informa
/
Risk
Commentary

Mobile Device Management: What's Still Missing

MDM can help extend IT management all the way to the new edge of the enterprise network. But it's only one part of the solution really needed to maximize enterprise mobility.
After re-reading my last column on Mobile Device Management (MDM), it occurred to me that any discussion of this clearly vital topic in enterprise IT is incomplete without a little more context. MDM most certainly is not dead, but it is ill-defined, amorphous, and incomplete with respect to the totality of a solution required by a successful mobile enterprise today.

What's missing? Well, as I noted, MDM itself is whatever a given vendor in the field is shipping these days. Device wipe? Sure, but in a world of personal liability (a/k/a BYOD), it sure would be nice to avoid deleting those pictures of the kids and someone's music collection in the process. And while we can argue that security is an obvious goal here, without real-end-to-end tracking of sensitive data, what's to prevent someone from simply making a backup copy onto an insecure device?

And what about implementation strategy? Is mobile device management something one operates in one's data center, a service one buys from a carrier or operator, a service provided by a third party on a device/network-independent basis, or perhaps an open-systems mix-and-match solution based on standards that--oh, wait, we really don't have standards here yet. My mistake.

[ Learn more about MDM. Read Top 5 MDM Must-Do Items. ]

It gets worse--let's consider the other pieces required for something resembling a complete enterprise mobility solution:

Policy--First, you do have a Mobility Policy in place, right? This is a statement of what IT operations can be performed while out of an enterprise facility, and how these operations can be performed. What networks are allowed? What apps can be used (or not, as in blacklist)? Is BYOD allowed? And, of course, all of this must be in concert with an enterprise's overall Security Policy. And you do have one of those, right?

Expense--It doesn't matter if you supply handsets (corporate liability) or, as is increasingly the case, embrace Bring Your Own Device, some tracking of how money is being spent on network access is vital. It's important that this be as close to real-time as possible in order to spot negative trends before they become a big hit to the bottom line. And policy enforcement via software would also be nice--there's no point in racking up cellular minutes when, for example, a lower-cost Wi-Fi option is available.

Applications--I'm still not convinced that commercial apps of any form have much of a place in enterprise mobility. There's too much risk for malware, increased support costs, and simple distractions at work here. And I believe that the future of enterprise mobility is in Web and cloud services, not apps that are platform-specific and expensive to develop and maintain. We'll debate this for some time, I'm sure, but if you're going to allow apps, some form of management here is also vital.

And that's just for starters. I've proposed the term Mobile Operations Management (MOM) as the all-inclusive catch-phrase for describing all of the elements required for a successful enterprise mobility implementation--successful being defined as secure, cost-effective, appropriate, visible, enabling, and manageable. But no matter what we call all of this, enterprises everywhere need to think about strategy, and not just assume that an MDM solution (again, whatever that is) is all that's required.

Management is going to remain one of the key themes in mobility for 2012, and certainly for some time after that. With the edge of the enterprise network now anywhere an authorized mobile user and device might be, the opportunities for trouble are greater than they've ever been. But so are the opportunities for reward, and thus, despite the challenges, enterprise mobility management, whatever it might turn out to be, must remain on the front burner at IT shops, both large and small, everywhere.

Craig Mathias is a Principal with Farpoint Group, a wireless and mobile advisory firm based in Ashland, MA. Craig is an internationally recognized expert on wireless communications and mobile computing technologies. He is a well-known industry analyst and frequent speaker at industry conferences and trade shows.

The Enterprise Connect conference program covers the full range of platforms, services, and applications that comprise modern communications and collaboration systems. It happens March 25-29 in Orlando, Fla. Find out more.

Recommended Reading:
Editors' Choice
Kirsten Powell, Senior Manager for Security & Risk Management at Adobe
Joshua Goldfarb, Director of Product Management at F5