09:47 AM
Connect Directly

Mobile Device Management: What's Still Missing

MDM can help extend IT management all the way to the new edge of the enterprise network. But it's only one part of the solution really needed to maximize enterprise mobility.

After re-reading my last column on Mobile Device Management (MDM), it occurred to me that any discussion of this clearly vital topic in enterprise IT is incomplete without a little more context. MDM most certainly is not dead, but it is ill-defined, amorphous, and incomplete with respect to the totality of a solution required by a successful mobile enterprise today.

What's missing? Well, as I noted, MDM itself is whatever a given vendor in the field is shipping these days. Device wipe? Sure, but in a world of personal liability (a/k/a BYOD), it sure would be nice to avoid deleting those pictures of the kids and someone's music collection in the process. And while we can argue that security is an obvious goal here, without real-end-to-end tracking of sensitive data, what's to prevent someone from simply making a backup copy onto an insecure device?

And what about implementation strategy? Is mobile device management something one operates in one's data center, a service one buys from a carrier or operator, a service provided by a third party on a device/network-independent basis, or perhaps an open-systems mix-and-match solution based on standards that--oh, wait, we really don't have standards here yet. My mistake.

[ Learn more about MDM. Read Top 5 MDM Must-Do Items. ]

It gets worse--let's consider the other pieces required for something resembling a complete enterprise mobility solution:

Policy--First, you do have a Mobility Policy in place, right? This is a statement of what IT operations can be performed while out of an enterprise facility, and how these operations can be performed. What networks are allowed? What apps can be used (or not, as in blacklist)? Is BYOD allowed? And, of course, all of this must be in concert with an enterprise's overall Security Policy. And you do have one of those, right?

Expense--It doesn't matter if you supply handsets (corporate liability) or, as is increasingly the case, embrace Bring Your Own Device, some tracking of how money is being spent on network access is vital. It's important that this be as close to real-time as possible in order to spot negative trends before they become a big hit to the bottom line. And policy enforcement via software would also be nice--there's no point in racking up cellular minutes when, for example, a lower-cost Wi-Fi option is available.

Applications--I'm still not convinced that commercial apps of any form have much of a place in enterprise mobility. There's too much risk for malware, increased support costs, and simple distractions at work here. And I believe that the future of enterprise mobility is in Web and cloud services, not apps that are platform-specific and expensive to develop and maintain. We'll debate this for some time, I'm sure, but if you're going to allow apps, some form of management here is also vital.

And that's just for starters. I've proposed the term Mobile Operations Management (MOM) as the all-inclusive catch-phrase for describing all of the elements required for a successful enterprise mobility implementation--successful being defined as secure, cost-effective, appropriate, visible, enabling, and manageable. But no matter what we call all of this, enterprises everywhere need to think about strategy, and not just assume that an MDM solution (again, whatever that is) is all that's required.

Management is going to remain one of the key themes in mobility for 2012, and certainly for some time after that. With the edge of the enterprise network now anywhere an authorized mobile user and device might be, the opportunities for trouble are greater than they've ever been. But so are the opportunities for reward, and thus, despite the challenges, enterprise mobility management, whatever it might turn out to be, must remain on the front burner at IT shops, both large and small, everywhere.

Craig Mathias is a Principal with Farpoint Group, a wireless and mobile advisory firm based in Ashland, MA. Craig is an internationally recognized expert on wireless communications and mobile computing technologies. He is a well-known industry analyst and frequent speaker at industry conferences and trade shows.

The Enterprise Connect conference program covers the full range of platforms, services, and applications that comprise modern communications and collaboration systems. It happens March 25-29 in Orlando, Fla. Find out more.

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
User Rank: Apprentice
12/13/2011 | 3:04:20 PM
re: Mobile Device Management: What's Still Missing
I think mentioning the policy first is critical. I would add that MDM is still missing the component of user support. Many of our clients (http://www.gill-technologies.c... enjoy the removal of having to support individual user challenges, allowing their IT team to focus on more pressing issues.
Any type of custom reporting that makes the job easier and time effective for those responsible is critical. Additionally adding individual accountability for those corporately paid devices by exposing the user to the actual costs involved, adds a lot of benefits to an organizations management and reduces the expense.
User Rank: Apprentice
11/29/2011 | 2:54:49 AM
re: Mobile Device Management: What's Still Missing
Glad you covered the expense side of mobile management. Many IT shops eliminate expenses from their P & L when companies provide options for employees to opt out of the corporate plan (BYOB), but often times the costs show up in expense reports and the actual cost is significantly higher than when on the corporate plan.

In fact the number one issue I find in my work as a mobility consultant is "no discount" applied to BYOB plans paid for by individuals. It's not well known that most BYOB plans qualify for a discount of up to 24% with no contract changes required. This discount alone would pay for most any MDM software and still show a significant cost savings.It might be wise for IT Shops to engage the eyes of a trained mobility consultant/auditor to help manage the expense side.
User Rank: Apprentice
11/28/2011 | 4:37:04 PM
re: Mobile Device Management: What's Still Missing
There are MDM solutions out there that are paving the way for the rest. MaaS360 for example offers users a selective wipe to avoid losing our favorite music & photographs we are sentimental about. Regarding mobile stategy formation, this platform's simplicity of use eases the process of policy implementation for IT departments that have yet to get too serious on this front. All on one screen, MaaS60 makes it easy to manage apps (whitelist/blacklist/push apps, etc...) and control wireless expenses as well. Take a tour today and see for yourself: http://bit.ly/tourMaaS360
Register for Dark Reading Newsletters
Partner Perspectives
What's This?
In a digital world inundated with advanced security threats, Intel Security seeks to transform how we live and work to keep our information secure. Through hardware and software development, Intel Security delivers robust solutions that integrate security into every layer of every digital device. In combining the security expertise of McAfee with the innovation, performance, and trust of Intel, this vision becomes a reality.

As we rely on technology to enhance our everyday and business life, we must too consider the security of the intellectual property and confidential data that is housed on these devices. As we increase the number of devices we use, we increase the number of gateways and opportunity for security threats. Intel Security takes the “security connected” approach to ensure that every device is secure, and that all security solutions are seamlessly integrated.
Featured Writers
White Papers
Current Issue
Dark Reading's October Tech Digest
Fast data analysis can stymie attacks and strengthen enterprise security. Does your team have the data smarts?
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
Published: 2014-10-23
Untrusted search path vulnerability in Hamster Free ZIP Archiver allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the current working directory.

Published: 2014-10-23
Open redirect vulnerability in the header function in adclick.php in OpenX 2.8.10 and earlier allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the (1) dest parameter to adclick.php or (2) _maxdest parameter to ck.php.

Published: 2014-10-23
Cross-site request forgery (CSRF) vulnerability in Shenzhen Tenda Technology Tenda A32 Router with firmware 5.07.53_CN allows remote attackers to hijack the authentication of administrators for requests that reboot the device via a request to goform/SysToolReboot.

Published: 2014-10-23
Open redirect vulnerability in the Click-Through feature in Newtelligence dasBlog 2.1 (2.1.8102.813), 2.2 (2.2.8279.16125), and 2.3 (2.3.9074.18820) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the url parameter to ct.ashx.

Published: 2014-10-23
Multiple cross-site scripting (XSS) vulnerabilities in OpenMRS 2.1 Standalone Edition allow remote attackers to inject arbitrary web script or HTML via the (1) givenName, (2) familyName, (3) address1, or (4) address2 parameter to registrationapp/registerPatient.page; the (5) comment parameter to all...

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Follow Dark Reading editors into the field as they talk with noted experts from the security world.