Mobile Device Management

Discussion in 'General Off-Topic Chat' started by ResleyZ, Feb 3, 2014.

  1. ResleyZ
    OP

    ResleyZ Swiggity swaggity swooty, I love my own booty

    Member
    528
    119
    Oct 11, 2013
    Netherlands
    Silicon Valley
    So, I need some specific help regarding mobile device management.

    I'm currently a trainee at a IT company. As a project they asked if I could set up something for Mobile Device Management. Basically they want to assist their customers with their mobile devices (tablets, phones, etc.)

    Now I'm wondering if any of you guys have any experience in mobile device management. Maybe suggest some software packets to use.

    Thanks for the help!
     
  2. FAST6191

    FAST6191 Techromancer

    pip Reporter
    23,347
    9,145
    Nov 21, 2005
    "they want to assist their customers with their mobile devices"
    Do you mean your company's customers have mobile devices that need sorting or that the company wants their staff to be able to sit in the lobby/at the cafe/at home without a work laptop and be able to do some work?

    For the record "mobile device management" typically means you want to allow people to do work on their tablet computers (see also bring your own device*) but do not want a)your corporate network to be compromised when their kids (or them) try to install a bunch of malware laced cracked applications and b)so IT does not have to spend an hour installing stuff when you get a new employee or the current ones sit on their tablet or drop the phone down the toilet. To this end you need the mobile equivalent of group policy objects/active directory for windows.

    *is this company provided gear or something the employee has provided for the purpose, or both I guess? Also if these things are phones are you going to forward numbers to them because it is kind of hard to handle a phone call and fiddle with something else at the same time.

    All this then depends entirely upon what your setup is as far as software and networking. Do you want to do this in the field or do you just want them to be able to sit in the lobby/break room and still have access to their emails and possibly some databases?

    What budget do you have for this project? You might be able to hang it off the back of your existing stuff but this sort of thing is one of the current buzzwords in IT so the open source world has maybe not caught up as much as it could.
    Are these just android, just IOS, some combo of the two, are they foolish enough to include blackberry, windows phone or one of the small players..... Surprisingly IOS probably does better here as far as remote management goes though android is not completely impossible, windows phone does surprisingly well as long as you do not try to colour outside the Microsoft lines (same as it always has been then).

    These days everything seems to go over the browser. I hope this browser is not not forced to be internet explorer 6 (or maybe 7) though as that gets to be very annoying to deal with if you are trying to use a mobile. If it is then that is easy to deal with (you add some favourites and links/shortcuts on the desktop/home screen.
    If there is no mobile version of the application you are using, even a cut down interface, and you do not want to build one then you are going to need full applications and it is time for remote desktop*. If you are not needing lots of nice 3d then standard windows RDP will do wonders there, bonus is it will be tied to whatever active directory setup you already have. Alternatively there is the likes of teamviewer which can sort 90% of the hassle with RDP and VPN there, though it will cost you a tiny bit unless you go against licensing (I would not suggest it for your first project).

    *windows has a basic version of it built in but http://www.aads-worldwide.hk/ has things if you need something slightly fancier, likewise virtualisation is a thing (even virtualbox will do the job) so that might be a slightly less license troubling activity.

    I do not know what email server you are using, normally exchange would have been a good bet but it is not half as ubiquitous as it once was. I have not had the pleasure of doing exchange email on IOS and android but it is plenty doable. Standard IMAP is easily sorted.

    I would resist every request to have a remote file share unless you have a really good case for it. Even then I would try for a "if you need it then call IT and we will give you a temporary password".

    If this is to include field/site work then you are really going to want a VPN client for your network. I would still try to isolate the relevant servers from the rest of the network but that is on you.

    Does your work have an internal instant messenger system?

    On the phone side of things will you also need to manage any call forwarding or have your people fiddle with their PBX settings?

    While you are at it I would also sort out some SSH access to your servers for the IT people on their phones/tablets.


    This is a reasonable project and a nice learning exercise for you, welcome to the real world of IT.

    The more bullet point version

    Figure out what devices you need this for. Do note not all tablets have 3g and not all field customers will have wifi you can use, how will you solve this issue (you and I could tether things easily enough, your less than IT trained field workers might have more trouble)? If you are paying for this 3g then how much is it going to cost you?

    Figure out how many devices you need this for (no need to spend tens of thousands if it is just something for the CEO's secretary and two or three field people) and if you need to scale it. If you do need proper management then http://www.zdnet.com/blog/consumeri...device-management-suites-you-need-to-know/422 is old but a nice start.

    Figure out what they have to do (email/exchange, calendar, documents, instant messaging, database, web portal, phone forwarding......). Do note there are things like office 365 and google docs these days.

    Figure out if you can do things from a mobile device (is there an app or a web portal option that works) or will need some form of remote desktop (be it actual RDP, teamviewer, some other VNC program)

    Figure out the security risks. My usual policy was fight it tooth and nail unless a real case was made for it. This is even likely one of those secret things they are assessing you on (I certainly would) so consider doing a proper security assessment and recovery plan up to and including a remote wipe of the device.

    Figure out the company's current IT infrastructure. If the security thing was one of the main hidden assessments then this is probably what they want you to learn, as you are doing something "useful" then it will probably stick more in your head than if you were just told "here is our server room, here is our switch cupboard, here is our wifi access point, here is our VPN program.....".
     
  3. ResleyZ
    OP

    ResleyZ Swiggity swaggity swooty, I love my own booty

    Member
    528
    119
    Oct 11, 2013
    Netherlands
    Silicon Valley
    Thanks FAST for the great reply. From what I read so far, it seems that this will be very useful.

    Concerning the company, it is a basically a external service desk, so when I say customers I mean 'small' companies who don't have their own service desk. I will read it better when I have more time, since it is quite a large post.

    Thanks again, this will definitely help me!