In modern, mobile-first organizations, lost or stolen mobile devices are a major security concern, since corporate data is often stored in or accessible through these devices. If sensitive data ends up in the wrong hands, it could result in a major setback to your organization.
Preventive measures to secure data should be implemented, regardless of how critical the data being secured is. A comprehensive mobile device management solution can help manage and secure devices in an enterprise
ManageEngine Mobile Device Manager Plus secures mobile devices and the data contained in them. In addition to proactive strategies, Mobile Device Manager Plus offers a number of reactive methods to secure enterprise data even if a device is lost or stolen.
Passwords are the first line of defense in securing your corporate data. Organizations can configure and implement strong password policies which employees are required to adhere to; these complexity settings include requiring passwords be a specific length, certain casing (such as at least one upper and lowercase letter), special characters, and other various aspects of passwords.
With geofencing, IT administrators can create virtual boundaries and associate policies to these boundaries. For example, admins can restrict corporate devices from accessing enterprise data unless they're within the virtual boundary. If a managed device exits the configured boundary, administrators will receive immediate notifications via email. IT administrators can even define an action to be performed on devices leaving this boundary, such as enabling Complete Wipe or Lost Mode. Data on the SD card can also be completely wiped.
With Mobile Device Manager Plus, you can encrypt Mac machines in bulk using FileVault encryption. FileVault is configured to perform full disk encryption (FDE), which scrambles the information present in a storage device and renders it unreadable to unauthorized users. This ensures only authorized personnel can decrypt the data using either their login credentials or a personal recovery key. Mobile Device Manager Plus can encrypt and escrow keys through the FileVault encryption policy.
For Mac machines, the firmware password can prevent boot-ups from unauthorized system volumes, regardless of it being internal or external storage; it can even prevent boot-ups from the recovery mode.
Mobile Device Manager Plus offers a number of security commands to ensure security for lost or stolen devices and the data contained within them. These include
Soon after discovering a device is misplaced or stolen, an alarm is triggered on the device before data is wiped just in case the device is present in the vicinity but hidden from plain view. This alarm stops ringing once the device is unlocked by the authorized user. The remote alarm functions even when the device is on silent or vibrate.
When the whereabouts of a managed device are unknown, the device can be remotely locked using this command. You can configure a policy to prompt the user to enter the password. A customized message and a contact number can be configured to appear on the lock screen, so that if anyone finds the device, they can easily return it.
When Lost mode is enabled on a device, the device is locked and can be unlocked only through Mobile Device Manager Plus. Similar to Remote lock, a custom message and a contact number can be displayed on the lock screen. Certain functionalities, such as switching off the device, USB data transfer, etc., can be restricted upon enabling Lost mode. You can even view the real-time location of the devices marked as lost.
Mobile Device Manager Plus not only tracks the real-time location of devices, but maintains the location history of devices as well. Mobile Device Manager Plus stores location data of devices upto 30 days.
Deploying a mobile device management solution is the ideal way to handle misplaced or stolen devices and the data contained within them. With an extensive feature set, Mobile Device Manager Plus can aid in securely managing Android, iOS, macOS, Windows, and Chrome OS devices. For further information, refer to our help document.