Ensure Lost Devices Don’t Create Security Risks: Pair Unified Endpoint Management and Device Management Programs

As conscientious as people try to be, sometimes we lose track of our possessions — our car keys, our umbrellas, our wallets, and, of course, our mobile devices.

But when the lost mobile device belongs to an enterprise, and is attached to an enterprise’s network, server or shared drives, it transforms from an inconvenience to a serious business and financial risk — because any unaccounted-for device opens the door to security issues.

If bad actors get a hold of company-owned devices, the organization becomes vulnerable to having their network hacked — either through traditional methods, where hackers use the device as a backdoor into a network, or through more insidious means: social engineering hacking.

With social engineering, hackers find sneaky ways to target a company using information they pull from a device. For example, a hacker might read the messages on a device and learn that the employee who owned the device worked in the marketing department and had been collaborating with others on a large campaign. The hacker could email the company’s finance department and, referencing a known campaign and using the company lexicon, request an immediate wire transfer to “support marketing efforts.”

And the risks don’t end with payouts to hackers. Every business understands the massive implications of being hacked: financial costs, including regulatory fines and lost revenue; stolen intellectual property; and damaged reputation and loss of customer trust — making it critical to be able to keep track of, and control, all company-owned devices.

One way to do this is by pairing a unified endpoint management (UEM) solution (AirWatch, MobileIron, etc.) with a device management program, which complement each other in a way that closes the gaps in lost-device procedures. Here’s how it works:

If an employee loses a device, it can take some time before they realize it’s lost (e.g., if they disembark a plane, head to the office, and only then realize they left their mobile device at the airport or on the plane), and can take the appropriate steps to alert IT. If a company only has a UEM, the employee alerts IT, who then alerts the UEM provider, who can then wipe the device remotely — but this can take hours or more, and time is of the essence when a device is lost.

When a UEM platform is paired with Tangoe’s device management program, the employee can use Tangoe’s platform-agnostic software to cut out some of the middlemen and immediately send a lost-device alert. This activates several workflows, one of which is an API that pushes to the UEM solution to fire off a device wipe.

This protects the device’s security, while other workflows initiate ancillary lost-device processes like ordering new hardware, transferring any licenses and apps associated with the lost hardware, and so on. Rather than these being separate items that need to be checked off as individual transactions, multiple workflows can be occurring instantaneously and simultaneously, through a combination of APIs and bots.

In addition, Tangoe provides a layer of compliance to ensure that all devices registered in the platform are also registered in the UEM platform, and vice versa. Providing a cross-check of security ensures that unintended outliers do not become Trojan horses within a security framework, negating the efforts and expense that comes with proper UEM implementations.

Combining UEM with Tangoe’s capabilities is a best-of-both-worlds practice that allows companies to control devices from both a security standpoint and a device management program standpoint. Don’t let lost devices open the door to either hackers or high costs — explore Tangoe’s solutions for more information.