Pass Code Complexity
The user may be required to configuring a PIN lock on their device during the on-boarding process if the device is not already configured with one. When this occurs, the user will need to launch the client app and send data. This is explained in more detail in Device Compliance/Restrictions. The MDM administrator can chose the minimum password length and complexity. The natural tendency is to require very strong passwords, however there may be unintended consequences. The PIN lock will need to be entered any time the employee wants to use their phone. While texting and driving is illegal in many locations, the PIN lock is also required to make phone calls. If the user is required to navigate through several keyboards to enter the PIN lock, the administrator may be creating an environment of risk taking. There may be legal implications outside the scope of this document that should be considered. The more likely scenario is that the user will opt-out of the BYOD network for their personal devices. Devices not managed could have no PIN lock at all and yet still contain corporate data that the employee improperly put on the device. A practical approach is to require a simple four digit PIN on personal mobile phones. Corporate tablets can still be profiled with complex passcodes including special characters. This provides a balanced approach and will not discourage participation. Four digit PINs or the last four digits of a SSN a used fairly often to provide some level of security.
Figure 23 Passcode Requirement
Enterprise Application Store
Fiberlink MaaS360 server allows corporations to create their own App Catalog. Fiberlink MaaS360 allows the following:
•Develop a catalog of recommended mobile apps on iOS and Android devices based on roles/groups..
30Integrating Fiberlink MaaS360 with Cisco Identity Services Engine