Businesses actively use Microsoft Office 365 mobile device management for their employees. In this article, we provide its overview and assess its security.
Table of Contents
What is Mobile Device Management?
The extensive use of mobile devices in daily business operations has created a new gateway for cybercrimes. The opportunities to damage business are numerous from obtaining employees’ credentials to stealing (and selling) sensitive information to corrupting data and ransom requests.
The entry points for criminals include unsafe internet connections, applications (including those sold on seemingly safe marketplaces), emails, SMS with unsafe links, etc.
The size and the very nature of a touchscreen increase the chances of clicking the wrong link by mistake. The unintended unblocking of the phone (e.g., while carrying it in a pocket) can also wreak havoc.
Finally, because we carry mobile devices all the time, there’s always a risk of leaving them behind somewhere. As a result, a phone can get into the wrong hands with all the sensitive data on it.
Mobile Device Management (MDM for short) is a tool that enables businesses (i.e., IT Admins) to successfully control smartphones and tablets and prevent the security breaches listed above.
Microsoft MDM Solutions
Microsoft has created multiple tools that help businesses build a safe digital environment for essential business processes, such as communication, collaboration on content, project management, etc.
There are two solutions that provide mobile device management for Office 365:
- Basic Mobility & Security
- Microsoft Intune
The former is the built-in functionality of most plans except for Microsoft Intune, Enterprise Mobility & Security E3, and E5. It includes fewer features and applies to fewer devices compared to Intune. The latter has more capabilities, however, it only comes with certain plans like Microsoft Business Premium, Enterprise E3, and E5, etc.
To start using this feature, a super administrator should enable MDM Office 365 on the Setup page. Keep in mind though that it usually takes a few hours to complete. Afterward, you can add mobile devices and policies in the Admin Center.
Once you’ve set up mobile device management for Office 365, you need to make sure that every person in your company adds their smartphone, tablet, or Windows 10 PC to the system.
Luckily, the system enables you to remind the users to do so and notify you of non-compliance. Otherwise, you can restrict access to those who have failed to abide by the rules.
The functionality of Basic Mobility & Security
In this article, we’ll take a short overview of office 365 mobile device management. Please keep in mind that not all the functions work on every declared device.
- Device compatibility
iOS 11.0 and later versions; Windows 8.1 & 8.1 RT, 10 and 10 Mobile, Android 5.0 and later versions
Exchange, OneDrive for Business, Office
- Enforce encryption on devices
- Prevent jailbreak and rooting
- Wipe the corporate data from a mobile remotely
- Configures password requirements
- Disable manually created email profile on a device
- Control cloud, app, system, and some other settings as well as the configurations of device capabilities
- Remote control of Windows 10 devices
You can add devices with installed Windows 10 to your system.
The functionality of Microsoft Intune
You can think of Intune as an “upgrade” of Basic Mobility and Security. It has all the features of the latter. And in addition to that, Intune MDM works on more devices and provides bigger functionality.
Check out some of the features that are unique to Intune
Screenshot from Microsoft Support Center
Data from Microsoft Support Center
How Secure is Mobile Device Management for Microsoft?
Admins who consider O365 MDM would naturally want to know if it provides the declared level of security to your business digital environment. This issue is especially topical in 2020 now that remote work is on the rise.
Let’s take a quick look at this year’s findings on this topic:
- As of March 2020, 88% of organizations enforced remote work (Gartner).
- As of May 2020, 75% of employees would welcome WFH from time to time and 54% would be glad if they could do it 100% full-time (IBM)
- Interestingly, as of July 2020, 82% of employers were going to let their employees work remotely for a certain period of time after COVID-19 (Gartner).
- This is supported by the study by McKinsey claiming that 34% of IT execs would let 10% of their employees work remotely for at least 2 days a week after the pandemic.
McKinsey named security one of the key challenges of remote work.
What are those technology-related security threats? According to IBM research, about 80% of people who shifted to the WFH model have no experience in remote working. Another research on the company has even more troubling findings:
To sum up, around 22% of respondents use tablets and mobile phones for work. These are connected to the home Internet network. However, policies around mobile device management remain unclear to more than half of the employees. Furthermore, 53% use personal devices in their work too. Meanwhile, employers don’t administer personal devices that belong to 53% of respondents. Finally, 45% never received special training on-device protection.
Now, add to that the hardships of forced work from home most of us have already experienced this year. We weren’t prepared for that despite the fact that the world was slowly shifting to a remote model and many propagators claimed the rise in productivity (up to 41% to be exact). See Unilever and Stanford economist Nicholas Bloom’s report.
In opposition to these findings, 55% of remote workers experienced a loss of productivity and engagement during the COVID-19 lockdown according to S&P Global Market Intelligence. Vox has a well-written long-read explaining why it’s so hard to focus at home.
Finally, in July 2020, 53% of US citizens felt that the pandemic was taking a toll on their mental health according to KFF.
Let’s sum up the above. We have a workforce locked in their homes often with kids and pets. For most of them, it’s their first remote work experience. As the crisis revolves around them, they experience fear and anxiety wishing to get distracted from it.
At the same time, they often lack clear cybersecurity guidelines and struggle to ensure the safety of their work.
Under such circumstances, social engineering turned out to be the most successful strategy for cybercriminals. Recently Security Boulevard published their top 5 cyberattacks 2020. Four of them were ransomware, and one used spoofing technology, which is again human cheating rather than a computer.