3 rules for managing mobility

Multiple Mobile Devices (Shutterstock)

Mobile devices, the near-ubiquity of wireless networks and cloud-based business applications have cultivated an enterprise mobility trend that is changing the way people work and affecting IT at all organizations, including government agencies.

A desktop computer and a mobile phone do not serve the needs of the always-on workforce of today. The balance of power has shifted from IT toward the end user, who demands mobility, choice and the option to bring his or her own device. That shift has given rise to a wide range of devices -- laptops, tablets and smartphones -- connecting to government networks.

In the eye of the mobility storm, the agency IT department faces a major challenge: to strike a balance between data security and control on one side and end-user flexibility and productivity on the other. Data security is imperative, especially in the government, where devices are more likely to contain highly confidential, regulated or classified data.

Organizations that successfully enable and manage mobility follow three key rules:

1. Manage the user, not the device.

In the past, the IT department could dictate the type of equipment an employee could use, thereby maintaining control over the device and the endpoint and ensuring that security measures were enforced. Today, users expect the same network and data access on all devices, and without that flexibility, productivity is impeded. On the flip side, agencies must ensure that access to data is appropriately permitted or restricted for each user, regardless of the device used to access it.

By managing user profiles rather than devices, the IT department can consider the needs, rights and permissions of users and build a template to support their productivity. And agencies can provide users with the flexibility to use a device of their choice while ensuring that data security is not compromised.

2. Implement and enforce a mobile-use policy.

Many users believe that data security is not their responsibility. Therefore, effective mobility management is supported by a policy that clearly defines what is expected of end users.

The policy should outline employee accountability and the penalties that can be incurred if the agreement is breached. If employees are allowed to bring their own devices, the policy should clearly state the steps the IT department can take to avoid data breaches if the device is lost or stolen, if the employee leaves the organization or if a suspected security threat occurs.

3. Maintain a persistent connection to the devices.

Satisfying users and establishing policies are fruitless if the IT department cannot maintain visibility of the device and the data it contains. A persistent connection is essential.

The Environmental Protection Agency relies on persistence technology for a constant connection to all the devices in its deployment. Because the persistence module is built into the firmware of each device, if efforts are made to remove it, the technology simply rebuilds itself so that the IT department can continue to track, manage, and protect the agency's assets and data, regardless of device location or user.

If a device leaves a designated area, EPA's IT department receives an alert. If a device is lost or stolen, the department can remotely freeze it or delete confidential data. Those functions allow EPA to be proactive about data security while supporting a mobile workforce.

Mobility is arguably the most disruptive technology since the World Wide Web, and IT departments that try to resist it will ultimately fail. Those that follow the three rules outlined above can secure data while embracing mobility and enabling a more productive workforce.

About the Author

Tim Williams is director of product management at Absolute Software.

The 2015 Federal 100

Meet 100 women and men who are doing great things in federal IT.


  • Shutterstock image (by venimo): e-learning concept image, digital content and online webinar icons.

    Can MOOCs make the grade for federal training?

    Massive open online courses can offer specialized IT instruction on a flexible schedule and on the cheap. That may not always mesh with government's preference for structure and certification, however.

  • Shutterstock image (by edel): graduation cap and diploma.

    Cybersecurity: 6 schools with the right stuff

    The federal government craves more cybersecurity professionals. These six schools are helping meet that demand.

  • Rick Holgate

    Holgate to depart ATF

    Former ACT president will take a job with Gartner, follow his spouse to Vienna, Austria.

  • Are VA techies slacking off on Yammer?

    A new IG report cites security and productivity concerns associated with employees' use of the popular online collaboration tool.

  • Shutterstock image: digital fingerprint, cyber crime.

    Exclusive: The OPM breach details you haven't seen

    An official timeline of the Office of Personnel Management breach obtained by FCW pinpoints the hackers’ calibrated extraction of data, and the government's step-by-step response.

  • Stephen Warren

    Deputy CIO Warren exits VA

    The onetime acting CIO at Veterans Affairs will be taking over CIO duties at the Office of the Comptroller of the Currency.

  • Shutterstock image: monitoring factors of healthcare.

    DOD awards massive health records contract

    Leidos, Accenture and Cerner pull off an unexpected win of the multi-billion-dollar Defense Healthcare Management System Modernization contract, beating out the presumptive health-records leader.

  • Sweating the OPM data breach -- Illustration by Dragutin Cvijanovic

    Sweating the stolen data

    Millions of background-check records were compromised, OPM now says. Here's the jaw-dropping range of personal data that was exposed.

  • FCW magazine

    Let's talk about Alliant 2

    The General Services Administration is going to great lengths to gather feedback on its IT services GWAC. Will it make for a better acquisition vehicle?

Reader comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above