How do you manage devices with Mobile Device Management in G Suite?
by Jeroen Van Becelaere, on Aug 19, 2020 3:28:25 PM
Today the average employee no longer works behind a fixed desk at the office. Smartphones, tablets and laptops have become the norm to work from everywhere. This mobile evolution creates two challenges for the IT department of organisations: how do you ensure that all the mobile devices are managed efficiently? How do you ensure that the corporate data shared on these mobile devices are properly secured?
Various solutions of mobile device management (MDM) are available. One of them is Google's Mobile Device Management (MDM) within G Suite. What makes this platform so attractive? Read this article to discover the key benefits of G Suite MDM.
Bring Your Own Device (BYOD)
These days the Bring Your Own Device (BYOD) culture in companies is popular. Employees like to use their own mobile devices for work. Plus, buying new mobile devices for the entire workforce isn’t cheap. In addition to these substantial purchase costs of the equipment and software, employees also have to learn to work with their new smartphone, laptop and/or tablet.
On the other hand, a disadvantage of BYOD is that it becomes more challenging for the IT department to manage all these different devices. This can lead to greater security risks. After all, the IT department needs to make separate arrangements for each type of telephone that needs access to the company’s network.
G Suite endpoint management
G Suite MDM succeeds with flying colors in overcoming these disadvantages. It allows organisations to manage all mobile devices within the organisation within one environment, without limiting employees to a limited number of specific devices. It doesn't matter which operating system (Android, iOS, Windows mobile,...) the user has.
So whether you opt for an accessible Bring Your Own Device culture or whether every employee borrows a company device, G Suite endpoint management makes it manageable. Even if it concerns a combination of both. G Suite endpoint management keeps your company data secure while employees use their favourite personal device or other endpoints. This also minimises the time to prepare a mobile device for the organisation’s workflow.
As a result, the use of G Suite MDM requires no extra investments and is completely future-proof.
2. Security of your company's data
G Suite is accessible anywhere, anytime and on any device. This means that a lot of company information is accessible everywhere and therefore it’s extremely important to properly secure these mobile devices. Good MDM policies help you overcome these security standards, keep mobile devices and applications up to date, and reduce the risk of corporate files falling into the wrong hands.
G Suite mobile device management allows organisations to manage efficiently, install and configure business mobile devices remotely. This is related to the management of the settings, user rights and security policy within G Suite MDM. This is all done from one central point. For example, the G Suite Admin can require screen locks and strong passwords. Erasing confidential data with device wipe or selective account wipe for Android and iOS is a piece of cake.
Basic or advanced security?
There are two versions of G Suite MDM: Basic and Advanced. The type of G Suite account you are subscribed to determines the level of Google MDM features you have access to.
With Basic G Suite MDM, you can:
Protect your organisation's data on Android and iOS mobile devices by enabling basic mobile management. Your users don't need to install a device management app with this option.
Some of the stand-out policies and features available within basic G Suite’s MDM include:
- Keep corporate data safe by requiring that mobile devices have a screen lock or password.
- Enforce 2-factor authentication.
- Within the Google Admin console, you can remotely wipe corporate data from lost or stolen devices, without affecting any of the individual's private apps or information.
- Track mobile usage and trends.
- Automatically roll out your preferred work apps with Android OS.
With Enterprise (advanced) G Suite MDM, you can:
Give your organisation more control of specific mobile security settings. For more control, a Google Device Policy app must be installed on each device. Take a look at how to set up advanced mobile management.
These advanced settings are the following:
- The ability to remotely wipe an entire device, also personal data and apps.
- Enforce stronger device passwords. The G Suite Admin can set minimum password attributes and require users to reset their password on a regular basis.
- Restrict access to device’s settings and features, such as mobile networks, Wi-Fi, screen captures, and more.
- Monitor compliance with policies you set, and get reports about users, devices, and OS versions.
- Manage your preferred work apps next to Android OS also on iOS.
Organisations that provide company owned phones to employees and/or require rigorous security will likely prefer advanced mobile management. For organisations where employees use their personal devices for work activities, basic mobile management is a better choice. It puts the organisation in control of the organisation's data, while the phone owner retains full control over everything else on the device.
Need some extra supervision? Let’s take a look at endpoint verification.
Endpoint Verification is a tool provided by G Suite that allows G Suite administrators to view information about devices that access corporate data. To enable endpoint verification in your organisation, you need to install Chrome and use G Suite within the Chrome browser.
G Suite administrators are able to see this extra information with endpoint verification:
- Device ID, serial number, device type, and operating system.
- Username and email address.
- The first and last time devices synchronised corporate data.
- If devices are encrypted and have a password.
- For devices with Chrome OS, administrators can also see whether devices comply with organisational policies.
G Suite Mobile Device Management makes it easy to keep your organisation’s data safe while letting employees use their favourite devices. G Suite MDM can separate your business applications from users’ personal apps, allowing employees to use their devices at work and home.
With the options basic or advanced G Suite MDM and endpoint verification, you as an organisation can choose how much control you want or need over all the mobile devices that have access to your company’s data
Help with Mobile Device Management
Fourcast is happy to assist organisations with setting up Mobile Device Management. If your organisation is considering the move to G Suite, or has already set up their account but would like some help with Mobile Device Management or other aspects of G Suite, get in touch!