Why You Need Both IAM and MDM in Today's WFA World

While the work from anywhere (WFA) movement has taken on new significance over the past year, the trend has been gaining momentum for quite some time. As the distributed enterprise, the use of personal devices and the expectation of remote access to resources have become the norm, the workplace is no longer confined to a physical location. This is dramatically changing the world of work for both the enterprise and employees.

Business applications like Slack, Zoom and Salesforce are enabling greater workforce mobility, making it easier than ever for your employees to be productive from anywhere—whether they’re working from home, on the road or from an Airbnb rental. At the same time, though, this newfound freedom presents unique challenges when it comes to keeping those same employees safe and ensuring data and resources remain secure. 

As the once-trusty perimeter crumbled, identity and access management (IAM) emerged as the backbone of a strong security posture. Identity provides the sturdy yet flexible infrastructure needed to secure the modern distributed enterprise, providing capabilities like single sign-on (SSO) and multi-factor authentication (MFA). But to support and secure an increasingly free-range workforce, IAM must expand and extend to your employees’ personal devices. This can be achieved through integration of IAM with mobile device management (MDM) platforms.

Mobile device management helps enterprise IT administrators monitor, secure and enforce policies on mobile devices including smartphones, tablets and laptops. Serving a similar function to PC configuration lifecycle management tools, MDM gives organizations the ability to enforce corporate policies while integrating and managing mobile devices. By tightly integrating MDM with multi-factor authentication (MFA), you’re able to further strengthen security without adding friction to the user experience.

Multi-factor authentication is the de facto standard for providing secure and seamless access. Adaptive MFA gives you even more flexibility and control by letting you leverage contextual data to assess the risk of the action or request. By allowing you to step up authentication requirements only when the risk warrants it, adaptive MFA strengthens security without adding friction.

When you combine adaptive MFA with MDM, you can also leverage device posturing. By providing continuous monitoring of device properties, device posturing provides additional context to determine authentication requirements. This additional context about the device being used can help you better assess the risks and as a result make safer authentication decisions  and ensure only managed devices gain access to corporate data within cloud applications.

To support your mobile use cases, we’re excited to announce that we recently integrated Jamf with PingFederate, Ping’s enterprise federation server and authentication authority. Jamf, the standard in Apple enterprise management, helps enterprises connect, manage and protect Apple products, apps and corporate resources in the cloud and without ever touching a device. 

By allowing PingFederate to retrieve the security posture from mobile devices or computers managed by Jamf Pro, this integration helps enterprises: 

• Make better, safer policy decisions
• Strengthen security through device posturing
• Improve productivity by ensuring the right users can quickly access the right resources
• Eliminate friction for the user when trying to quickly access resources
• Increase flexibility to support a dynamic workforce
• Enable simpler, faster workflows by initiating identity verification as part of user registration or sign-on

It’s safe to assume the work from anywhere movement is here to stay. By integrating IAM with mobile device management, you can cover your bases and provide your workforce with the seamless access they need to maintain productivity without sacrificing security.

To learn about all of Ping’s MDM integrations, visit these links:

• Jamf Pro
• Microsoft InTune
• MobileIron
• AirWatch