Introduction to Mobile Risk Management

Mobile risk management (MRM) is an emerging category of technologies that empower organizations to identify, mitigate and manage the risks associated with mobile devices. MRM helps organizations go beyond traditional mobile device management (MDM) practices, which have primarily relied on risk avoidance or control tactics, to help them exercise the full potential of mobility while protecting corporate data and ensuring regulatory compliance. Achieving the right balance of device management, risk mitigation and compliance assurance while maximizing device utility and user acceptance requires a thoughtful and integrated approach to MRM.

Why Mobile Risk Management?

We’re now seeing mass proliferation of connected mobile devices and heterogeneous deployments of BlackBerry, Android, iOS, Windows Phone and other mobile platforms are becoming the norm. Organizations are embracing the bring your own device (BYOD) trend while smartphones and tablets are quickly becoming a hub for business and personal data, social networking, gaming and a wide range of apps provided by both commercial software developers and internal IT departments. And with technologies like Bluetooth and NFC, machine-to-machine (M2M) interactivity is on the rise and mobile devices will soon be used as wallets, security badges and more. The new opportunities are significant and the BYOD approach can lead to real cost savings for organizations. But along with this comes an unprecedented and complex set of security and compliance risks that require a thoughtful approach to mobile risk management.

Unlike traditional approaches to MDM and mobile security, MRM is not about “command and control” or “risk avoidance”. Instead, MRM looks at mobility through the lens of risk mitigation, protection and enablement. MRM helps organizations assess their risk profile, determine their own acceptable level of risk, and deploy the tools they need to help them protect their assets, monitor integrity, mitigate their risks and stay within their compliance requirements.

What types of risks does MRM help to address?

MRM focuses on mitigating the risks exposed by allowing mobile devices to access private networks and store confidential or personal data - namely the threats of private data loss and leakage, security breaches, identity theft, fraud and cyber attacks. These threats can expose an organization or individual to a range of potentially costly risks including:

  • Financial Risk due to regulatory non-compliance
  • Reputation Risk resulting from security breaches and violations
  • Competitive Risk from intellectual property and data leakage

For government agencies and organizations in regulated industries, maintaining and proving regulatory compliance can be a daunting task as more and more mobile devices are introduced into their IT environments. In many cases, the risks associated with non-compliance, or simply the failure to prove compliance, can result in being sued, fined or even shut down. MRM solutions strive to address these types of risks as they pertain to using mobile devices.

Taking a Holistic Approach to MRM

It is important to take a holistic approach to MRM to minimize the likelihood and impact of potential breaches and non-compliance. The risks associated with mobile deployments go far beyond the devices themselves and can be exposed through both physical threats (i.e. unauthorized access to lost or stolen devices) and digital threats (i.e. cyber attacks, malware, network snooping, etc.). In this regard, MRM strives to address the risks associated with mobility infrastructure, mobile devices and apps, the end-users themselves and external physical threats as well as situational risk due to the ever-changing state of the surrounding environment.

A holistic and integrated approach to MRM can create valuable risk intelligence for an organization and enable them to identify and prevent potential threats and compliance breaches before they happen.

How does MRM differ from Mobile Device Management (MDM)?

MDM is an important component of an overall MRM strategy. MDM technologies help organizations distribute software to mobile devices, configure policies and security settings, automate tasks related to asset management and support, and issue commands to lock, wipe or control devices remotely. While MDM helps organizations manage device inventory and mitigate risks associated with lost or stolen devices, they do not typically address the broader sets of security and privacy risks associated with:

  • Compromised operating systems, malware and untrusted applications
  • Policy configurations that conflict with corporate or government regulations
  • Data loss resulting from end-user behavior or cyber attacks
  • Situational threats that arise from roaming onto insecure networks or connecting to untrusted peripheral devices
  • Protecting and managing corporate data residing on personal-liable devices
  • Inability to maintain or prove regulatory compliance

MRM extends beyond MDM to address these types of risks, helping organizations protect their private data and maintain corporate compliance. Using a risk mitigation philosophy, MRM enables organizations to support a wide range of mobile devices and confidently embrace the bring your own device (BYOD) trend by taking a holistic approach to MDM, corporate data security, mobile application management (MAM), malware prevention, integrity verification, compliance monitoring, reporting and more.

What does MRM mean to my workforce?

On a day-to-day basis, MRM should mean very little to your workforce—in fact, they should be better able to do their jobs and enjoy their mobile device experience by safely and securely using the device of their choice. MRM solutions empower employees to work the way they want to work—while ensuring that the information on their mobile devices, work-related and private, remains secure—without changing how they work.

Learn more about Fixmo MRM Solutions

Fixmo provides comprehensive MRM solutions for government agencies and enterprises that continuously monitor and verify the configuration and integrity of mobile devices and apps, protect them from data loss and security breaches, monitor and track regulatory compliance and help you prove it through risk intelligence and reporting. Fixmo’s MRM solutions complement existing enterprise mobility and security infrastructure and act as an integrated component of a holistic approach to Managed Mobility, Enterprise Security and IT Compliance.

Fixmo Mobile Risk Management

Learn more about Fixmo MRM for Enterprise and Fixmo MRM for Government to find out how Fixmo helps organizations manage their risks so they can be confident and compliant while enabling the full potential of mobility.

Copyright © 2011 Fixmo Inc. All rights reserved.