Mobile Device Management—A threat to employee privacy?

Anything that connects to a network represents a potential security risk. These days, people bring enough of their own home devices—from smartphones to laptops—into the office. Each one can be an access point for cybercriminals. Protecting your customers’ networks often requires you to discover and secure those devices.

This has led to the rise of mobile device management (MDM) solutions. These allow you to better protect both corporately owned and private devices that come on the network.

However, if you choose to launch an MDM solution for your customers, you’ll need to exercise caution. Mobile devices and bring your own device (BYOD) policies often cause people to blur the lines over data ownership and between personal and professional lives. So transparency about data privacy matters a great deal—and so does speaking with legal counsel before you roll out an MDM solution. Today, we’ll dig into the topic a little more.

Privacy and Mobile Device Management

Most employees should know that what happens on work devices isn’t private. Many will still use work devices for personal activities like banking, shopping, using social media, or sending personal emails. Most companies already have acceptable use policies for their work property. While acceptable use policies don’t guarantee good behavior on part of your employees, it can potentially help reduce the risk of losing a lawsuit from a former employee (but again, talk to a lawyer).

However, while acceptable use policies for company property have been prevalent for years, the rise of mobile working has complicated some of these policies. To top it off, while most employees are at least cautious about their work computers, people can be less cautious on their personal mobile devices. But it isn’t just about what personal activities they do on their devices—they may be completely unaware of the potential data you could have on them. Many MDM solutions allow you to track GPS locations for each device. This is certainly useful for recovering stolen devices, but it raises some privacy concerns for someone who may not want their employers being able to track their location at any given time.

Beyond that, many MDM solutions allow you to track nearly anything on a given device—including incoming and outgoing text messages and calls, applications downloaded (and their data), photos, and much more. Employees could easily be surprised when they find out how much information their employer can see on devices they bring to work. Beyond this, it could even leave you—or your client—open to potential lawsuits if you aren’t careful about how you deal with their personal data.

What You Can Do

First off, nothing in here constitutes legal advice. If you offer a BYOD policy or use an MDM solution, speak with legal counsel first. They need to help you draft policies to both protect you and your customers. But don’t just stop at what you need to draft—you’ll want to know where and when you must inform customers. This may differ depending on laws in your local jurisdiction, but you’ll likely need to gain employees’ consent before gaining access to devices.

Second, beyond speaking with legal counsel, it’s a good practice to remind employees fairly regularly of any important policies for both company-provided and personal devices. They should know that, for example, if they hook up their iMessage accounts to a company-managed Macbook so they can send messages to friends, employers could see their text messages. You may want to encourage them to only access their private data only on their own secure home networks and devices rather than bringing them in.

Finally, remember that part of your job involves securing not just a company’s data, but the business itself. An MDM solution only plays a role in security—you need other layers to protect the business from all angles. Build strong security controls around the rest of the business—from network security to endpoint security. At the bare minimum, consider segmenting a separate guest network for personal devices so an unsecured device doesn’t get onto the main network. This way if you needed to avoid using an MDM solution for a particular client, you could still contain some threats and keep them off your customers’ primary network.

SolarWinds RMM

Of course, MDM solutions still offer quite a few benefits to your customers. Mobile devices can bring a host of security issues to the forefront. And MDM solutions do provide some important security features like the ability to remotely lock devices or wipe the data from the device in the event it’s stolen. Additionally, when you use an MDM feature like the one built into SolarWinds® RMM, you can also set passwords, monitor data usage, and even remotely configure email or WiFi settings. And you can do it from the same web-based dashboard you use to monitor servers, workstations, virtual machines, and more. Learn more by visiting the site here

Want to stay up to date?

Get the latest MSP tips, tricks, and ideas sent to your inbox each week.

Loading form....

If the form does not load in a few seconds, it is probably because your browser is using Tracking Protection. This is either an Ad Blocker plug-in or your browser is in private mode. Please allow tracking on this page to request a trial.

Note: Firefox users may see a shield icon to the left of the URL in the address bar. Click on this to disable tracking protection for this session/site