Topic - MDM Installation for mobile phones in organization
- User phone monitoring through MDM may have resistance. MAM can be better than MDM but getting Management support will be a big task
- BYOD policy approval by management is critical for non-company provided phones to be covered under MDM. Policy should incorporate complete deletion of email data and access once the employee moves out of the organization or lost his phone.
- MDM should be configured in such a way that only corporate email message can be accessed or deleted to secure privacy. MDM should not access any personal data of the phone.
- Legally vetted MDM consent forms to be implemented for approval of user so employee personal data should not be deleted
- Users should be trained on not to enable privacy tab or wi-fi on public places and also on what is visible to MDM. User should read what is secure mobility, device details, remote security, device location, etc.
- Alternatively API integrated application control will secure corporate data.
- However, in case of any deviation found, any way logs can be verified to identify the truth
(These are the points from CISO Platform Whatsapp group discussion by members on 31 July 2019)