Almost every company works with so-called cloud solutions - programs that are not hosted on a company's own server. In addition to Google Drive and the like, this also includes other software, such as a CRM (Customer Relationship Management) or an MDM (Mobile Device Management) system.
This is particularly practical for companies, because using the cloud means that they do not have to set up and maintain their own server. All that is needed is to log in and work can begin.
Yet - is it always all so simple? We discuss what matters when working with cloud solutions, especially when it comes to sensitive data!
Everything in the cloud - the future for enterprises?
In terms of simplicity, availability and flexibility, cloud solutions for software often have many advantages. For example, they can be scaled at any time, the maintenance of the server lies with the software provider and they can be integrated more flexibly into the IT infrastructure. Thanks to their rapid availability, they can drive forward the digital transformation in the company. Another advantage is that if the software solution is no longer to the company's liking, it can be changed more easily than if it was installed on the company's own server. Due to these factors, the use of a mobile device management system in the cloud also makes sense. But there are some factors that need to be considered here.
First, of course, it must be ensured that the MDM solution also complies with the compliance guidelines when used in the cloud. If it is not hosted in Germany, for example, or even outside Europe, there may be difficulties with data protection. You can find out more about the requirements of the GDPR here.
You should therefore check in advance where which MDM solution is hosted. For example, you can use platforms such as Capterra to see where the MDM providers are located and draw conclusions about the hosting.
Manage enterprise mobile devices in the cloud
Operating a mobile device management system in the cloud simplifies the maintenance of the system immensely. Only one sub-domain is created for each customer on the provider's server. These exist as individual, separate entities. So there is no risk of strangers accessing your data. As an admin, you can now log into the web domain from anywhere and add mobile devices to the MDM, manage apps or perform other actions at any time.Of course, it is important that the use of the MDM cloud solution is nevertheless integrated into the IT security concept and not treated as a separate part. For more information, read our article on the 'onion principle' in IT security. This means that sufficient training and introduction of the employees whose devices are managed by the MDM, as well as the personnel who will later have access to the MDM, is essential. Employees do not always have the necessary understanding for the introduction of an MDM. Nevertheless, they will inevitably be confronted with how it works, simply because the MDM app is installed on the device. It is particularly convincing to make it clear that an MDM - even if it is operated in the cloud - does not collect any personal data.
Cloud solutions for enterprises - the easy way to future-oriented IT
Based on the aspects of cloud solutions described above, it is clear that they offer a great relief and a step towards higher efficiency of work.
However, if software that handles important data and corporate assets is not hosted on a company's own server, several factors need to be considered:
-
The Cloud solution should be hosted in Europe, preferably in Germany
-
If this is not possible, it should be carefully checked whether the data protection regulations of the hosting country meet the company's compliance policy
-
For MDM applications, this is even a prerequisite for whether an MDM solution may be used at all
-
It should always be checked how and when the customer service of the cloud provider is available. Does it benefit me, for example, to have only an English-speaking live chat?
-
Employees and adnins should know exactly about the functions and limitations of the MDM
-
A concept should be drawn up in advance showing how a cloud solution will be built into the IT infrastructure and what additional security measures will be taken
If you already operate a mobile device management system or are thinking of setting one up, we recommend that you also take a look at the BSI's specifications regarding MDMs. You can find them here.
Conclusion:
Cloud solutions are playing an increasingly important role in digital transformation for companies due to their cost efficiency, ease of setup and great scalability. However, before committing to an application, it is first necessary to clarify possible risk factors, e.g., data protection. Mobile devices in particular play an important role in the company: not only as a work tool, but also as an extension of the corporate network. As a result, they may offer attackers a gateway to important corporate data. For this reason, MDM cloud solutions must be examined in particular detail before they can be deployed.