Is MDM Harming Your Organization?

By Riley Eller, Rubica Cybersecurity

Cumbersome mobile device management (MDM) strategies rely on first having to solve all company security problems, then locking those solutions in place. Both halves are suspicious and it's a lot harder than it may seem to secure a device fully. Yesterday’s security threats are never the same as todays. Malware is polymorphic so it’s evolving minute by minute. Worse, by trying to control human behavior on the device, the technology actually pushes users to work around company policies—then turn to personal devices for business tasks.

What exactly is MDM?

Controlling user devices through MDM allows the administrator to fully manage apps and services, enable remote wiping in the event the device is lost or stolen, and provide deep monitoring capability. It does not monitor for, detect, or prevent threats like malware, trojans, data exfiltration, phishing, or malicious sites. It creates a “black market” for computing outside the regime of control, encourages personal device use—ensuring that users distance themselves from the security posture of the organization. Let’s dive into why that behavior exists and what you can do instead.

How MDM will fail you and your organization

In addition to the labor, the cost, and the waste of time created by pushing out updates (updates that were already supported by the device’s app store) MDM frustrates users into circumventing security policy. When it’s too restrictive, employees go around it.