In one of the more infamous data breaches, the Department of Veteran Affairs exposed 26.5 million PII (Personally Identifiable Information) records of its military veterans and personnel when a laptop containing this data was stolen from the home of an employee. Imagine if this situation occurred at your fund, where your employee’s mobile device containing your investor list was stolen. Not only would there be potential monetary damage, the reputational damage and loss of trust would be immeasurable.
With the proliferation and rapid technological advancement of mobile devices today, it is only becoming more difficult to secure your data. Having a robust Mobile Device Management (“MDM”) toolset that integrates seamlessly with your productivity files (i.e. emails, spreadsheets, presentations, etc.) and meets your organizational needs is a key step to begin securing your data. Microsoft has been rapidly catching up in providing solutions to key areas of concern for CTO’s. In many cases where only 3rd party vendor solutions covered the gaps Microsoft has now either built or acquired and integrated key solutions that provide the key security requirements for the financial services industry. Office 365, Microsoft’s cloud version of their ubiquitous Office suite, offers built-in MDM functionality (MDM for Office 365) that is included with any commercial Office 365 subscription (Enterprise, Business, Education, and Government).
The Microsoft Office suite continues to be the dominant player for desktop productivity tools. With the continued rise of cloud based services, Office 365 offers the path of least resistance for adoption in moving Office to the cloud. Furthermore, as the MDM tools are embedded into Office 365, this results in a tight and seamless integration with your firm’s Office productivity files. This cloud based tight integration offers the robust MDM functionality evidenced in the following scenarios.
- Authorized Devices – Before an employee can access your firm’s Office files such as the Company Financials on Excel, their device must be authorized to access Office 365. Authorization is applied on multiple levels from the device type itself (Android, iPhone, etc.) to properly configured device security settings (your company domain) to having the device enrolled in MDM for Office 365. The best part is this can now be achieved without the costly and labor intensive solutions like VPN.
- At-Risk Device Detection – The BYOD (Bring Your Own Device) environment is here to stay and employees will continue to want to use their own devices to access company related information. Before allowing your research analyst to access proprietary research files on their personal device, it is critical to ensure that their device has not been “jailbroken” (factory operating system settings edited). “Jailbroken” devices are at risk as there is a greater chance of such a device being compromised. These devices can be identified and prevented from accessing Office 365.
- Remote Device Wiping – Device wiping can be done as a full wipe or a selective wipe. Should your CEO lose their device, the device can be wiped completely resulting in a device that has been restored back to its original factory state. For terminated employees, selective wipes can be applied to their devices to ensure that all corporate information is removed from the device.
On the vendor level, Office 365 MDM offers several compelling factors as follows:
- Vendor Reputation – Microsoft is a premier vendor with a history of excellence and stability. They are not going away anytime soon
- Product Cost – Office 365 MDM is offered free as part of the Commercial Level subscription to Office 365
- Employee Adoption / Comfort Level – Office 365 MDM is tightly integrated with Office and Office is the productivity suite that your employees are familiar with
- Technological Fit – Office 365 MDM is cloud based and is reflective of the trend towards cloud based services. With cloud based services, you will gain advantages in not having to maintain hardware and software upgrades
- Scalability – As your firm continues to grow and has additional security needs, Microsoft also offers more robust MDM features through its Intune product. MDM for Office 365 is a subset of the Intune product and as such, any upgrade to Intune will be seamless and allow you to maintain a single vendor relationship
As a free product offered with their Office 365 product, Microsoft offers a truly compelling MDM solution that will protect your firm’s data. The tight integration with Office 365 files results in greater data security for both the data itself and your employee’s mobile devices. Office 365 MDM is a subset of their full MDM product, Microsoft Intune. Intune offers additional capabilities such as managing Windows PC’s and application deployment to devices. Intune itself is the MDM component of Microsoft’s EMS (Enterprise Mobility Suite) product which also offers document encryption, identity management and threat detection. Microsoft EMS has been recognized by Gartner as a Visionary in their Magic Quadrant for EMM Suites report. In future posts, we will go over the added benefits of using Intune in connection with your Office 365 platform.
FinServ is dedicated to researching how funds can benefit from cloud based technologies. Using our extensive industry knowledge in combination with a partnership with Microsoft, we continue to vet how these solutions are secure enough for funds to meet their stringent security and regulatory requirements