The top technology news story right now is the debate between Apple and the FBI in the aftermath of the San Bernardino tragedy. Last week, Reuters ran a story here titled “Common mobile software could have opened San Bernardino shooter's iPhone.” The story mentioned MobileIron because San Bernardino County is a MobileIron customer.
As an employee of the County, the shooter had an employer-issued iPhone; however, this phone was not using MobileIron. The FBI now has the phone in its possession and would like access to the data on the phone. However, the phone has a passcode, so no one can get in. If the phone had been using MobileIron, the County IT department could have cleared the passcode to resolve this situation.
Company security and employee privacy are both essential in a mobile deployment. Any mobile device with business data should be using an enterprise mobility management (EMM) solution like MobileIron. However, as this case shows, mobile technologies are still relatively new, and so the adoption of EMM and the policies surrounding it are still in process in most organizations.
MobileIron secures business data
People are doing more and more work on mobile phones and tablets and less and less on traditional PCs. MobileIron is a software product that enables companies to deliver and secure business features on your phone, like work email and company apps, while protecting the privacy of your personal data, like photos and personal email. This video shows how employees use MobileIron.
When a phone is used for business email and apps, the security best practice is to make sure the phone is protected with a passcode. Otherwise, if the employee loses the phone, anyone who picks it up could easily get to confidential company information.
If an employee forgets the passcode, he or she calls the company’s IT department for help. If the device is using MobileIron, the IT department can, after confirming the employee’s identity, send a command to the device to clear the passcode. The employee can then set a new passcode.
San Bernardino County cannot use MobileIron to unlock the shooter’s phone because it is too late to install MobileIron once the device is locked. So now neither the County IT department nor Apple can clear the passcode.
Note that even when the passcode is cleared, only the person holding the phone can see all the data that is on that phone – the company’s IT department cannot. In other words, the IT department cannot get remote access to the data on the phone simply by unlocking the phone. The phone must also be physically present. This protects the employee’s privacy.
MobileIron protects employee privacy
Privacy is essential to our customers. The reason customers buy MobileIron is to secure company data without compromising employee privacy. MobileIron has a feature called Visual Privacy that lets employees see what their IT department can and can’t do on their iPhone. Such transparency builds trust between employee and employer. This video shows how employees use this feature.
In 2015, MobileIron conducted research called The Trust Gap that found that 30% of employees would leave their jobs if their employers could see personal data on their phones. This research and the corresponding best practices for employers are here.
The path forward
Mobile phones and tablets are becoming the preferred computing platform for many employees. The technologies and policies used for traditional PCs do not address mobile effectively. CIOs must proactively rethink existing security and privacy models for this new world. To get started, here is an overview of mobile security architecture and here are best practices for protecting employee privacy.