The function of mobile device managers, also known as mobile device management (MDM), is to deploy, manage, and monitor the mobile devices that make up the Cisco BYOD solution. These devices consist not only of mobile phones, smartphones, and tablets but also notebooks, laptops, and any other user devices that connect back to the corporate network and that can physically be moved from the office to the home, hotels, and other remote locations offering public Internet connectivity. Specific functions provided by MDM include the following:
Enforcement of a PIN lock (that is, locking a device after a set threshold of failed login attempts has been reached).
Enforcement of strong passwords for all BYOD devices. Strong password policies can also be enforced by an MDM, reducing the likelihood of brute-force attacks.
Detection of attempts to “jailbreak” or “root” BYOD devices, specifically smartphones, and then attempting to use these compromised devices on the corporate network. MDM can be used to detect these types of actions and immediately restrict a device’s access to the network or other corporate assets.
Enforcement of data encryption requirements based on an organization’s security policies and regulatory requirements. MDM can ensure that only devices that support data encryption and have it enabled can access the network and corporate content.
Provide the ability to remotely wipe a stolen or lost BYOD device so that all data is completely removed.
Administration and execution of data loss prevention (DLP) for BYOD devices. DLP prevents authorized users from doing careless or malicious things with critical data.