According to the International Association of Information Technology Asset Managers, Inc. (IAITAM), thousands of U.S. corporations and government agencies have the same kind of "sloppy and dangerous" approach to mobile device management (MDM) that has led to the current impasse between Apple and the FBI over accessing the phone of a suspected terrorist.
"My professional estimate would be that about a quarter to a third of government agencies and corporations are not practicing what I would call 'safe mobile device management’,” says IAITAM CEO Dr. Barbara Rembiesa. “We see this everyday where government and private agencies hand out mobile devices to employees and then fail to install the simple mobile device management software that could keep the company or agency itself safe from attack and, as we saw in the San Bernardino incident, also keep our nation safe from attack."
Apple, the FBI and the Justice Department are currently arguing over the legality of unlocking the work-issued iPhone of the San Bernardino County employee Syed Rizwan Farook who, along with his wife Tashfeen Malik, killed 14 people and seriously injured 22 others. At the center of the legal battle is whether Apple can be ordered to provide a specialized software to allow the FBI backdoor access to the gunman’s phone.
"The truth is most government agencies and corporations fall down on the job when it comes to Information Technology Asset Management (ITAM) in general. But mobile device management, including best-practice policies and application of MDM software, is a real blind spot,” adds Rembiesa.
As it turns out, San Bernardino County paid for MDM software for the iPhone, but never installed it. Software that cost the county just $4 per device. Had the county required uniform installation and application of the MDM software, investigators could have remotely and legally unlocked the phone and thereby circumvented the legal dispute now underway.
"Some companies and government agencies think that all they need to do is focus on servers, desktop computers and laptops and that they can somehow ignore mobile devices, such as phones and tablets," explains Rembiesa. "However, these devices are every bit as much in need of ITAM as any other technology in the workplace. A sloppy and dangerous approach to MDM is an open invitation to theft, loss of data, breaches, and the kind of huge reputational damage we are seeing today in San Bernardino County. For a publicly traded company, this kind of error could be devastating."