In a prior post, I covered how the Cloud Access Security Broker (CASB) market is eating the Identity as a Service (IDaaS) market. Interestingly, many enterprises are also treating CASB platforms as a replacement or alternative to Mobile Device Management (MDM)/Enterprise Mobility Management (EMM) solutions. Huh? What does a cloud security tool have to do with mobility?
As it turns out, everything. If you're not protecting cloud data downloaded or synchronized to mobile devices, you're not really protecting the cloud at all. As a result, leading CASB vendors have built an array of mobile data protection functions that operate without an MDM, and even better, without agents or software on the endpoint device. This entry of an unexpected competitor comes at an interesting time for MDM vendors.
Enterprises are adopting public cloud applications at an unprecedented rate, with email/productivity suites like Office 365 and G Suite leading the way. Cloud apps rely primarily on either third party apps from an app store, or on built-in applications like a mail or calendar app. Unfortunately, MDM products have almost no ability to protect data with these types of applications, rendering app wrapping and containerization frameworks on which MDM vendors are betting their futures worthless.
With the move to the cloud also comes a greater prevalence of BYOD. MDM is a tool best suited to managed/corporate-owned devices, and has always been, at-best, a force fit for BYOD. Deployment and privacy challenges have lead end users to despise these technologies. See for yourself below.
Would you buy a product with 1.5-3 stars on Amazon?
Whether you're embarking on a cloud security project, or reevaluating your approach to secure mobility, it is time to consider a CASB. They do everything that most organizations do with an MDM, but without the deployment and privacy challenges associated with managing BYOD devices. A CASB can also help you control the flow of data to the device, via DLP and a range of remediation actions, going significantly beyond MDM capabilities to mitigate risk.
In short, CASBs offer mobile security without MDM headaches.