Lately, I have been asked about my thoughts around Mobile Device Management and whether or not I thought it was a valid and valuable solution in the enterprise or whether it was a passé — essentially an outdated solution. My answer? Well it’s not that cut and dried, it’s not that simple.
I have heard the arguments about how MDM is dead, that Mobile Application Management is the wave of the future and I agree with that. What I don’t agree with is when bloggers, analysts, etc. deal in absolutes. I’m not just a blogger — I also consult and deal with enterprises daily and I can assure you that, as of right now, MDM is not dead. But, it’s also not a smashing success at any organization.
Let’s face it, MDM is an outdated approach that is still trying to control the device, lock it down, dictate usage, and so on. In today’s world as soon as you tell the user that you want them to enroll their device in order to get access to corporate resources at the expense of IT-managed device and remote wiping capabilities, will find that user opting out immediately.
We live in a world where the consumer is king. Long gone are the days of IT command and control. Today, the focus should be on governing the device, and not even all of the device but just the corporate assets that reside on that device.
So MDM isn’t dead exactly. We’re in a transition period. IT has not fully accepted the fact that they have lost the battle. Many of them will nod their heads and say we get it, but in practice they are still the same IT shop of 10 years ago.
There still is a legitimate need for MDM. I was at a client that wants to continue to issue phones and now wants to issue tablets to users. The client wants to own the devices so they can continue to manage it. This particular client has convinced its management to continue to make that investment. MDM is very valid in this situation.
Yet, in most cases with most of my customers, MDM was a purchase that either was never implemented or was implemented with such basic features that it might as well not have been.
In 2013, many organizations will finally get around to implementing MDM, and what we’ll see is a surge in MDM deployments with very loose security and enrollment requirements. This will satisfy many of the security officers’ need for DLP security enforcement and will be a good bridge into MAM as that technology continues to mature.
I predict in the 2014-2015 time frame that MAM will quickly replace MDM as IT finally comes to terms with the fact that its efforts to regain control have proven fruitless and also as users also come to terms that in order to consume corporate resources and get convenient access anytime, anywhere on any device, some level of governance is necessary.
And that’s where governance of enterprise mobile applications and data will come into play. Instead of launching an SSL VPN for the entire phone, let’s launch an SSL VPN for that particular application. Rather than remotely wipe the device, we selectively wipe corporate resources. And so on.
If you are watching the MxM space closely, you will find that consolidation is inevitable but also that many of the MDM vendors have seen the writing on the wall and are starting to venture into the realm of MAM as a natural evolution of their products.
Will MDM ever die? Well, no technology ever completely dies, maybe it’ll just become less mainstream. There is always a use case for technologies like MDM, especially in high-security environments like government, pharmaceuticals and others. What we’ll see is a natural evolution to Mobile Application Management, which is a lot more consumer friendly, less intrusive, and just as secure and manageable.
Posted by Elias Khnaser on 01/16/2013 at 5:33 PM