In today’s digitally driven enterprise environment, the importance of efficient mobile device management extends beyond procurement and usage management. It delves deep into the post-use phase, where the handling of devices becomes equally pivotal, especially as pertains to security concerns.
No one wants potentially sensitive data in the hands of unscrupulous folks who may try to use that data toward malicious ends. Every device that has reached its end-of-life stage is not just a piece of hardware but a reservoir of sensitive data that needs proper decommissioning. It’s important for organizations to not let their guard down in this final stage of mobile device management, which is a common misstep.
This article delves into the crucial steps that enterprises should take as part of their mobile device logistics at the end of a device’s lifecycle, emphasizing the importance of collection, data wiping, and storage.
It could save your organization the pain of having security compromised and incurring unnecessary financial burdens associated with poor device collection practices (e.g., legal exposure or added work cycles).
1. Mobile device collection
Mobile devices need to be collected from the relevant users within the organization so they can be retired responsibly before being replaced with a new device. Different organizations will go about this in their own ways but it’s most important that they have a process that works and that they act on it.
This is important for various reasons that we will get into in more detail, but many 3rd party TEM/MMS providers such as Tellennium will offer this service given its importance in reducing potential security issues. (Related: MMS vs. TEM. What’s the Difference?)
It’s also best to retire all devices responsibly as per industry regulations/standards to avoid any non-compliance issues that may involve outside authorities such as the FCC or other regulatory bodies.
2. Mobile device data wiping
Everyone rightly prioritizes security concerns as a number one priority in decommissioning mobile devices. As noted, it’s critical to protect sensitive data to keep it out of the hands of outside bad actors with devious intentions.
So, if you are partnering with a third-party TEM/MMS provider, they will take great pains to ensure that all data is wiped to remove any/all data deemed personal to protect data privacy. All sensitive corporate data that does not belong in front of anyone else’s eyes will also be wiped and secured with the best security practices.
This will usually involve corporate applications as well; anything that should not be for outside consumption will be addressed to prevent security breaches and respect privacy concerns.
Some organizations do this internally themselves. If this is your organization, all the responsibilities will be yours, so you will want to remain vigilant that you are up on all current best practices in this regard.
3. Mobile device storage
Lastly, a plan for safe storage should be put in place until the mobile devices can progress to their final resting place with the enterprise mobility gods. Some organizations will have plans to work with outside companies for recycling or safe disposal. Others may plan to refurbish devices and redistribute them outside of the organization for various reasons (e.g., charity).
Whatever the ultimate destination, third-party TEM/MMS providers will have a plan to securely store all the end-of-life mobile devices safely until they are moved to their next destination.
Now that we’ve covered the overview for these mobile device logistic areas, let’s give a few examples of problems to be cognizant of in these closely related areas.
It will help to make clear that even activities as seemingly mundane as these are truly important to “get right,” even at the tail end of the mobility lifecycle when it’s easy to let one’s mobility management guard down so to speak.
5 Reasons Why Data Collection, Wiping, and Storage Are Important To Get Right
1. Data wiping must be performed properly by knowledgeable technical staff to avoid data remnants
It’s not just about doing this. It’s about doing this right because there could potentially be a great deal on the line if not performed improperly (e.g., data privacy issues, organizational security issues).
The common term used is “data remnants” and this refers to incomplete data wiping. This type of problem could occur if performed by less knowledgeable folks outside of a process i.e., a new employee that is a little green and/or careless.
When this task is performed by a competent third party, the chances of this occurring are reduced; personnel are skilled in this area and adhere to process best practices.
Just be mindful that this is a possibility if you are overseeing management in this area.
2. Data wiping activities may not be properly documented by less experienced staff
This is an area where a third-party provider will add value as it is in the business of storing data, tracking, and documenting all things relating to process best practices. However, even the experts can have challenges, so they too need to be vigilant here.
It’s not only important to perform data wiping properly but also to document all related activities. Organizations that do not have proper documentation in this area will run into audit compliance issues besides the potential exposure resulting from shoddy performance in this area. Which devices were wiped? Which experienced issues?
If you are partnering with a TEM/MMS provider, keep tight communications with them in this regard. If you are performing these activities fully in-house, be extra vigilant with employees to ensure they do their best to document these activities thoroughly and accurately.
3. Device collection may only be partially completed
Many organizations or enterprises are decentralized with dispersed personnel all over the country or even the world. This, of course, can be problematic. The geographical challenge alone can present problems in terms of mobile devices potentially being lost or delayed in transit.
Or some users may willfully or forgetfully fail to act in accordance with organizational policies for proper device collection. In either of these events, the organization is put at risk for security breaches and/or data privacy issues.
If you enlist the help of a reputable third-party provider, your risks will be mitigated to some degree because of their competency and experience in this area.
However, they can even experience problems or difficulties. These are common problematic areas so keep close to them to ensure any potential exposure issues are dealt with expediently.
4. Different mobile devices can present various data-wiping challenges
Large enterprises with multiple types of users in differing roles will utilize different devices. This can create all types of technical challenges relative to wiping the data for all the different devices.
For example, besides different devices, there may be different operating systems and/or differing versions, all of which can pose challenges to the successful wiping of data for staff tasked with this support area.
Again, as noted, a TEM/MMS partner will be more suited to successfully mitigate these challenges for your team, but they too can still experience difficulties. If so, they will advise on any remediation activities.
5. Mobile device storage areas may be improperly secured
Oftentimes, we forget the obvious. Because older devices don’t garner much appeal, it’s easy to think of them as trash even though they are not that, even if on the way out.
If the devices stored have not all been properly wiped or are in the process of collection to be wiped, this naturally could pose a security risk if the devices are compromised. So, organizations need to remain vigilant about security concerns, even at the end of the mobility lifecycle.
Closing Thoughts on Mobile Device Collection, Wiping, and Storage
In the world of TEM, MMS, and utilities expense management, we tend to focus on higher profile areas that get more attention such as audit and optimization savings or technology platform capabilities, etc.
But it all adds up and it’s all important in the end – even mobile device logistical areas like these. Hopefully, you will leave this article with a little more knowledge of some of these other legitimate areas of concern that get less attention.
Nonetheless, they are important as well even if they reside at the closing end of the mobility lifecycle.
If you’d like to consider Tellennium in your TEM vendor comparisons, contact us to schedule a brief demo of our solution.
Explore More Articles
Mobile Device Logistics Part 4
Preventing Mobile Breakdowns: The Importance of Hot Spare Programs for Large Enterprises
We are not talking about tire replacements for a NASCAR race, although it’s certainly the case that hot spare mobile devices may be used in that environment as well. A hot spare replacement program is a mobile device backup process to ensure a replacement device is ready if a user’s mobile phone fails for whatever
Our prior mobile device logistics articles discussed the importance of staging and kitting and how asset tagging helps enterprises with key mobile device logistical activities. In this article, we will review important ways that device deployment support is also a significant aspect of mobile device logistics and serve to strengthen your managed mobility services program
Mobile Device Logistics Part 2
4 Ways That Mobile Device Asset Tagging Helps Enterprises Strengthen Lifecycle Management & Save Money
Our initial article on mobile device logistics covered how mobile device staging and kitting can help add value to your expense management organization. In this article, we will address how the mobile device asset tagging process also adds value to your mobile device logistics management focus and, ultimately, to overall managed mobility services program management.