Gartner EMM Report Highlights Mobile Security Advancements

June 13, 2017 - With evolving healthcare mobile devices, organizations must consider an enterprise mobility management (EMM) solution that can adapt to the rate of device advancement and address mobile security concerns.

Gartner’s latest Magic Quadrant for Enterprise Mobility Management Suites emphasizes the need for EMM solutions to support all mission critical applications and integrate seamlessly with an organization’s existing IT infrastructure. The EMM solution must also be future-proof as different mobile devices are introduced into the health IT ecosystem.

“EMM product requirements change as mobile platforms change,” said Gartner analysts. “Best practices are to create your requirements first then consider all the possible mobile scenarios you may have in your organization (such as BYOD and use cases specific to your organization).” 

EMM solutions cover all aspects of mobile device lifecycle management, including applications, data, and the device itself. Gartner emphasizes the importance of organizations recognizing their mobile needs and balancing their solution among the four main features of EMM: mobile device management (MDM), mobile application management (MAM), containment, and identity and access management (IAM).

Gartner refers to EMM as the “glue” that allows organizations to successfully manage mobile devices, and is the starting point for any mobile strategy. EMM solutions provide cross-platform sets of policies to contain, validate, enforce, and update device policies for gateways, proxies, VPNs, application certificates, and other aspects of mobile device access and functionality.

READ MORE: Comparing Methods for Developing Enterprise Healthcare Apps

Modern EMM solutions are thinner and more functional, avoiding bloated add-ons that take up device resources by being overly complex, according to report authors. Organizations are seeking mobility solutions that perform well without overcomplicating management or security tasks.

Streamlined EMM solutions are especially necessary for BYOD deployments because overly complex solutions can interfere with personal data and cause problems.

File-level protection at the edge was one of the newer considerations Gartner analysts focused on in the report. EMM solutions can only protect data as long as it’s being stored and exchanged within the confines of the EMM tools. Once the data leaves a managed device or network, it’s out of IT’s hands and they can no longer effectively protect it.

“Users can and often do get around such controls by emailing enterprise data to outside parties or personal email accounts, or by copying data to their PCs, where open-in restrictions are absent,” report authors explained. “In response, there is a growing need to protect data intrinsically and/or implement a rights-management-based approach to mobile data protection.”

Gartner suggested organizations consider EMM solutions that encrypt individual files rather than just the stored data and network tunnels.

“Rights management products extend IAM frameworks to provide control over file operations for frequently used file types, in addition to file access,” Gartner advised. “These products enable an organization to restrict who has permission to read, edit or delete a file, or forward a file via email. Such products typically also facilitate file-level encryption as part of their mobile data protection schemes. Effective data classification, therefore, is critical to making a rights management approach work.”

Many EMM vendors are building file-level protection capabilities to add onto their solutions this year, according to Gartner. The addition of this feature should give IT departments a single point administration for encryption and access/rights policies.

Gartner also touched on the evolution of mobile IAM over the past several years. It’s common for each user to have multiple mobile devices they use daily. It’s also common for one or several of those devices to be a BYOD device. IT administrators must have control over who is connected to the network and what authorized device they’re using.

“Gartner has seen the initial convergence of EMM with IAM tools,” the report stated. “This has resulted in several EMM vendors enabling IAM functionality, such as SSO and acting as identity providers. Gartner also has seen the converse, with several IDaaS vendors now offering basic EMM functionality.”

Advanced mobile IAM is evolving to become more context based. EMM tools need to identify the user and device as well as where and how the user is connecting to the network.

The user is granted network access depending on the context of the connection. If the user is accessing the network via a public Wi-Fi connection, the EMM solution can recognize that and limit their access based on the threat level detected.

Gartner predicted that over the next two years, context-based mobile identity will come a standard EMM feature.

The increased number and diversity of healthcare mobile devices calls for organizations to consider more advanced, flexible solutions to monitor and protect network access.