While the proliferation of the BYOD trend has been bonus for businesses in terms of cost savings to productivity gains. But for IT departments, security and compliance is a headache as they scramble to catch with the mobility requirements of workforce. Here are some of the key metrics which can help your organization to monitor the use of enterprise mobility management.
# Unmanaged devices in the enterprise network:
This is the total number of un-managed devices being used in the enterprise. Un-managed devices pose security risk to any organization; hence, this number should be as minimum as possible
# Average number of hours an authorized device is found on network:
This is the total duration an unauthorized device appeared which may hide themselves through different approach which can be through personal firewalls or having their service disabled.
#Number of OWASP Mobile Top 10 Risks Identified and Fixed:
By evaluating mobile apps for flaws and vulnerabilities in 10 distinct categories, security teams can work on mitigation plan to reduce these flaws in each risk categories.
# Risk/Vulnerability Score:
This is risk score which can be derived using factors like number of unauthorized devices, average hours an unauthorized device is found on network and the device threat or unauthorized app is accessed. The reporting should assign a total risk score, summarize discovered vulnerabilities, and provide suggestions on how to resolve threats.
# Shadow IT apps used by employees on mobile devices:
This metric identifies the number of unauthorized apps used on employee’s enterprise mobile devices. It should give detailed reporting like determine the most frequently blacklisted or whitelisted apps, view the number of devices and the applications the users have.
It should stack your security risk score with the competitor and identify gaps across deployment, devices, and apps. It should also give tips to better organization’s approach to mobile productivity and security.
# Policy violations per month:
This is the total number of policy violations per month. This metric indicates the possible false positives/false negatives and help in policy fine-tuning.
# Mean time it takes to provision and deprovisioning mobile devices in an enterprise network:
This metric refers to the mean time it takes to provision/deprovisioning any mobile devices in the network. EMM solution with centralized management and control this time should be usually in minutes.
Do let me know if you want us to add or modify any of the listed metrics. Check out the Enterprise Mobility Management market within FireCompass to get more information on these markets.