Making Sense of the Growing MDM Marketplace
Mobile device management solutions will soon be all the rage. Why? Because a lot IT security folks are flying blind.
The mobile device management (MDM) market is growing rapidly. Forrester Research recently revised its prediction of the size of the market in 2015 from $3.9 billion to $6.6 billion. That's a big revision.
A large part of that increase, the research firm said, will be driven by a shift from a focus on managing mobile devices and their security to building mobile app stores and managing the growing pool of apps and data on a growing range of smartphones and tablets.
Additionally, Gartner research vice president Phillip Redman said the need for MDM in the enterprise is being driven strongly by the current trend toward corporate bring-your-own-device (BYOD) policies.
“When everything was BlackBerry … you didn’t really need a broad general mobile device management platform,” he said. “But since iOS is certainly the fastest growing platform in the enterprise today, and will be followed very quickly in the next couple of years with Android devices, it’s the variety of different OSes that need to be supported in the enterprise that’s really driving the need for MDM.”
And most employees, Redman said, understand that there’s going to be an inevitable tradeoff between being able to choose their own mobile device and giving their company access to the data on that device.
“You can’t treat every device and every piece of data the same way and, so, to segment that data based upon different levels of security; to segment the users based upon the different levels of security they may need; and then to make sure that you have the right practices in place for each of those different segments -- that’s what an MDM platform can allow you to do,” he said.
Sifting the vendors
In choosing among the intimidatingly wide range of MDM offerings currently available, Redman said the first step is to clarify what your requirements are not just now but in the future, as well.
“Define what your priority is as far as which MDM components are most important for you. Today, a lot of it may be based on security, but as more and more corporate and non-corporate applications are being driven on these devices, software management and inventory management are going to become very, very important,” he said. “So think about not just today, but a 24-to-36-month timeframe.”
IDC Senior Analyst Stacy Crook said the key features to look for in an MDM solution can add up to quite a long list.
“You have to be able to do configuration, provisioning, inventory management, remote wipe and lock … and you want to look for a provider that does allow you to have different policies for an employee-liable device versus a corporate device,” she said. “You also want to look for a provider that offers application management, where you have more of a granular ability to say, ‘This universe of devices gets access to these kinds of applications, and this universe of devices gets access to these kind of applications.’
“It’s also a good idea to look for a provider that integrates with your back-end directory system … so you can give people different access to different applications and do application management through a system that you already have deployed … and, depending on the kind of company you are, you may have a need for some cost control capabilities, monitoring capabilities,” Crook continued. “I would also say that companies increasingly think about authentication and identity and access management … and I would look for an MDM provider that talks to you about compliance management.”
What’s more is you have to take ultimate responsibility for making the key decisions regarding MDM. Tempting as it might be to do so, you can’t just leave it all up to the vendor. You might choose to allow a certain set of applications on employee-owned devices, but a more limited set of apps on corporate-owned devices. Similarly, you could choose to disable the camera on corporate-owned devices but allow it on employee-owned devices -- or just decide to block use of the camera on all devices.
And like Redman, Crook said BYOD policies come with responsibilities attached. “Corporate-liable programs typically are not available to every employee in an organization; it’s just not cost-effective. So this allows the employee to become a mobile worker, but with that privilege, you’re going to have to accept some level of company rule … as an employee, I don’t necessarily want my employer to be able to go onto my iPhone and see everything I have stored there, but that just may be the sacrifice that I have to give up if I want to be able to use it."
Changing roles, responsibilities
Ojas Rege, vice president of products and marketing at MDM provider MobileIron, said the larger point is the relationship between IT and end users is becoming much more complex than it used to be.