WEBVTT

1
00:00:00.000 --> 00:00:01.440
In this lesson,

2
00:00:01.440 --> 00:00:04.380
we will learn about mobile management.

3
00:00:04.380 --> 00:00:06.240
Mobile management includes

4
00:00:06.240 --> 00:00:09.240
Mobile Device Management or MDM.

5
00:00:09.240 --> 00:00:11.302
Mobile Device Management is a component

6
00:00:11.302 --> 00:00:16.050
of Enterprise Mobility Management, also known as EMM.

7
00:00:16.050 --> 00:00:17.820
Enterprise Mobility Management

8
00:00:17.820 --> 00:00:20.700
is a suite of technologies used to manage

9
00:00:20.700 --> 00:00:24.150
and secure mobile devices within an organization.

10
00:00:24.150 --> 00:00:27.000
Mobile Device Management technologies are used

11
00:00:27.000 --> 00:00:30.420
to enforce security policies on mobile devices,

12
00:00:30.420 --> 00:00:34.620
including configuration management, application control,

13
00:00:34.620 --> 00:00:38.730
and data encryption, all to prevent unauthorized access

14
00:00:38.730 --> 00:00:42.120
and ensure the integrity of mobile environments.

15
00:00:42.120 --> 00:00:42.990
Let's learn more

16
00:00:42.990 --> 00:00:46.170
about mobile device management technologies.

17
00:00:46.170 --> 00:00:49.140
With the increasing use of mobile devices

18
00:00:49.140 --> 00:00:51.300
and wearables in the workplace,

19
00:00:51.300 --> 00:00:55.200
securing devices has become a significant challenge.

20
00:00:55.200 --> 00:00:57.420
Mobile devices frequently connect

21
00:00:57.420 --> 00:01:00.173
to external networks beyond our control,

22
00:01:00.173 --> 00:01:03.960
and then return to our enterprise environments,

23
00:01:03.960 --> 00:01:06.990
potentially bringing security risks with them.

24
00:01:06.990 --> 00:01:08.580
To address this challenge,

25
00:01:08.580 --> 00:01:11.757
organizations turn to Enterprise Mobility Management,

26
00:01:11.757 --> 00:01:15.918
a comprehensive approach that combines policies and tools

27
00:01:15.918 --> 00:01:19.274
to centrally manage and secure mobile devices

28
00:01:19.274 --> 00:01:21.420
in a corporate setting.

29
00:01:21.420 --> 00:01:24.870
A key component of Enterprise Mobility Management

30
00:01:24.870 --> 00:01:27.968
is Mobile Device Management or MDM.

31
00:01:27.968 --> 00:01:31.727
MDM focuses specifically on the technical solutions

32
00:01:31.727 --> 00:01:34.804
needed to enforce security compliance,

33
00:01:34.804 --> 00:01:38.520
manage device settings, and protect data.

34
00:01:38.520 --> 00:01:40.590
While Enterprise Mobility Management

35
00:01:40.590 --> 00:01:44.610
covers the broader strategy of securing mobile devices

36
00:01:44.610 --> 00:01:46.492
through policies and procedures,

37
00:01:46.492 --> 00:01:48.381
Mobile Device Management

38
00:01:48.381 --> 00:01:51.353
provides the hands-on technical controls

39
00:01:51.353 --> 00:01:53.820
that ensure these security measures

40
00:01:53.820 --> 00:01:55.650
are effectively implemented

41
00:01:55.650 --> 00:01:59.670
across all mobile devices in the organization.

42
00:01:59.670 --> 00:02:02.010
Mobile Device Management solutions

43
00:02:02.010 --> 00:02:05.210
provide centralized management that allows administrators

44
00:02:05.210 --> 00:02:07.620
to enforce security policies

45
00:02:07.620 --> 00:02:10.410
on a wide variety of mobile devices.

46
00:02:10.410 --> 00:02:14.460
These solutions typically offer six main features,

47
00:02:14.460 --> 00:02:17.700
application control, password management,

48
00:02:17.700 --> 00:02:21.750
multi-factor authentication, token-based access,

49
00:02:21.750 --> 00:02:25.440
patch management, and remote wipe capabilities.

50
00:02:25.440 --> 00:02:27.060
Let's learn about each of these.

51
00:02:27.060 --> 00:02:30.216
First, application control allows organizations

52
00:02:30.216 --> 00:02:33.690
to manage which applications can be installed,

53
00:02:33.690 --> 00:02:37.410
configured, blocked, or removed on devices.

54
00:02:37.410 --> 00:02:40.290
For example, an organization might block

55
00:02:40.290 --> 00:02:42.969
social media applications from being installed

56
00:02:42.969 --> 00:02:46.582
on company owned smartphones to reduce distractions

57
00:02:46.582 --> 00:02:49.170
and protect sensitive information.

58
00:02:49.170 --> 00:02:52.071
Second, password and passcode functionality

59
00:02:52.071 --> 00:02:56.231
allow administrators to enforce strong password policies

60
00:02:56.231 --> 00:03:00.095
for the entire device or for specific applications.

61
00:03:00.095 --> 00:03:04.558
This might include requirements for a long, complex password

62
00:03:04.558 --> 00:03:07.428
or the use of biometric authentication,

63
00:03:07.428 --> 00:03:11.040
such as fingerprints or facial recognition.

64
00:03:11.040 --> 00:03:13.982
In this way, Mobile Device Management tools

65
00:03:13.982 --> 00:03:17.220
can prevent the use of weaker pass codes

66
00:03:17.220 --> 00:03:20.852
and ensure that security policies are consistently applied

67
00:03:20.852 --> 00:03:23.730
across all mobile devices.

68
00:03:23.730 --> 00:03:28.260
Third, multi-factor authentication or MFA

69
00:03:28.260 --> 00:03:30.390
adds an extra layer of security

70
00:03:30.390 --> 00:03:34.350
by requiring two or more forms of authentication.

71
00:03:34.350 --> 00:03:37.784
For example, MFA could require a password

72
00:03:37.784 --> 00:03:42.090
combined with a one-time code or biometric factor.

73
00:03:42.090 --> 00:03:44.610
Within Enterprise Mobility Management.

74
00:03:44.610 --> 00:03:46.830
Mobile Device Management solutions

75
00:03:46.830 --> 00:03:50.880
can trigger MFA requirements based on certain conditions,

76
00:03:50.880 --> 00:03:53.580
such as when the device is detected

77
00:03:53.580 --> 00:03:56.160
outside a geographic location,

78
00:03:56.160 --> 00:04:00.420
enhancing security when devices move beyond trusted areas.

79
00:04:00.420 --> 00:04:02.993
Fourth, token-based access involves

80
00:04:02.993 --> 00:04:06.646
using digital certificates to authenticate devices

81
00:04:06.646 --> 00:04:09.900
before they connect to network resources,

82
00:04:09.900 --> 00:04:12.540
ensuring that only approved devices

83
00:04:12.540 --> 00:04:14.970
can access the company systems.

84
00:04:14.970 --> 00:04:19.440
This feature is often integrated with network access control

85
00:04:19.440 --> 00:04:22.339
to verify that the device meets security standards

86
00:04:22.339 --> 00:04:25.080
before granting it access.

87
00:04:25.080 --> 00:04:28.530
Fifth, patch management enables organizations

88
00:04:28.530 --> 00:04:32.190
to manage updates and patches for operating systems

89
00:04:32.190 --> 00:04:35.460
and applications of enrolled devices.

90
00:04:35.460 --> 00:04:39.750
A centralized patch repository ensures timely updates,

91
00:04:39.750 --> 00:04:43.274
keeping devices secure against known vulnerabilities.

92
00:04:43.274 --> 00:04:47.280
If devices fail to comply with update policies,

93
00:04:47.280 --> 00:04:50.220
they can be restricted from accessing the network

94
00:04:50.220 --> 00:04:53.640
until they meet the required security standards.

95
00:04:53.640 --> 00:04:57.000
Sixth, remote wipe allows administrators

96
00:04:57.000 --> 00:05:00.870
to remotely erase data from lost or stolen devices,

97
00:05:00.870 --> 00:05:05.400
protecting sensitive information from unauthorized access.

98
00:05:05.400 --> 00:05:09.330
This feature can be used to reset a mobile device

99
00:05:09.330 --> 00:05:13.950
to its original factory settings, removing all stored data.

100
00:05:13.950 --> 00:05:18.090
However, a remote wipe command does require the device

101
00:05:18.090 --> 00:05:21.420
to be connected to the internet or the cellular network,

102
00:05:21.420 --> 00:05:22.980
which can be a limitation

103
00:05:22.980 --> 00:05:26.460
if the device is offline or in airplane mode.

104
00:05:26.460 --> 00:05:28.170
To mitigate the limitation

105
00:05:28.170 --> 00:05:31.800
of requiring a network connection for remote wipe,

106
00:05:31.800 --> 00:05:34.590
Mobile Device Management can also be configured

107
00:05:34.590 --> 00:05:36.629
to automatically wipe a device

108
00:05:36.629 --> 00:05:40.410
if an incorrect password is entered too many times,

109
00:05:40.410 --> 00:05:43.515
or if the device attempts to connect to the network

110
00:05:43.515 --> 00:05:46.188
without meeting security requirements.

111
00:05:46.188 --> 00:05:49.692
Another key feature of Mobile Device Management

112
00:05:49.692 --> 00:05:52.860
is its implementation of geofencing.

113
00:05:52.860 --> 00:05:57.720
Geofencing creates a virtual boundary around a physical area

114
00:05:57.720 --> 00:06:00.240
such as the company's premises.

115
00:06:00.240 --> 00:06:01.973
This is defined using GPS

116
00:06:01.973 --> 00:06:05.670
or Radio Frequency Identification technology.

117
00:06:05.670 --> 00:06:10.350
When employees' devices enter or exit this geo-fenced zone,

118
00:06:10.350 --> 00:06:12.330
the Mobile Device Management system

119
00:06:12.330 --> 00:06:14.666
can automatically enforce policies

120
00:06:14.666 --> 00:06:18.720
such as disabling video and microphone features.

121
00:06:18.720 --> 00:06:21.552
Finally, Mobile Device Management solutions

122
00:06:21.552 --> 00:06:26.070
can also use device certificates for enhanced security.

123
00:06:26.070 --> 00:06:28.671
User specific certificates may be issued

124
00:06:28.671 --> 00:06:31.770
to uniquely identify each device

125
00:06:31.770 --> 00:06:34.011
and allow administrators to revoke access

126
00:06:34.011 --> 00:06:37.560
for individual devices if needed.

127
00:06:37.560 --> 00:06:39.300
So, remember.

128
00:06:39.300 --> 00:06:42.240
Mobile Device Management or MDM

129
00:06:42.240 --> 00:06:45.840
is an important part of Enterprise Mobility Management.

130
00:06:45.840 --> 00:06:48.000
Mobile Device Management helps manage

131
00:06:48.000 --> 00:06:51.600
and secure mobile devices within an organization.

132
00:06:51.600 --> 00:06:54.255
It also provides the technical controls required

133
00:06:54.255 --> 00:06:57.390
to enforce security policies.

134
00:06:57.390 --> 00:07:01.560
Policies that manage configuration, control applications,

135
00:07:01.560 --> 00:07:03.990
and protect data with encryption.

136
00:07:03.990 --> 00:07:08.130
Since mobile devices often connect to unsecured networks,

137
00:07:08.130 --> 00:07:09.750
Mobile Device Management

138
00:07:09.750 --> 00:07:12.540
helps minimize risks to the enterprise

139
00:07:12.540 --> 00:07:15.688
by requiring features like multifactor authentication,

140
00:07:15.688 --> 00:07:19.770
a remote wipe capability, and geofencing.

141
00:07:19.770 --> 00:07:22.050
Finally, Mobile Device Management

142
00:07:22.050 --> 00:07:26.026
ensures devices follow security policies to reduce risk

143
00:07:26.026 --> 00:07:28.650
and protect sensitive information,

144
00:07:28.650 --> 00:07:31.533
keeping enterprise networks safe.