Darin Adcock of California law firm Dowling Aaron uses MDM software to secure confidential client data.
Aug 23 2012

How Businesses Use MDM to Manage Workers on the Go

IT departments at SMBs find the latest software helps them handle the growing influx of mobile devices.

Attorneys at Dowling Aaron are bringing their own iPhones, iPads and every flavor of Android smartphone to work — and it’s IT Director Darin Adcock’s job to manage the diverse set of mobile devices.

The Fresno, Calif., law firm still standardizes on desktop and notebook computers, but it allows its 50 attorneys to use their personal gadgets for work. They access their corporate e-mail on their smartphones and access work files, applications and e-mail on their personal tablets.

“Our attorneys want to work 24x7, and each of them has at least one mobile device,” Adcock says. “We have a lot of confidential client information, and the ability to manage all that is key.”

While individual devices have some management and security features, Adcock has joined a growing number of IT administrators who are purchasing mobile device management (MDM) software, which allows companies to centrally configure, monitor and secure their devices, no matter the manufacturer.

With the software, IT staffers can enforce password policies, connect the devices to the corporate network and sync them to corporate e-mail. They can encrypt data, distribute company-approved applications and remotely erase data on the devices if they get lost or stolen. And if the gadgets are company owned, IT departments can prevent users from downloading unauthorized applications or block them from using certain device features.

“When people bring in their devices, the IT staff has to set up their e-mail and connect to the enterprise network. And they may need a VPN [virtual private network]. Those are the initial pain points they are going through now,” says Chris Hazelton, research director for mobile and wireless at 451 Research, a New York-based analyst firm. “Mobile device management software allows companies to quickly provision the devices, and it’s nearly pain-free.”

Better BYOD Management

Dowling Aaron, which has 125 employees and satellite offices in Bakersfield and Visalia, established a bring your own device (BYOD) policy three years ago, allowing attorneys to use their personal smartphones for work.

The company pays for the voice and data plans for smartphones. About half the attorneys use Android phones and the other half uses iPhones. Recently, attorneys have begun embracing iPads, and so far, about 15 of the 50 attorneys have them and bring them to work.

To manage all the devices, Adcock deployed AirWatch’s MDM software to sync the devices with ­Microsoft Exchange, so employees can access e-mail. Through a web-based console, he’s strengthened the passwords from a four-digit personal identification number (PIN) to five digits, and configured the devices to authenticate and connect to the office Wi-Fi network. He also uses ­AirWatch’s encryption technology to secure documents and e-mail on mobile phones.

If the smartphones and tablets become lost or stolen, Adcock can log in to AirWatch and remotely erase the corporate data on those devices without removing any personal applications or data. But if necessary — and with employee approval — he can do a full wipe of the device.

“With BYOD, it gets touchy. It is their personal phone, so they’re taking pictures of their kids,” he says. “What we said is that if you want to sync with the corporate network, you are giving us the ability to remove your data whenever we want to.”


The percentage of U.S. businesses that are using mobile device management software to manage devices with different operating systems

SOURCE: 451 Research (April 2012)

AirWatch is available both as a cloud service and as software that Adcock can install in his data center. Because the law firm is a small business, he subscribed to the cloud service, paying a lump sum to get started and then a small monthly fee per device.

The law firm continues to fine-tune the software, but it’s affordable and easy to use, Adcock says. It took about two days to set up the cloud and configure the custom profiles. To install, he sends an e-mail link to each device. Employees then click on the link and an AirWatch software agent is installed. After installation, employees are asked to create a new five-character PIN and type in their password to access e-mail.

Extra security was added with the iPads, which attorneys are using to access apps and data over the network. Employees log in via a VPN to Microsoft’s Terminal Serv­ices, which makes their applications and data available over the web.

Tracking Devices

At Delray Plants, in Venus, Fla., IT Administrator Karl Yeager uses Absolute Software’s Computrace software to centrally manage, secure and track the location of his company’s mobile devices. The nursery provides plants to retailers such as Wal-Mart and Home Depot.

Darin Adcock
Photo: Cody Pickens

“Our attorneys want to work 24x7, and each of them has at least one mobile device,” Adcock says. “We have a lot of confidential client information, and the ability to manage all that is key.”

The company equips its 80 to 100 sales staff and field service reps with a total of about 200 mobile devices, including notebooks and Android-based smartphones and tablets. Delray Plants uses Computrace as an asset management tool. Through a cloud-based web interface, the IT staff can track apps on each device.

If an employee tries to install rogue software for some reason, Computrace alerts the IT department, says Yeager, who handles Tier-2 IT technical support. “We take appropriate actions based on each user’s needs.”

The IT department can track the loca­tion of each device through its GPS or Wi-Fi connection, and they can remotely wipe the data off the devices if they are lost or stolen.

The Computrace software can also aid in recovering stolen notebooks and some tablets, Yeager says, if they have Computrace’s “persistence” software embedded into the device’s BIOS or firmware. If a thief resets or reformats the device, Computrace’s tracking software remains and can continue to report the device’s location and current status, Yeager says.

When a notebook is stolen, the IT staff files a report with the local police and notifies Absolute Software, he says. Absolute’s Theft Recovery Team then shares device location information and other evidence with local police.

While there are no guarantees that the devices will be found, police have recovered two notebooks stolen from Delray Plants employees, Yeager says.

“We report the device stolen, the Computrace software has the location information, and through the notebook’s webcam, it can take snapshots of the thieves; and then ­Absolute submits that information to the [local] police depart­ment,” he says.

A Robust Toolbox

BYOD is a hot topic for the IT department at Arro, a Chicago-area company that provides contract manufacturing, processing, logistics and warehousing services for a broad range of food and pharmaceutical products.

Arro, which has 65 full-time employ­ees, purchases smartphones for executives and employees who need the ­devices, and also allows workers to bring their own devices to work, says IT manager Alex Alia. For company-provided phones, the IT department lets employees choose ­between an iPhone, Android or ­BlackBerry device.

To get a handle on the mobile devices, Alia is planning to test MDM software. In the meantime, he’s using several tools to manage the devices. The company ­began an iPad pilot this summer to see if the tablets can boost productivity. Alia provided the first two tablets to the company’s president and chief financial officer, and to secure them, he used Apple’s basic built-in security tools.

He activated password protection and downloaded Apple’s Find My iPhone app that can also be used for iPads. The app uses the iPad’s GPS to locate the device if it is lost or stolen. It also allows the IT department to remotely lock the device or erase its data, he says.

Alia uses Exchange ActiveSync to allow smartphone users to access their Outlook e-mail, calendar and contacts. If employees lose devices, Alia can use Exchange ActiveSync to remotely wipe the data. To further protect corporate data, Alia has built a separate wireless network in the corporate office so employees and visitors can use their own devices. The Wi-Fi network is segregated on its own virtual local area network to prevent access to the internal network and to prevent network congestion, he says.

Overall, when it comes to mobile ­devices, implementing MDM software and other security measures and tools is critical and worth the investment, IT administrators say.

At Dowling Aaron, attorneys now have the flexibility to use their mobile devices for work anytime, anywhere — and the IT staff and management have the peace of mind that sensitive and confidential data is secured.

“The solutions that are out there are affordable, considering the repercussions if the data that attorneys carry lands in the wrong hands,” Adcock says.

Cody Pickens

aaa 1