Security "Bits"

Is Mobile Application Management Dead On Arrival?

By Rich Campagna | September 26, 2013 at 8:00 AM
Is Mobile Application Management DOA?

For those of you that follow the latest trends in BYOD Security and Mobility, you probably already know that Mobile Device Management (MDM) is sooooo last year, with vendors (and their customers) rushing to supplant MDM with the latest approach to solving all of your mobility woes, Mobile Application Management (MAM).  A question I have been pondering recently is whether MAM is dead before it really starts to take hold in the market?  

MDM was never a solid solution for either employees, or for IT, in BYOD environments.  For employees, the fact that the IT department was taking control over their personal device, and potentially reserving the right to monitor the device, control their usage, and even remotely wipe the device if the employee left the company was a huge concern.  There have even been recent lawsuits over employers infringing on employee privacy and for destroying personal data through the use of MDM.  At the same time, it was never IT’s intent to take control over the user’s devices and personal data.  IT was simply chartered with securing the organization’s data, and so they used the most obvious technology available to them - MDM, which provides device management, but does very little in terms of mobile device security. 

As users and IT professionals got more savvy about the drawbacks of MDM, the industry responded with MAM, which is meant to more cleanly solve the work/personal separation issues inherent in MDM architectures.  MAM, if you’re not familiar, uses various techniques (depending on vendor) to “wrap” or “containerize” enterprise applications, separating them from personal applications.  This approach allows organizations to encrypt, secure, even wipe enterprise data without touching the user’s personal data.  

The problem is, MAM significantly damages the seamless blending of work and personal that employees have come to love with their mobile devices.  One of the most prevalent examples is the fact that MAM typically requires an additional, add-on secure email client, secure browser, and secure file sharing application.  No longer can employees use the native, tightly integrated applications provided with by the mobile OS vendor or by their favorite third party app vendor.  

Recent changes in the Mobile OSs and the enterprise app development landscape are rendering these MAM approaches less and less important, particularly in light of the inherent user experience tradeoffs.  With iOS 7, Apple is embedding a “per app VPN” into iOS.  This is in addition to the already present AES-256 encryption and application sandboxing.  This follows other vendors, such as Samsung, who have started building more and more of these capabilities into their Android platforms.

The Bitglass solution offers secure BYOD - protecting corporate data, without forcing employees to tradeoff their productivity or their freedom.  Learn more in our datasheet.

Download the Datasheet 


see all