS360′s cloud-based MDM platform can be leveraged to perform secure document sharing, mobile application management (MAM), and bring your own device (BYOD) program implementation.

Click here to try out the Best Enterprise Mobile Service free for 30 days

Fiberlink’s Approach to Enterprise Mobility Management

[There is a video that cannot be displayed in this feed. Visit the blog entry to see the video.]

Cloud-based Mobile Device Security

[There is a video that cannot be displayed in this feed. Visit the blog entry to see the video.]

Mobile Secure Document Sharing

[There is a video that cannot be displayed in this feed. Visit the blog entry to see the video.]

Bring Your Own Device and Mobile Device Management

[There is a video that cannot be displayed in this feed. Visit the blog entry to see the video.]

Mobile Application Management

[There is a video that cannot be displayed in this feed. Visit the blog entry to see the video.]

Bring Your Own Device

Bring Your Own Device (BYOD) programs have generated a lot of buzz and excitement. But who is more excited? The IT administrator, tasked with managing an influx of new devices? Or workers who’ve been permitted to use their once leisure-only smartphones and tablets for work purposes? Right now, no matter which side of the fence you stand on, the grass is looking greener on the other side.

IT’s Aspirations: Security and Protection

Mobile workers may experience an uptick in productivity by using their preferred device at the office, but this is not the area of concern. At present, IT lacks a much sought confidence that end-users will live up to their expectations. The administrator is losing sleep over more pressing issues. Tossing and turning in the night, they ponder worst case scenarios pertaining to passcode protection. And applications… Do any of them pose security risk to the corporate network (and confidential data contained therein)? What if they aren’t connected to the corporate network via WiFi? Does that mean they are eating up our company data plan? These concerns are just the tip of the iceburg. As more phones and tablets are released to consumers, the issue increases in degree of complication.

IT’s number one priority: set clear cut rules via policy that can in turn be plugged in and enforced through a mobile device management (MDM) solution. A cloud-based solution such as MaaS360 makes it possible to view all of your devices on one screen, and push policy to the entire device inventory in seconds instead of minutes. Fear not the next big tablet from Apple, or phablet from Samsung. MaaS360 covers all of your bases; meeting your iOS device management, Android management, Windows Phone management, and BlackBerry management needs.

End-users Seek Privacy of Personal Information

Now if we peer over the other side of the fence, we will find the IT admin’s colleagues; the end-users of devices brought from home. This group is just as concerned about privacy and security. It does not necessarily involve the greater whole; moreso themselves. No matter which platform they are running on, they have an app store with hundreds of thousands of applications to choose from. They probably have a camera on their device, and have many pictures stored on their phone that they’d like to keep personal. Though they’ve been provided a corporate email address, they use a personal handle to communicate with friends and family.

Once the decision has been made to use a dual-purpose device (work and home), the files and conversations aren’t going anywhere. By connecting to the corporate network and/or enrolling in a mobile device management (MDM) service, users fear their files and conversations will attract interest from unwanted eyes.

Opportunely, MaaS360 makes it possible to block the viewing of Personally Identifiable Information (PII) on smartphones and tablets. By working this schema into corporate-use policy & enabling this feature, the admin will have no knowledge of apps on the device other than those that appear in the corporate app catalog. Further, no location information will be surrendered. Physical address, geographical coordinates, IP address and SSID will all be kept private to the user.

Finding Common Ground

Perhaps the combination of MDM and protection of PII is all your organization needs to get its BYOD program up and running. What do you think? Weigh in below in the comments, no matter what side of the fence you stand on.

Are you looking to find a balance between IT and end-users at your organization? Join us for next week’s webinar BYOD: Striking a Balance—Employee Privacy and IT Governance and learn best practices from expert in mobility, Chris Hazelton of 451 Research.

If you’ve taken flight since the start of the digital age, you know its a FAA regulation to have your personal electronic device (PED) powered off during takeoff and landing. This fact can be verified by Alec Baldwin. The rule remains in effect for good reason; according to the FAA, “at a lower altitude, any potential interference could be more of a safety hazard as the cockpit crew focuses on critical arrival and departure duties.”

What about pilots? After receiving an O.K. from the FAA last year, American Airlines began adopting the iPad in the cockpit, questioning why pilots should be restricted from using mobile applications to replace their foot-thick barbell-heavy manuals. Today, other airlines such as United are showing why there’s more reason to allow them than to hold back.

Why the iPad Belongs in the Sky

Erica Ogg of Gigaom published a blog yesterday that laid out the benefits straight from the mouth of her husband, a search-and-rescue helicopter pilot. He is currently restricted from using the iPad during flight, but has plenty to occupy himself with preflight preparations. It all comes down to the apps.

Tapping into Foreflight for example allows him to bring up aviation charts similar to what he would have to lug onboard separate from the device, with the added benefit of satellite weather imagery. It shows where the clouds are, where it will be hot or cold, where it will be windy or rainy. You can also visualize just where TFRs (temporary flight restriction areas) are located.

Were he able to use this app while in the air, perhaps he’d see increased success in his search-and-rescue efforts. Using Foreflight off the ground would be just like Garmin in the car—providing your exact location at any given moment. An added benefit: the charts he would have to carry onboard are made available through the application. Some of which need to be updated (by law) more than 6 times a year can be downloaded in a just a few seconds.

An application such as PDF Expert makes it possible to store these manuals and categorize them for easy access. The app that will run you close to 10 dollars will loosen your load by dozens of pounds. These changes can save money on gas for aircraft where every extra pound hurts gas mileage.

Apps such as Foreflight and PDF Expert are just the tip of the iceburg. Other apps such as Checklist (for pre-flight inspections), LogTen Pro (for use as a logbook), and WnB (to check aircraft weight and balance) can be leveraged to loosen the load and increase efficiency.

iOS Device Management for Pilots

The above information comes from the mouth of just one pilot. Imagine how many more own iPads, know how to use them, but are restricted from in cockpit use! Aside from cellular interference, there are other barriers to adoption to take into consideration. These include iPad security, iPad management, and mobile application management (MAM) concerns.

Using a mobile device management (MDM) solution, those in charge of managing devices used by pilots can overcome these barriers. MaaS360, a cloud-based MDM platform, makes it possible to instate policy that requires all devices enrolled are up-to-date on the latest OS version to ensure security. Further, the mobile applications on these iPads can be managed in accordance with policy.

Apps such as Foreflight, PDF Expert, Checklist, LogTen Pro, and WnB can be pushed to all enrolled iPads to ensure pilots have the right tools at their disposal. To avoid an Alec Baldwin-like altercation in the cockpit, the administrator can blacklist Words With Friends and other apps that belong off screen during flight.

If you aren’t in transportation, see how you can leverage MaaS360 in your industry.

Since its unveiling in 2007, the Google Android mobile operating system has become the best selling in the world. Four OS updates later, much of the mobile world remains in the dark with regard to what makes the platform so great. At yesterday’s webinar, I made an attempt to string together the lesser-known facts about Android in hopes to give our viewers a chance to better understand of its security, management, and productivity benefits.

If you’d like to access the slides, poll results, or on-demand recording of the webinar, all can be found in this MaaSters Center post.

Naming Operating System Releases

The first mystery may come as no mystery at all, but serves as a good a warm up for novice knowers. Each software release Android has had to-date relates to dessert items. What you may not know: each of these names came in alphabetical order, and the first two were unreleased to the public (I wonder what they were–any guesses?). If you ever have a chance to visit Google’s headquarters, pay special note to the statues that have been erected to commemorate the release of each software update. To date, Android has released the following updates: Cupcake, Donut, Eclair, Froyo, Gingerbread, Honeycomb, and Ice Cream Sandwich. What’s up next? Well, we’ll just have to see. Until then, it remains a mystery.

Taking Screenshots on an Android Device

If you own an Android 4.0 or newer, you can now use the power button in combination with the volume down button to take a screenshot. Some vendors such as Asus have added their own screenshot shortcuts. If you have a pre-4.0 Android device, there is no built-in way. There are however a few workarounds to this inconvenience. There are a few options available on the Android Market, or what is now Google Play, but keep in mind you will have to root your device to make use of them. Alternatively, you can use Google SDK tools, such as droidatscreen.

Fragmentation

One of the most spoken about aspects of the Android operating system is fragmentation; the OS is pretty well split across the Android space. Fragmentation has occurred due to variety in the following areas: deployed OS versions, hardware specifications, and vendor/mobile provider customizations. It has earned itself a negative reputation for a few reasons, but on the whole isn’t as bad as you’d think. For one, it allows for more flexibility and individuality. It also makes it possible for development of additional features. In a lot of ways, its getting better. The proportion of devices with 2.2.x and above is growing. In fact, more than 60% of Androids are on version 2.3.x. These devices come enabled with built-in security features, which is great from a corporate use standpoint. Earlier versions are falling off the map, so you may begin hearing less complaints about staggered update releases, development drawbacks, and feature inconsistencies as more time goes on.

Encryption

Android 3.x and 4.x natively support encryption, which can only be undone by resetting the device. On these OS versions, encryption is hardware-based.

On pre-3.x software versions, vendors such as Motorola and Samsung had encryption built-in. Motorola has made it optional–giving you the power to decide what will and won’t be encrypted. Samsung has featured encryption on a few of their smartphone models. Other than vendor-based encryption, a few third-party applications make it possible. TouchDown by NitroDesk for example makes it possible to encrypt email. Your encryption status can be made readable by other security apps.

Sense, Blur, TouchWiz… What?!

It’s okay if you don’t know what these terms mean. If you have a Samsung, Motorola, or HTC device, you may know one or two. Essentially, these names are a way for vendors to show their creativity–to differentiate themselves from one another with their interface. Because Google made Android open source, these vendors took advantage and added their own twist and flavor by making their own interfaces. Samsung created TouchWiz, Motorola made Blur, and HTC featured Sense. If you’re Vanilla, it means you dont have a custom interface.

So what do I mean by custom interface? You’ll notice differences in a few areas. For one, the homescreen or dock could be different. The way you scroll could be either side to side or up and down. Some interfaces have their own custom applications or widgets, even shortcuts.

What is CyanogenMod?

Not sure? This is a custom firmware (ROM) for Android devices. It’s only possible because of Androids open source software. Like my earlier mention of 3rd party screensharing apps, you’ll need root access to take advantage.

CyanogenMod allows users to choose which apps appear on their device. If yours came with advertisements and applications from a vendor, you can have them removed and replaced with apps of your choosing. You can also change the look of the interface. One of the coolest I’ve seen mirrored Windows Phone 7, which by no means has a bad look at all. CyanogenMod also makes it possible to test out new software versions that would otherwise be blocked.

Google Reference Devices

Ever heard of these? Google Reference Devices were designed to run base Google code, or stock Android ROM. There’s a different device for each new software release. Past devices have included the HTC Nexus One (for 2.2), Samsung Nexus S (for 2.3), Motorola Xoom (3.0), and Samsung Galaxy Nexus (4.0). For the most part, Google has remained relatively vendor neutral, demonstrating their softwares’ applicability on all devices irrespective of brand.

There are a few benefits that come with owning a reference device. You are the first to get the software, and you can start developing with the new software right away. There’s no vendor code or customizations that you have to deal with–you get the pure Android experience on these machines

Timing and Availability Limitations

There are a multitude of factors that play into timing and availability limitations of the Android OS to existing versions. For one, there’s limitation and variation in hardware specifications. Each device has different capabilities, making it all the more difficult to expedite the process. Vendor and or provider customization (as mentioned in previous sections) does tend to slow it down as well.

Android Makes the World Go Round

Did you think Android was solely chained to smartphones and tablets? It’s getting spread around in so many ways, soon everything electronic could be Android powered (okay, maybe not everything). In addition to smartphones and laptops, exercise equipment (treadmills, exercise bikes), refrigerators, televisions, and car stereos run on Android. Looking into the future, Google has hopes for Android@Home, which should synchronize all of your electronic home appliances. Your iHome will no longer depend on a direct connection to your device. Instead, it will sync with your phone or computer and get the song information the easy way.

It’s a Worker Droid!

If you’re a BYOD believer, you already know. Androids are being used as business devices, and with more prevalence since the release of Android version 2.0. The open source nature of Android has made it just that much easier to do. Third-party mobile device management (MDM) tools have given IT administrators great control and monitoring of their corporate and employee-owned devices connecting to the corporate network.

Cloud to Device Messaging (C2DM) is one feature that has been taken advantage of in the workplace, available on 2.2 and above. Essentially, this allows the tech administrator to ping the device, and say “hey, come talk to me for a second.” The device then heartbeats back in with whatever the administrator requests. Since the release of version 3.0, Android has come with hardware level encryption, making adoption more practical (alleviating privacy and security concerns that come with use of Android devices).

Mobile device management solutions today can manage Androids in a variety of ways, no matter what the management policy calls for. MaaS360 for example gives the administrators mobile application management (MAM) capabilities, giving them the monitoring and enforcement controls they are looking for. If Androids are found to be out of compliance, the admin can then remotely or selectively wipe the device. If your policy calls for passcode enforcement, roaming restrcition, GPS, or BYOD privacy settings, mobile device management is the best means for management on Androids, iPhones, iPads, and other smartphones and tablets.

If you are one of millions who have downloaded the Android or iOS Facebook app to your smartphone or tablet, you may not “Like” this blog post. The privacy of your personal information—or that of your company—may be at stake. According to Gareth Wright, a mobile application developer, hackers can access the .plist file of your Facebook application with relative ease.

With access to this file, the hacker can obtain the app’s access token, full oAuth key and secret. With these items, a user’s account could be hijacked and his or her identity effectively stolen. As you can imagine, news of this potential threat circulated the web relatively quickly which prompted experts to shine more light on the topic.

Josh Constine of TechCrunch says not so fast. In a recent post, Constine pointed out the vulnerability only applies to jailbroken or rooted devices. Good news for some of you, but not all. Especially those of you who use your phone or tablet both at work and out of the office.

Is Jailbreaking the Root of the Problem?

Jailbreaking refers to the process of modifying Apple iPhone or iPad software (iOS), and is typically performed as a means to avoid limitations to device functionality. Users can then access third-party applications that would otherwise be unauthorized to run on their device. As for Android devices, they may be less restricted than Apple devices, but they can be rooted in order to rid custom interfaces or to gain more control over the device.

Jailbreaking and rooting are controversial practices, and will void the warranty of most devices. As the recent Facebook vulnerability revealed, jailbreaking can remove some of the key security protections that come standard on a mobile device.

MDM, Remote Wipe, Problem Solved

When rooted or jailbroken devices gain access to the corporate network, they automatically pose security risks. IT professionals in the enterprise would be well-advised to guard against the hazards that come along with these penetrable gadgets. Many security professionals have answered the call by working jailbroken and rooted devices into their mobile device management (MDM) policy.

However, as Constine pointed out, lost or stolen devices make matters more complicated. Any hacker worth their salt can root or jailbreak a device that falls into their possession. For this reason, it’s important to consider remote wipe solutions, which allow IT departments or individual users to remove sensitive data from a mobile device that is lost or stolen. If it falls into the wrong hands, cost of replacement and restoration should be the only concern.

With the above considered, the threat of the Facebook app is not as scary as it may have first seemed. Much like the other threats brought about by the mobile digital age, it is one that can be mitigated by common sense best practices and smart security solutions.

So for all you employees out there, do you have a jailbroken or rooted device? If so, what measures will you take heading forward to ensure your personal/company information remains out of hackers’ hands? Tech admins, what are you doing to prevent infiltration of private corporate information?

At yesterday’s MORE series webinar, we took a dive into the hottest topic in enterprise mobility: Bring Your Own Device (BYOD) programs. Whether your IT team has begun putting a BYOD plan into practice — or is looking to start from scratch — we’ve got you covered.

Read on for 10 steps that will make your Bring Your Own Device program successful. Remember, this is advise. The first rule of an effective BYOD program is to remember no two organizations are alike. We advise that you use these steps as a guidebook for your internal processes. If you’d like to access the slides, poll results, or on-demand recording of the webinar, all can be found in this MaaSters Center post.

Creating a comprehensive Bring Your Own Device (BYOD) policy

You should put two notions into practice when creating your BYOD policy. First, make sure your policy encapsulates your corporate standards. Second, ensure your policy offers your employees the flexibility they look to attain by bringing their own iPad, iPhone or Android to work.

Square away the following prior to implementation:

• BYOD Cost: Who will pay for the data plan? Will you implement a stipend as a carrot to get people to buy in? Or will make the end-user to pay for their own data use?
• Agree to Acceptable Use: What terms will you include in your Acceptable Usage Policy, and how will you ensure your employees read through it? Will it happen when they enroll (EULA) or will they have to opt in via a form?
• Your Industry Matters: Which devices will you support? You will have to account for factors such as Android fragmentation and any security or regulatory requirements that relate to your industry (i.e. Healthcare HIPAA compliance)
• Gatekeepers: Will you enforce passcodes? Encryption? Do you want to blacklist any applications?
• Management: What mobile device management (MDM) solution will you leverage to manage your devices?

22% of all devices enrolled in MaaS360 are personal devices, and 86% of those are iOS devices.

Measuring your mobile device footprint

A poll run during our webinar, Putting Employee-owned iPhones and iPads to Work, showed 45% of participants were running Exchange ActiveSync (EAS) at their company — the primary method being used to montor their device inventory. Companies that rely solely on EAS to monitor their device inventory are at risk of having devices connect to the network that they are unaware of, known as rogue devices.

MaaS360 offers a free tool, MaaS360® ActiveSync Reporting Tool, to measure your mobile footprint. This allows you to block new devices entering the environment. When you have this tool enabled, we advise you to first identify all the devices that are connected to your network, and have them enrolled with the MDM solution. Then you can block devices attempting to connect thereafter. By taking this course of action, you can review your data and decide who needs to be managed in accordance with your policy.

Knowing your mobile footprint will help you 1) identify who needs to be enrolled to the program and 2) clean up your old devices!

Simplify user enrollment – Configure Over the Air

Once you’ve identified the devices you’d like to enroll, make sure you have a simple and secure mobile enrollment process that configures the devices. During enrollment, send users a simple URL. Upon clicking the link, users should be prompted with steps they’ll have to follow in order to enroll. Existing users should be advised to delete their Exchange ActiveSync accounts on devices so they can start off fresh with the MDM solution. Once enrolled, devices will be auto-configured with the security settings you’ve set in your policy. Some will restrict access to YouTube, iCloud, the camera feature, and other functions that are out of line with your corporate mobile and BYOD policies.

Provide self-service capabilities

Self-service capabilities aren’t for everyone, but when made available, can make life much easier for your end-users and the IT team. These capabilities allow users to log-on to the end-user portal and access a list of their enrolled devices. From here, they can locate their device, lock it, reset its password, or wipe it. The end-user portal also allows them to see why they’re out of compliance. Giving your end-users this capability takes the pressure off your IT team and reduces the number of inquiries that can be expected when users have their phones and tablets enrolled.

Protect Personally Identifiable Information (PII)

This has been a hot issue as of late, which will come as little surprise. Personal devices come cram packed with personal information, documents, and applications that are on the phone for non-work purposes. And it should stay this way to protect privacy and security. Luckily, you can consult with your mobile device management (MDM) provider to find out how to properly address Personally Identifiable Information PII at your company. You’ll need to identify your personal vs. corporate owned devices, and apply a particular policy to hide the personal information from IT administrators.

Isolate corporate data

Protecting the corporate data resting on these devices is equally as important as keeping your employees’ best interests accounted for. If you’re going to support BYOD, you need to be able to isolate corporate data on the phone, which includes, but is not limited to:

• Exchange ActiveSync Accounts
• Wireless settings
• VPN configuration
• Enterprise applications you’ve pushed down
• Documents

Statistics from MaaS360 show that 86% of wipes conducted were selective (both manual and automated), a measure that solves the aforementioned data types from being compromised.

Continuously monitor automated actions

Once you have your user-base enrolled, you must monitor the state of each device. Make sure to ask the following: is the device enrolled? Is it in compliance? Does it have any new apps? Answering these questions will allow you to make adjustments based on the data you’re seeing. This information will tell you if you need to make new policies or compliance rules.

The optimum device inventory can be classified as follows:

• Enrolled
• Proper version
• App compliant
• Encrypted
• Not jailbroken or rooted

Once you’ve identified the devices that require further steps, there are several actions you can take:

• Send a notification to the user with steps to be taken
• Block the device from accessing the corporate network and/or email
• Wipe the device (full wipe or selective wipe)

Manage Data Usage

Going back to one of our first suggestions, ensure you provide your employees the flexibility they are looking for when you give them the option to bring their own device to work.

You should provide an easy way to both track and be alerted on data usage. Help employees understand the benfits of using Wi-Fi whenever available. A mobile expense management (MEM) solution makes it possible to capture valuable trending information and reports that can shape usage patterns. This type of reporting enables you to learn who your users are, and what how they tend to use their devices. You can set usage policies based on specific segements that use their phones and tablets differently from the rest. Some actions you may want to take: set roaming and in-network megabit limits. Similarly, you can create threshold notifications that alert users when they are close to crossing the line.

Track the Return on Investment (ROI) of BYOD

The last tip I’ll leave you with, and perhaps the most important, is to consider your incentive for implementing a BYOD program. Is this move going to help or hinder your organization? Consider the following when you compare your lineup of corporate-owned devices to the devices your employees will be bringing to work:

Corporate devices:

• Purchase cost
• Cost of a fully-subsidized data plan
• Cost to recycle devices every few years
• Cost of warranty plans
• IT time and labor (time is money!)

Employee-owned devices:

• Cost of a partially subsidized data plan
• Cost of a management platform
• Quantify productivity gains
• Subtract costs from above

With the following considered, hopefully you are well on your way to implementing a BYOD program for your organization. Let us know what problems you run into along the way; we’re here to help.

Use the comments section below to tell us your story. What tools will you use to isolate your corporate data on personal devices? Post-BYOD implementation, what percentage of devices in your environment do you anticipate will be personal-owned? No matter where this experience takes you, make sure you keep us in the loop.

The benefits of bring-your-own-device (BYOD) are almost endless, and with constant release of new & improved smartphones and tablets, the list just keeps lengthening. Every new feature or hardware advancement can make your day at work just that much easier. It’s a great time to be a gadget end-user. For IT administrators and CIOs tasked with network security, not so much. That is, unless, you are ready for a mobile device management (MDM) solution. A recent survey entitled “Global Study on Mobility Risks” makes this point very clear.

The survey describes trends in enterprise mobility and shows how the BYOD phenomenon is rapidly being adopted by corporations across the world (this I’m sure we’re all aware of by now). What we can learn from this survey, however, is that BYOD cannot work without MDM. The rapid adoption of new devices makes planning and preparation critical, but the problem is there isn’t a lot of time to do so. In fact, there may be no time at all. Your mobile workforce is all-in, and they’re already knocking at the door.

According to the survey, which had 4,000 participants in 12 countries, 77% believe mobile device use is significant to productivity in the workforce and achieving business objectives. Almost the exact number of respondents (76%) believe mobile device use in the workplace puts organizations at risk for malware and other security intrusions that could potentially infiltrate the company’s private files or wipe out important data. Hence, the obligation to find equilibrium between BYOD and mobile security.

“IT has spent years working on desktop security and trying to prevent data loss over web and email channels – but mobile devices are radically changing the game,” said Tom Clare, senior director of product marketing management at a web security firm.

The study also showed that in the past year, 51% of organizations reported a loss of data from employee-used mobile devices. Without mobile device management, this percentage will not be reduced to zero, it will be replicated. Perhaps inflated!

With over 75% of survey respondents acknowledging the existence of mobile device security issues, it appears MDM is on its way to being an integral element to enterprise security. However, the nature of emerging threats continues to put pressure on IT departments to acquire top of the line MDM solutions, and highlights how important user vigilance is when it comes to BYOD.

No more than two months ago, Google reported an astounding figure of 700,000 daily Android device activations, an announcement which awed enough to step back and acknowledge the platform’s presence as a top-contender in the mobile industry (tailing Apple by just 15 million activations total). This morning, it would seem they’ve upped the bar on themselves, and don’t be surprised as it continues to go up. Reporting from the Mobile World Congress in Barcelona, Andy Rubin, (SVP Mobile at Google) tweeted a significant jump from the December figure to 850,000 activations a day. Pretty incredible!

Not only does this news reaffirm Google’s greatness, it suggests the company’s strong influence on both current and prospective tablet and smartphone users. At this juncture, we must consider: what impact is the widespread adoption of Android devices having today, and how will it change heading forward?

A good start for the first question is apps, apps, apps. With 400,000 applications to choose from in the Android Market (up from 300,000 just 5 months ago), users are given a means to customize their phones and tablets to a T. This can often be accomplished without spending any money. In the worst case (which isn’t bad at all) most paid apps have a lite or free equivalent where the value proposition can be demonstrated on the users own terms. More than likely the user will upgrade when they see what they’ll be getting for those extra few dollars. What is more, the diversity of available apps is extreme enough to accommodate demographics on opposite ends of the spectrum, from children learning how to read to the most upstanding businessmen in the world.

With more users finding ways to use smart devices in their daily routine, more of them are being brought to work through what have been dubbed bring-your-own-device (BYOD) programs. With more phones and tablets entering the workplace, MDM (mobile device management) and MAM (mobile application management) solutions become critical additions in schools, enterprises, and banks. Quite literally, anywhere an Android smartphone or tablet can be used for work processes. This could be where the growing number of Androids and their apps make their biggest mark in the future.

To withhold from MAM and MDM investments, a company would have to forgo the tremendous impact these devices are capable of making and crippling workers by cutting down on their productivity, flexibility, and incentive to work when they are not in the office. A BYOD program without these management capabilities is too risky to even consider. Undetected rogue devices connecting to the network, losing devices without wiping capabilities, and unregulated control of documents and apps being downloaded and transferred between devices become more than possibilities–they become realities.

How is your workplace addressing the increased number of Android devices being brought to work by employees? Are you able to bring your own instead of using what is provided to you? Which apps have changed the way you go to work? Let’s discuss below. It would be great to hear from others what kind of impact the hike Android activations will have in the long term.

If your company has yet to implement a bring-your-own-device (BYOD) policy, it is likely a plan in the works. And why not? For most organizations, the initial draw is reduced spending. With more employees bringing their iPhones, iPads, and Android devices to work there is no rush to acquire new hardware. And then there’s the benevolent element; putting a smile on everyone’s face. Employees who are bringing their devices are loving work more than ever now that they’ve severed ties with their desk.

What’s better, these benefits of BYOD are just the tip of the iceberg (according to a business consulting executive who recently wrote for Forbes). As more workers become increasingly mobile–and their smartphones and tablets become more advanced–businesses will do more than just provide workers with mobile access. They’ll begin implementing workflow strategies to maximize the benefits of mobile applications. A worker on the road for example can update sales data or log reports throughout the day via mobile device, improving the accuracy and timeliness of information capture.

Of course, as more companies begin to explore the benefits of a mobile workforce, hackers grow bigger grins on their faces. They’re relishing in what the expansion of worldwide mobile device use means: more data-rich targets for the striking. Recent reports have begun painting a clearer picture of the worldwide threat.

One network solutions firm released a 2011 Mobile Threats Report, providing some hard numbers related to mobile malware and other hazards. According to the findings, there is more malware than ever before, and 2011 saw a record number of mobile malware attacks–most notably against Google Androids.

Google Android malware increased 3,325% in the second half of 2011 (yes, over three-thousand). Using a new “fake installers” attack method, hackers have been able to trick smartphone users into paying for free apps. This is just one of many ways they are finding success. Even scarier, malware attacks have been simplified and hackers are profiting from attacks more easily than they did in the past. Before, technically sophisticated attacks were the trend. Now, applications have become the center of attention in mobile devices, providing vehicles for hackers to compromise devices with viruses or other malicious threats.

Increased awareness and proactive steps from IT directors will be necessary to keep information private and device inventory safe. “Securing mobile devices requires a combination of safeguarding connections from interception, securing data in transit from prying eyes or theft, protecting against fast-propagating malware, possessing the tools to manage devices and apps, and securing the data, usernames and passwords on them in the event that they are lost or stolen,” Hoffman stated.

The intersection of BYOD and external threat spells out one thing: now is the time to adopt a robust BYOD policy and acquire a strong mobile device management (MDM) solution. By taking the threats out of the equation, the benefits of BYOD can be fully maximized with peace of mind. Where would you rank your company’s readiness for BYOD?