1 STRATEGY ANALYTICS INSIGHT October 2012 Yes MAM: How Mobile Device Management Plus Mobile Application Management Protects and Addresses BYOD By Mark Levitt, Analyst/Director at Strategy Analytics BYOD Blues A conversation like this one between an organization s IT help desk and a mobile worker may be heard after each time a cool, new smartphone hits the market and becomes a bring your own device (BYOD) mixed blessing for the organization: What do I need to do to use my new smartphone for work? We can set it up so that only you can use it by entering an ID and an 8-10 digit password. If it is lost or stolen or if you switch organizations, we will remotely lock it or wipe it clean. I m not sure I like the idea of my device and personal stuff being wiped clean. We can create separate personal and work spaces on your device so only work stuff would be wiped. Sounds great. Thanks. A few hours later, the conversation continues: Something is wrong with my new smartphone. When I tried using it during a client meeting, I couldn t process an order. Did you forget your password? No. I couldn t find my work applications. Did you wipe my phone for some reason?
2 No. The only apps on your phone that can access our corporate systems are the and web browser apps. For some business productivity apps, go to your phone s public app store. So that s where all of my regular work apps are waiting for me? Not exactly. Public app stores have business apps like web and audio conferencing. Be careful or you may end up downloading the wrong apps that won t work right or that could infect your smartphone with viruses. Uh, ok. What about the rest of my regular work apps? We actually don t have a quick or easy way to load all of the corporate mobile apps onto your smartphone. If you list all of your work applications, we will look into what mobile apps are available and then sideload each one onto your phone. I use many work applications and was hoping to be using all of them on my smartphone right away. I ll send you the list as soon as possible. This conversation illustrates the roller coaster ride on which mobile workers can find themselves regarding BYOD smartphones and tablets. Eager to start using their new devices as mobile work platforms, workers either turn to IT for help or to third party resources through self-help in the hope of making their devices fully functional in work environments. What workers quickly discover is that their organizations are often not yet equipped to prep new mobile devices in the same way that new laptops are prepped with an image containing all relevant work software and settings. While third party websites may provide helpful information and downloads, they may also pose malware threats. IT often still treats smartphones less like PCs and more like telephones for voice, text and communications despite the fact that the computing capabilities gap between these mobile devices has shrunk. The limited corporate resources and attention paid to prepping mobile devices for work purposes underestimate the powerful potential for running mobile work apps that keep mobile workers connected to the corporate applications and information that they need. This also frustrates workers who want to exploit the form factor, availability, and convenience of mobile devices. Not that smartphones and tablets are being ignored by corporate IT. In fact, organizations around the world are recognizing both the business value and risks of smartphones and tablets. The growing popularity of BYOD programs is being driven by the resulting higher productivity and morale for workers as well as saving costs and boosting reputations for organizations. With more than one hundred million smartphones being purchased by individuals for work use globally in 2012 (Source: Strategy Analytics Mobile Workforce Strategies report, Global Business Smartphone User & Sales Forecasts, by Employee Segment, January 2012), organizations are taking steps to balance the benefits of workers choosing and paying for their own mobile devices with the risks of hundreds of different mobile devices
3 designed mainly with consumers in mind being used to access corporate systems and data across various wireless networks. In terms of corporate investment priorities, mobile devices and security solutions continue to see spending increases (see Figure 1). Figure 1. Please indicate whether IT spending at your organization will increase, decrease or stay the same this year compared to last year Source: Strategy Analytics 2012 Global Enterprise Survey of 1750 SMBs and large enterprises Mobile Device Management Protects Against Unauthorized Device Use Mobile device management (MDM) software and services provide an important layer of management and security protection. Six out of ten organizations use MDM to protect devices from unauthorized users (Source: Strategy Analytics 2012 Global Enterprise Survey). Here are the basic elements of MDM that organizations should expect: Enforce password protection to a sufficient degree of password complexity based on length and character types Lock the device if it is lost or stolen to prevent further access Wipe the data off the device if it is lost or stolen with prior consent/agreement from the user Encrypt the data located in memory on the device Restrict applications from being loaded and run on the device that could infect it with malware Restrict Internet or specific domain access that could infect it with malware or expose work data to a high risk of theft
4 Other management capabilities do exist that focus on mobile devices. For example, mobile device analytics track battery life, network connectivity, and performance to identify current or potential issues that could be addressed. This capability could evolve into a standard element of MDM over time. MDM s focus on the mobile devices themselves means that the management and security protection that it provides is limited to the individual devices and their life spans. When device owners add second or third mobile devices or replace their devices as they tend to do every 1 to 1.5 years, IT needs to register each new device with the MDM system. Mobile Application Management Adds Protection and Addresses BYOD In addition to enhancing security, mobility management is evolving to address the application needs of mobile users. Mobile application management (MAM) focuses on the application layer, including confidential corporate and customer information and an organization s core IP. When mobile apps are needed to access corporate data in the interests of worker productivity, MAM addresses the needs of workers and their organizations for application protection and provisioning which complement the device protection of MDM. Here are the basic elements of MAM that organizations should expect: Enforce application level security for all business apps including user authentication and data encryption Permit (whitelist) or block (blacklist) application loading based on the mobile user s department, role and other considerations Provide one place, an enterprise app store, for storing all mobile apps from internal and external developers that can be tested and certified as safe and functioning properly Distribute mobile apps in an automatic and managed manner to mobile devices based on policies that consider user roles and departments to ensure that mobile workers have the right set of work apps, with apps not even appearing to non-authorized users Update mobile apps automatically so that mobile workers always have the latest versions reflecting software patches and new features Track mobile app downloads and usage for licensing and compliance reporting and planning purposes
5 As MAM evolves, look for additional application management features that go beyond these base elements. For example, geofencing can limit access to specific apps or data based on the user s device GPS location at a particular time to minimize the risk of data loss due to higher risk networks such as unsecured public WiFi or work locations such as events attended by competitors who may see the information. Another example is containerization or sandboxing of work apps and data in separate workspaces from personal stuff on the same mobile devices which was mentioned in the mobile worker/it help desk conversation above. This capability sits between MDM and MAM in that it balances the interests of device owners to use both personal and work apps and content and that of organizations to wipe only work related apps and data when necessary. In the conversation, we also heard about the challenges and delays that mobile users can face when trying to get mobile work apps onto their smartphones and tablets. This happens when organizations focus only on protecting against the risks that mobile devices pose. In contrast, the use of MAM provides the ability to focus on addressing the needs of workers and their organizations using BYOD and corporate devices to be productive quickly and easily with a full set of mobile work apps. Enterprise App Stores Eight out of ten organizations send workers to public app stores for commercial business mobile apps. Three out of ten organizations use enterprise app stores or automated push to distribute work apps to mobile devices (Source: Strategy Analytics 2012 Global Enterprise Survey). The practice of sending workers to search for work apps on consumer-oriented public app stores like Google Play and the Apple App Store is not ideal. It is a poor use of mobile worker time and can result in frustration, as well as malware threats. For custom and other mobile apps that aren t readily available on public app stores, three out of ten organizations use manual processes to load apps onto mobile devices. Organizations looking for a better solution are discovering the value of MAM and enterprise app stores (see Figure 2).
6 Figure 2. How do you manage the distribution of mobile applications at your organization? (multiple responses accepted) Source: Strategy Analytics 2012 Global Enterprise Survey of 1750 SMBs and large enterprises The use of MAM benefits mobile workers and their organizations in several ways: 1. Mobile workers get the right work apps quickly and easily on their devices without having to spend time and endure exposure to the risks and distractions in searching public app stores. The mobile device user simply subscribes to the enterprise app store to automatically download all relevant mobile apps and subsequent updates. This saves time and protects against downloading malware that could lead to personal and corporate data loss or theft. 2. Corporate IT gains secure and efficient processes for storing, licensing, distributing, tracking, and updating mobile work apps at their organization. Instead of responding to requests for mobile device setups with frustrating conversations like the mobile worker/it help desk one above, IT can quickly and automatically process all mobile devices for both internal and third party apps with same levels of reliability, efficiency, and consistency that have become the norm for laptop setups. Because MAM operates at the application and data level, policies and processes that are set up for mobile workers can be reapplied, as appropriate, to all of the worker s mobile devices now and in the future.
7 Conclusions Organizations are recognizing that mobile devices and applications can be extremely useful tools for an increasingly mobile workforce. Supporting workers with BYOD and corporate smartphones and tablets provides clear benefits to everyone but it does require a balancing of mobile worker and corporate interests. Organizations need to provide simple and easy access to the devices and apps that mobile workers feel they need to be productive without posing risks to corporate interests. The combination of MDM plus MAM solutions that evolve over time equips organizations with effective enterprise mobility management tools and processes to both protect and address the use of mobile devices and apps by mobile workers to be more productive and satisfied employees. Sponsored by AT&T Mobile Enterprise Management from AT&T integrates device and network-based security controls with encrypted transport to provide mobile security, complemented by application and device management solutions in a variety of configurations. Through a comprehensive suite of development tools, AT&T enables organizations to build custom mobile applications for business-to-business, to-enterprise, toconsumer, and government to citizen. In addition, AT&T gives businesses the ability to manage protected workspaces within employees mobile devices, allowing employees the flexibility they desire and providing a high level of confidence to the enterprise. AT&T has the experience and resources necessary to be your complete mobility solution provider. For more information, visit us at
G DATA TechPaper #0273 Mobile Device Management G DATA Application Development TechPaper_#0273_2015_04_21 Contents 1. 2. 3. 4. Introduction... 3 Mobile devices in the enterprise... 3 2.1. Benefits... 4
10 Essential Elements for a Secure Enterprise Mobility Strategy Best practices for protecting sensitive business information while making people productive from anywhere Mobility and bring-your-own device
Thought Leadership SERIES AUGUST 2011 Unlocking the Power of Mobile Device Management Mobile device management (MDM) is about more than technology it s also about skillful strategic resource management.
IT Best Practices: Mobile Policies and Processes for Employeeowned Smartphones By: Maribel Lopez, Principal Analyst April 2010 Lopez Research 9793 S. Burberry Way Littleton, Colorado 80129 T 617-872-8631
CMSGu2013-02 Mauritian Computer Emergency Response Team Enhancing Cyber Security in Mauritius Guideline on Mobile Devices Security (Updated) National Computer Board Mauritius Version 2.0 May 2013 Issue
Vodafone Global Enterprise Mobile Device Management Technical paper Vodafone Global Enterprise Introduction Managing for the future Secure control over your mobile data, devices and applications. The multi-national
The Definitive IP PBX Guide Understand what an IP PBX or Hosted VoIP solution can do for your organization and discover the issues that warrant consideration during your decision making process. This comprehensive
SAP White Paper SAP Partner Organization Mobile Device Management Managing Mobile Devices in a Device-Agnostic World Finding and Enforcing a Policy That Makes Business Sense Table of Content 4 Mobile Device
IDC Multi Client Project Executive Brief Sponsored by Matrix42 From Consumerization to "Mobile First" Mobility Strategies in German Companies ENTERPRISE MOBILITY IN GERMANY 2015 Contents introduction 01
CONSUMERLAB BUSINESS USERS GO MOBILE A study of enterprise mobility transformation An Ericsson ConsumerLab Insight Summary Report December 2014 ERICSSON CONSUMERLAB GAMING IN THE NETWORKED SOCIETY 1 contents
THE WHITE BOOK FOR... Mobilizing the Enterprise The definitive guide to the mobility revolution THE WHITE BOOK FOR... Mobilizing the Enterprise Contents Acknowledgments 4 Preface 5 1: What is the scope
Cyber-Security Essentials for State and Local Government Best Practices in Policy and Governance Operational Best Practices Planning for the Worst Case Produced by with content expertise provided by For
The Ultimate Guide to Enterprise Mobility Management v1 Table of Contents Executive Summary 3 Avoid fear and loathing in the era of enterprise mobility 3 Why prioritize the user experience? 3 Accelerate
1 THE CIO S GUIDE To Enterprise Mobility Management Whitepaper Whitepaper Brochure 2 How IT leaders are using this guide CIOs make tough decisions every day. To make the right ones, you have to trust your
SecuRity technologies for mobile and Byod. Executive summary 1.0 the mobile challenges The volume of new malware that is specifically targeting mobile devices is growing at an almost 1.1 increasing threat
BT CLOUD VOICE. CUSTOMER ADMINISTRATOR GUIDE. A comprehensive guide to setting up and using the many features of BT Cloud Voice, and how they can help you get the very best out of your business. WHAT S
With hundreds of Help Desk software packages available, how do you choose the best one for your company? When conducting an Internet search, how do you wade through the overwhelming results? The answer
With the compliments of Sybase ianywhere Mobile Device Management Sybase ianywhere Limited Edition Securely manage your data, devices, and applications Mobile Device Management FOR DUMmIES By Mike Oliver,
Why Integrate Physical and Logical Security? White Paper Author John Carney, Senior Technical Manager, Cisco Government and Security Solutions This document is the first in a series of papers from Cisco
Product Overview for Windows Small Business Server 2011 December 2010 Abstract Microsoft offers Windows Small Business Servers as a business solution for small businesses by providing a simplified setup,
Enterprise Mobility How the mobile world drives business Enterprise Mobility How the mobile world drives business white paper 1 Executive summary More and more employees carry their own smartphone into
Executive report Increasing marketing campaign profitability with predictive analytics Table of contents Introduction..............................................................2 Focusing on the customer
Guidelines for smart phones, tablets and other mobile devices Summary Smart phones, tablets and other similar mobile devices are being used increasingly both privately and in organisations. Another emerging
Managing Mobility 10 top tips for Enterprise Mobility Management About Trinsic Trinsic is a new kind of business communications specialist, built from the ground up to help your organisation leave behind
White Paper Secure Network Access for Personal Mobile Devices What You Will Learn People around the globe are enamored with their smartphones and tablet computers, and they feel strongly that they should
MOBILE DEVICE SECURITY FOR ENTERPRISES V.2 Final Draft September 12, 2014 firstname.lastname@example.org This revision incorporates comments from the public. Page Building Block 1 Comments 14 Certain commercial