How can you increase mobile device user awareness of EMM security policies and procedures?

Mobile devices are essential tools for modern work and communication, but they also pose significant security risks for organizations and individuals. Enterprise mobility management (EMM) is a set of policies and procedures that aim to protect the data, devices, and networks from unauthorized access, theft, loss, or compromise. However, EMM security is not only a technical matter, but also a human one. Users need to be aware of the EMM policies and procedures, and why they are important, to comply with them and avoid potential breaches. In this article, we will share some tips on how you can increase mobile device user awareness of EMM security policies and procedures.

1 Explain the benefits

One of the first steps to increase user awareness of EMM security policies and procedures is to explain the benefits of EMM security for both the organization and the individual. Users may perceive EMM security as an inconvenience, a restriction, or a violation of their privacy, unless they understand how it protects their data, devices, and identity from cyberattacks, malware, phishing, and other threats. You can use examples, scenarios, or stories to illustrate the potential consequences of not following EMM security policies and procedures, and how they can affect the organization's reputation, productivity, and compliance, as well as the user's personal and professional information.

Add your perspective

Carina Santos

IAM | Gestão de Identidade e Acessos | Identity And Access Management | Segurança da Informação | Cybersecurity | Governance | Governança
Report contribution
A melhor maneira para se explicar para os usuários os benefícios da segurança do EMM é os impactos com fatos reais e as consequências de não seguir as regras e politicas de segurança. Claro que é super explicar o conceito, mas hoje com um mundo muito tecnológico e o ritmo acelerado de se ter um informação ou recurso, devemos apostar em situações reais e as consequências de uma imprudência pode causar tanto ao usuário como a empresa.

Translated

Like
Serhat Ömer Rencber, Ph.D.

#Software #appsec, #devsecops, #cybersecurity, #threatmodeling, and #securitybydesign
Report contribution
To boost awareness of EMM security among mobile device users, regularly conduct training sessions using real-world examples. Create engaging, easy-to-understand materials like infographics and videos to explain EMM policies. Implement interactive e-learning tools with gamification for better engagement. Keep users informed about emerging threats and how EMM policies mitigate these risks. Encourage user feedback and involve them in policy development to increase ownership and compliance. Use periodic reminders and alerts to keep security practices top of mind. Leadership endorsement of these policies can further reinforce their importance.

Like
Benjamin Corll

CISO in Residence | Advisor
Report contribution
As much as I like with "explaining the benefits" as the topic header states, I start with myth busting of what the EMM is NOT doing. There is a lot of misconceptions or bad perceptions where users think that the company is using the mobile management solutions. They think that we'll be reading their personal emails, their text messages, and looking at every application they install. I have learning sessions where I explain what we're doing, why we're doing it, squelch the misconceptions, and answer questions. What I have also found helpful is that I do a live demo of the solution where I bring up the console to show the usage and show my own device and what can be seen or not seen. This seems to resonate well and answer concerns.

Like

2 Provide clear guidelines

Another step to increase user awareness of EMM security policies and procedures is to provide clear guidelines on what users should and should not do with their mobile devices. Users may not be aware of the best practices, dos and don'ts, and common mistakes related to EMM security, such as using strong passwords, enabling encryption, updating software, avoiding public Wi-Fi, reporting lost or stolen devices, and avoiding suspicious links or attachments. You can create a user-friendly handbook, a FAQ page, a checklist, or a video tutorial to explain the EMM security policies and procedures in simple and understandable terms. You can also use

tags to highlight the specific commands, settings, or steps that users need to follow.
###### Offer training and support
A third step to increase user awareness of EMM security policies and procedures is to offer training and support to users. Users may have questions, doubts, or difficulties in complying with EMM security policies and procedures, especially if they are new to EMM or if the policies and procedures change over time. You can provide regular training sessions, webinars, workshops, or quizzes to educate users on the EMM security policies and procedures, and to test their knowledge and skills. You can also provide a dedicated helpdesk, a chatbot, a forum, or a feedback system to assist users with any issues, concerns, or suggestions related to EMM security.
###### Monitor and reward compliance
A fourth step to increase user awareness of EMM security policies and procedures is to monitor and reward compliance. Users may need incentives, feedback, or recognition to adhere to EMM security policies and procedures, and to improve their EMM security behavior. You can use tools, metrics, or reports to track and measure user compliance with EMM security policies and procedures, and to identify any gaps, risks, or violations. You can also use gamification, badges, certificates, or rewards to motivate, encourage, or acknowledge users who follow EMM security policies and procedures, and to create a positive EMM security culture.
###### Involve and empower users
A fifth step to increase user awareness of EMM security policies and procedures is to involve and empower users. Users may feel more engaged, committed, and responsible for EMM security if they have a voice, a choice, or a role in the EMM security process. You can solicit user input, feedback, or suggestions on the EMM security policies and procedures, and incorporate them into the decision-making or improvement process. You can also assign user roles, responsibilities, or champions to promote, advocate, or mentor EMM security among their peers or teams. You can also create a user community, a newsletter, or a blog to share EMM security tips, news, or stories.
###### Update and communicate regularly
A sixth step to increase user awareness of EMM security policies and procedures is to update and communicate regularly. Users may lose interest, confidence, or trust in EMM security if the EMM security policies and procedures are outdated, inconsistent, or unclear. You can review, revise, or refresh the EMM security policies and procedures periodically, and ensure that they are aligned with the latest trends, threats, or standards. You can also communicate any changes, updates, or reminders to users via email, SMS, push notifications, or pop-ups, and ensure that they are aware of the current EMM security policies and procedures.
######Here’s what else to consider
This is a space to share examples, stories, or insights that don’t fit into any of the previous sections. What else would you like to add?

Add your perspective

Serhat Ömer Rencber, Ph.D.

#Software #appsec, #devsecops, #cybersecurity, #threatmodeling, and #securitybydesign
Report contribution
To enhance EMM security awareness, create a user-friendly handbook detailing best practices, dos and don'ts, and common mistakes. Include topics like using strong passwords, enabling encryption, updating software, avoiding public Wi-Fi, and the importance of reporting lost or stolen devices. Also, caution against clicking suspicious links or attachments. Supplement this with a FAQ page addressing common queries. Checklists can guide users through essential security steps. Consider making engaging video tutorials for clearer understanding. Regularly updating these resources ensures they remain relevant and effective in communicating EMM security policies and procedures to users.

Like
Benjamin Corll

CISO in Residence | Advisor
Report contribution
Having clear guidelines can be tricky. You need guidelines for corporate owned devices versus BYOD. I can dictate more what a corporate owned device with do's & don'ts. When it comes to a personally owned device, I have much less control (and rightfully so). Requiring a pin/passcode on a device is an easy example of what I can set as a requirement or expectation for both types of devices. Setting expectations and having documentation goes a long way as there are less assumptions. And have the documents written as clear and concise as possible. People aren't going to read pages to understand what's expected of them. Keep it short & simple.

Like
Carina Santos

IAM | Gestão de Identidade e Acessos | Identity And Access Management | Segurança da Informação | Cybersecurity | Governance | Governança
Report contribution
Diretrizes são bússolas que podem e devem direcionar os usuários na utilização consciente dos seus dispositivos corporativos. Esse é um tema que precisa ser rotineiro nas organizações, como também ter um time responsável para tirar dúvidas sobre a melhor prática de utilização de um dispositivo. Por fim, precisamos deixar todas as diretivas de maneira transparente e acessíveis aos colaboradores para facilitar sua consulta e assim realizar o uso correto.

Translated

Like

How can you increase mobile device user awareness of EMM security policies and procedures?

1

2

1 Explain the benefits

2 Provide clear guidelines

Information Security

Rate this article

Thanks for your feedback

More articles on Information Security

More relevant reading

How can you increase mobile device user awareness of EMM security policies and procedures?

1

2

1 Explain the benefits

2 Provide clear guidelines

Information Security

Rate this article

Thanks for your feedback

Explore Other Skills