Mobile Device Management: A Survey 1 July 2012
Table of Contents ABOUT PARABAL MOBILE DEVICE MANAGEMENT Common Features Sandboxed Email Remote Lock / Remote Wipe Enterprise Application Stores Security Management Administration / Self Service Portals Containers Limitations 3 3 5 MDM VENDORS Ratings 6 Absolute Software Absolute Manage 7 Airwatch 7 Amtel MDM 7 AppBlade (RaizLabs) 8 BoxTone 8 Casper Suite (JAMF Software) 8 Excitor DME 9 FancyFon FancyFon Mobility Center 9 Fiberlink MaaS360 9 FileWave 10 Good For Enterprise 10 IBM Endpoint Manager 10 LANDesk Mobility Manager 11 McAfee Enterprise Mobility Management 11 Mformation 11 Mobile Active Defense 12 MobileIron 12 Notify Technology Notify MDM 12 Sophos Mobile Control 13 SOTI MobiControl 13 Sybase Afaria Sybase (An SAP Company) 1 Symantec Mobile Management 1 Tarmac Equinux Software 1 Tangoe MDM 15 Zenprise 15 5 2
About PaRaBaL PaRaBaL is a four-year-old company with the unique expertise to market and sell commercial enterprise software into the DoD/Intelligence Communities and Civilian Agencies. PaRaBaL s experience extends to: Understanding the needs of agencies and how to communicate with them; Proving the product concept against their mission needs; Researching and finding a budget and a contracting/purchasing mechanism using very complicated, byzantine contracting/purchasing practices that differ from agency to agency. PaRaBaL specializes in product marketing, sales, and successful pilots. PaRaBaL has a staff of 10 and is located a short distance from Fort Meade and Baltimore Washington International Airport. PaRaBaL s experience in mobile platforms began with a contract from an intelligence agency to teach ios security and exploitation course to the agency s employees. From this experience, PaRaBaL has expanded to researching Mobile Device Management (MDM) vendors to see which products best fit the Federal Market. The mobile device security and coding expertise that PaRaBaL has gained has led to the company s entrance into the commercial markets, serving enterprises with MDM and Mobile Application Store (MAS) selection strategies as well as installation, customization, and integration. PaRaBaL also offers secure enterprise apps for commercial companies and government agencies. MDM vendors come in many different flavors of products and services. PaRaBaL has produced this paper to help educate readers of the capabilities, advantages, and disadvantages of each vendor. Included in the synopsis are pros, cons and basic information regarding about the features and services offered. PaRaBaL is available to Enterprises to help select an MDM. Our methodology is to first understand the enterprise needs, weighed against security concerns, employee privacy, and BYOD issues, then select the best vendor to fit those needs. PaRaBaL can further customize MDMs to fit enterprise needs, and train the system administrators as well as the end users. PaRaBaL also has a full staff to build specialized applications for the enterprise that work with any MDM or MAS vending system. For more information, please do not hesitate to send us an email at info@parabal.com, visit our web site at www.parabal.com. Or contact Nathan Steuer directly at 20-258-2106 or nsteuer@parabal.com. Mobile Device Management With the huge rise in success of mobile computing comes the need to configure, control, and maintain the mobile environment with business needs in mind. This is where Mobile Device Management comes into play. MDMs allow companies to tailor devices and infrastructure to suit their needs. Common features include sandboxed email, an ability to disable the installation of applications for the phone, and the ability to lock and/or wipe the device. Other features include over-the-air (OTA) distribution of enterprise applications, distribution of data and configuration settings, and device information. Originally, device management was implemented by distributing company owned devices that were delivered to employees locked down with only the applications and functions the company deemed necessary. Employees frequently carried both company and personal devices. Recently, the rise in popularity of smartphones, and employees demands for the latest and greatest devices has brought about Bring Your Own Device (BYOD) policies. This method of device management comes with its own set of legal and privacy issues. BYOD devices have both company and personal applications and information, making configuration control a much more difficult task. 3
Vendors have varying approaches to device management, from application approaches where an application houses all the business aspects of the device, to entire device management where devices are controlled and locked down based on certain parameters. Some parameters monitored by MDMs include time of day, geographic location of the phone, status of installed applications, status of installed provisions and settings, and the ability to determine if the device is jail-broken. Common Features Sandboxed Email Most MDM vendors offer some version of an email client that is separate and secured from the rest of the device. Usually this email is also encrypted which prevents sensitive information or files from being leaked. Often included are statistics regarding the email client, including data being sent/received as well as the frequency of data being fetched. With sandboxed email, messages can also be prohibited or deleted if certain parameters are not met. Remote Lock / Remote Wipe The remote lock/remote wipe feature provides flexibility for a company to manage a compromised or possibly compromised device. Depending on the situation, the company has the ability to completely remove all data from the device, or to simply set a new lock code. Some vendors also offer a selective wipe, where a company can wipe specific data from the phone. These features can also be enacted if an employee decides to break compliance parameters such as changing app or ios versions, downloading blacklisted apps, or attempting to jail-break the device. Enterprise Application Stores Many vendors also provide the ability to deliver enterprise applications through an Enterprise Application Store (EAS), which are separate from commercial app stores. Vendors may limit access to applications by blocking the commercial app stores from being used. With an EAS, businesses can instantly port over custom applications to the phone over a secure or over the air platform. Application versioning is another feature the EAS allows for, ensuring that all users have appropriate versions of corporate applications. Security Management Vendors often sport several types of password options. Options include setting a password for a specified time limit, ability to remotely clear a password on a device, and enforcement of specifications on the sophistication of a passcode for the device or application. Other restrictions that MDMs can implement include the prohibition of screen capturing and video conferencing. Administration / Self Service Portals In order for vendors to manage devices, there needs to be a central area where commands and data can be sent. There are two types of portals available to companies, an Administration Portal, and a Self-Service Portal. The administrative portal has the ability to see various statistics regarding the status of the devices. From there, the administrator can take various actions. Users can use a self-service portal through an application used on a regular computer, a mobile application, or a secure interface. Containers MDM configurations can vary from standard control (Airwatch, Casper), to containers (Excitor, Good). Containers allow data to be stored on a secure location on the device where it is separated from other programs or browsers. Containers allow for limited access to sensitive files, with access limited based on time or user. Once the access has expired the file can either be deleted or access can be revoked. During viewing, some containers have the ability to prevent the user from using the camera, take screenshots, print, or restrict modification of the file.
Limitations Vendors provide many possibilities, but not all vendors can provide all solutions to every problem. The biggest problem we see is that no vendor has the ability to control the baseline on Apple s ios. As a result, vendors use workarounds with their products, which can leave the choice down to the end user on what to do with the device. A user could change their Apple ID and use their own app store preferences. A user could also have the ability to update any portion of application of ios and they please. Perhaps the most important bit being that a user can unenroll from the service at any time or can erase the service through itunes. From an Android standpoint, what all vendors are having trouble with is supporting a consistent experience. As mobile phone manufacturers continue to produce more and varying devices, MDM vendors are struggling with Android Fragmentation. Android devices themselves can have varying security features, as there are numerous hardware and software versions out there. For example, any device running below Android 3.0 will not support hardware device encryption. And a majority of devices supporting hardware device encryption are tablets. As a workaround, some vendors have offered to work with Android to open up more possibilities if the MDM vendor can modify the kernel on the Android, but that may open up other issues. MDM Vendors When PaRaBaL began its research into MDM vendors, it came up with a total of 85 vendors that offer some sort of MDM capabilities. PaRaBaL s research into the vendors has focused the list to 2. While there may be may other various vendors that offer MDM-like services, we believe the vendors below were some of the most focused MDM and MAS companies. Each vendor offers primarily the same functions, with the difference being in the execution, including differences in philosophy, the consumer experience, and mobile platforms. PaRaBaL hopes to continue to develop details for the companies as this industry continues to grow. The information has been gathered from a variety of sources. PaRaBaL s primary source of information has been from talking directly to the MDM vendors. Other information was collected from vendor websites and/or marketing material. Any other sources will be cited appropriately. The vendors were researched and evaluated based on the following criteria: 1. Usability (Ease of Use) a. Visual Outlook: How is the appearance of the MDM s admin and self-service portal? Is everything easy to see? b. Smoothness of interface c. Concise Menus? Are the menus logical and easy to navigate? 2. Reliability (Load Testing) a. Max Amount of Single Users at a Single Instance: How does the MDM handle with a large userbase on at a concurrent time? b. Amount Of Servers needed to support the user-base: What is the amount of resources required to run its user-base? c. Load Balancing: Does the company do any sort of load balancing? If so, how efficient and effective is the Load Balancing? 3. Security (Encryption of either Applications of Entire Device.) a. Device Encryption: Does the solution offer any sort of Device Containerization? If not can it enforce the device s hardware encryption? b. Containerization (File Encryption?): Can the service provide for a container that can allow sensitive files to be uploaded with selected restrictions present? c. SSL Encryption / AES Encryption: How are the connections between the server and the devices handled? What kind of encryption if any is presented in these solutions? d. Firewalls: Does the vendor provide any firewalls between the devices and the servers that contain the MDM and it s relevant information e. Public Key Infrastructure: Can the MDM handle PKI? 5
. Support/Service a. Help Desks: Does the company offer any sort of Help Desk support through their products? Or is it a third party responsible for the Help-Desk? How knowledgeable is the Help-Desk in the event of a complex problem arising? b. Hours of Help Desks: What are the hours for the Help-Desk? c. Timeliness of Responses from not only support, but also sales: How long does it take the sales and or support teams to get back to your inquires? 5. Features a. Innovativeness: Does the company have the ability to consistently introduce new or groundbreaking features to their platform? b. Time to implement new features: What is the turn around time with the implementation of new features? c. Ability to hold features across as many mobile platforms as possible: How does the company deal with the same features across multiple mobile platforms? 6. Size a. How large is the company: Do you get big time company feel or small company feel? b. Company Stability: Do you get a sense of financial security with the company? 7. History a. Company Technological Background: What is the background? Have they consistently dealt with enterprise markets? b. What is their primary function as a company? i. Security Software ii. End User Software iii. Telecom Expense Management iv. Enterprise Management Ratings Each vendor is given a rating based on criteria such as features, security, and customer service. The ratings are defined as follows: Poor: These vendors lack any advanced or distinguishing features, or might not contain some of the basic features seen from competitors. The vendor may have been hard to communicate with, or their support seemed to be lacking. Average: The product itself may offer basic features and security, but lacks defining features that would have set them apart from the competition. The company may also have average support for their products. Good: The product itself offers a very good feature set and offers reliable security. They may offer a good feature set, good support, as well as a few unique features. The difference between Good and Excellent vendors lies in innovation. Excellent: The vendor not only provides the basic features and security you see from the competitors but also includes a variety of features or security standards that set them apart from the competition. These vendors are also focused on innovation as well as providing a high level of support and standards for their products. Vendors are listed in alphabetical order. Pricing information, as it was delivered to PaRaBaL, is available by scheduling a call. Please email info@parabal.com to schedule a free 15-minute call to discuss pricing information. For most vendors, pricing is based on the service provided, and the number of users. 6
Absolute Software Absolute Manage Headquartered in Vancouver, Canada, with offices located in Austin, Texas, Arlington, VA, and Reading, England, Absolute Software s MDM uses a variety of applications in order to manage user devices in a BYOD environment. Absolute Manage delivers its MDM services through a containerization approach with application suites and their own public application stores where users can login and gain access to their data. Platforms: ios, Android, and Windows Phone 7 Offers separate applications (AbsoluteSafe) from the MDM that can be used to send sensitive files without the use of email. Allows for a separate partition between office and personal use. Due to the approach Absolute takes in going with an Application Suite, companies will not be able to control the entire device. (App Based Control vs. Policy Based Control) Contact Information: Headquarters: +1 (60) 730-9851 US Offices: +1 (512) 600-755 Federal Office: +1 (703) 28-261 Airwatch With Offices in Atlanta, Georgia and Mclean, Virginia, Airwatch is a MDM and MAS provider deploying across all mobile platforms. Airwatch is also currently the largest MDM vendor. 7 Offers 2/7/365 disaster recovery events. In terms of security, offers 256-bit SSL encryption for transfer of documents. Prevents the transfer of documents over 3G as well as prohibition of what documents applications can open. Can view the device remotely. Airwatch s software is not currently offered for Widows machines. While the largest MDM provider, Airwatch is still in its infancy within the international market. Contact Information: Headquarters: +1 (0) 78-7500 Amtel MDM With Offices in Santa Clara, CA, Amtel is an MDM provider for BYOD devices across all platforms. Originally designed as a company for Telecom Expense Management, Amtel has since then decided to delve it s efforts into Mobile Device Management. Amtel has the advantage of already developing its MDM on all mobile platforms while maintaining all common MDM features. Offers 2X7 support across all packages. The Enterprise edition also comes with Telecom and Mobile Expense Management. 7
Only MDM that is SAS 70 Type II certified. Amtel is more geared towards a smaller user base. While Amtel may have all the standard features, Amtel lacks any key differentiators from competition. Contact Information: Headquarters: +1 (08) 615-0522 AppBlade (RaizLabs) As a subsidiary of RaizLabs Software, AppBlade focuses on innovation as well as a rich experience. AppBlade also has a strong focus on Application Distribution. Platforms: ios, Android Offers tools such as Jenkins and Hudson in order to automatically build Xcode Projects directly into an AppBlade Project. Offers public API s and SDK s as well. Has Dual Layer Security in which there is a device manager, no intermediary. Directly installs SDK s onto Applications in order to verify the applications being installed. AppBlade currently does not support Blackberry or Symbian, but can create fully-fledged services within a few weeks if requested. Contact Information: +1 (800) 277-2156 BoxTone With Offices in Columbia, Maryland, BoxTone provides a security focused product. Offers Mobile Service Management which includes real time security monitoring as well as service desk help. Patented real time user transaction flow. Can handle from 60-60,000 users in a single instance. BoxTone has the ability to scale to > 2 Million transactions per hour. Also complies with FIPS 10.2 security standards. BoxTone currently offers Data Loss Prevention capabilities. BoxTone is currently a US focused product with little market overseas. Contact Information: +1 (10) 910-33 Casper Suite (JAMF Software) Headquartered in Minneapolis, MN with several offices in Cupertino, New York, and Eau Claire. They specialize in ios, which allows them to focus on a better experience with ios compared to competitors. Platforms: ios, OSX Offers communication between their servers (JSS) and Apple s Global Service Exchange database. Offers full suite of features that can integrate with their Desktop based software. 8
While offering a full breadth of features for ios, they are limited to ios without any support for Android, Symbian, or Windows Mobile platforms. They do not currently offer any sort of encryption. Does not directly communicate with devices, rather uses an intermediary to work with devices. Contact Information: +1 (612) 605-6625 Excitor DME Excitor is a Denmark based vendor that takes a containerization approach to their products. Excitor features all the standard MDM services. Offer extensive Mobile Cost Control & Alerts to their solution, and a very sleek user interface for their Admin and Self Service Portals. AES standards are used to encrypt devices, files and attachments. Includes a secure web browser. Excitor is currently primarily located in foreign markets without any offices in the United States; as a result, any sort of US business will have to be done through a reseller (Etuvian for United States), so experiences may vary. A free trial is offered then, a purchase is required. Contact Information: +(5) 70 21 68 00; Etuvian: 1(888)589-56 FancyFon FancyFon Mobility Center Established in 2006 in Cork, Ireland, FancyFon was originally designed as an MDM vendor. Since then they have established their MDM with a focus on having support for all major mobile platforms., Samsung BADA, WebOS Strong support for a variety of mobile device platforms. Ability to implement a Telecom Expense Management Solutions into their product. Ability to encrypt all drives on a device and prevents data from being removed from the device. FancyFon is a smaller company with a focus on smaller businesses rather than larger enterprises. While FancyFon may advertise a wide support for devices, the features are not universal across platforms due to device restrictions. Contact Information: +1 (353) 76-670 9860 Fiberlink MaaS360 Headquartered in Blue Bell, PA, Fiberlink is one of the larger vendors specialized in selling BYOD MDM and EAS. Originally founded over twenty years ago, Fiberlink has specialized in Enterprise Management Solutions since its foundation. From 2008 on, Fiberlink has release MaaS360 (Mobility as a Service) in order to deal with the growing concern of managing mobile devices. Fiberlink is one of the few vendors to offer their services strictly through cloud services. Offers their solution across all major mobile platforms with the ability to deploy to a large user base (15 to 130k users) on an international scale with offices in the UK, Germany, and Asia. 9
Offers their Mobile Expense Management services with their solution. Sox 70 Certified. Fiberlink offers no device encryption for their product. Those interested in security may be weary of their cloud offerings due to the inability to physically handle the servers, more people having access to your data. Contact Information: Headquarters: +1 (215) 66-1600 Sales: +1 (215) 66-1673 FileWave With Offices in Fishers, Indiana, Filewave is a Swedish vendor that was previously focused on the Mac and Windows desktop platforms. Since then however it has delved it s efforts into the ios realm. Platforms: ios Offers all major features to the ios platform. Offers file self-repair as well as rollback on devices. Does not offer SAAS. Currently, FileWave does not offer their services to any other platforms than ios. Focuses more on application management across computer and ios products rather than a general MDM. Contact Information: +1 (317) 863-6282 Good For Enterprise With Headquarters in Sunnyvale, CA, Good s offering s primarily feature containerized software. Platforms: ios, Android, Symbian, Windows Mobile, Windows Phone Good for Enterprise is currently one of the few companies that support FIPS 10-2 encryption within their solution. Works with the DoD PKI infrastructure. Used and complies with government agencies and standards. Good for Enterprise is handled due by an application suite. Due to that, there is no control over on the device s end and can be technically labeled a containerized solution. This can be a cause for concern based upon security requirements as well as policy enforcement. Does not support Blackberry platforms. Contact Information: +1 (08) 212-7500 IBM Endpoint Manager With Headquarters in New York, IBM is a large public company responsible for creating the Endpoint Manager, which manages costs, software, power, and patches on mobile devices and computers. Platforms: ios, Android, Symbian, Windows Mobile, Windows 7 Phone Ability to scale up to 250k concurrent users without trouble. Offers entire device encryption. 10
Supports NIST Security Controls. IBM also offers this solution with the rest of the Endpoint Manager, which includes (Power Management, Lifecycle Management, Security & Compliance, Patch Management, Lifecycle Management, Core Protection, and Software Use Analysis). Offers 2/7 help desk support as well. While IBM has a dedicated MDM service, from our research it s focus seems to be more towards computer management rather than mobile devices. Contact Information: Sales: +1 (877) 26-377, Priority Code: 109HJ03W LANDesk Mobility Manager With Headquarters in Salt Lake City, Utah, LANDesk started their MDM services in 2011. From there they have expanded, adding ios and Android platforms. The LANDesk approach towards MDM is one of integration between PC s and Mobile Devices. As a note, LANDesk is sold only through resellers so experiences may vary. LANDesk has recently purchased Wavelink. Platforms: ios, Android, Palm, Windows 7/8/CE LANDesk uses a combined approach, covering desktops, laptops, and ruggedized devices. Has a wide diversity geographically as it deals heavily in international markets. LANDesk is in the process of getting FIPS 10-2 certification and currently is pursuing an Authority to Operate on DoD Networks. LANDesk is not as mature as other products. The LANDesk Mobility Manager is sold more as part of a package rather than an individual product. LANDesk s user interface appears less organized and fluid than others. Contact Information: Headquarters: +1 (800) 982-2130 McAfee Enterprise Mobility Management Headquartered in Santa Clara, CA, McAfee is a large public company that is a large vendor in MDM software services. McAfee has partnered with AT&T to gain strategic relations. McAfee s focus for the MDM is on security. Partnership with AT&T, which allows them to have strategic ties with clients. McAfee s experience in the security field has allowed them to make acquisitions that have been implemented into their product. McAfee s Enterprise Mobility Manager is treated as part of a total solution rather than just a MDM solution. Contact Information: Sales: +1 (866) 622-3911 Mformation Headquartered in Edison, New Jersey, Mformation is a small vendor (135 Employees) that has taken the approach of selling its product absolutely indirectly. Their focus is on scalability and reliability, being able to adaptively scale servers at the peak efficiency. 11
Platforms: ios, Android, Symbian, Windows Mobile, Windows Phone Mformation focuses on scalability, in this case being able to handle from a few thousand to several million devices in a single instance. Offers many options for white listing guaranteeing no channel conflict. Mformation currently does not support the Blackberry Systems, but can quickly do so if needed. Does not offer the advanced features we see from larger MDM s. Contact Information: Headquarters: +1 (732) 692-6200 Mobile Active Defense Based in Atlanta, Georgia, and with offices Mainz, Germany, and London England, Mobile Active Defense is a MDM with a focus on securing sensitive information on the device. Mobile Active Defense is NIST 800-53/12, ISO 27001 certified, with FIPS 10-2 AES 256 bit encryption between device and server. Mobile Active Defense has the ability to support up to one million users. Offers security-training courses. Offers the full breadth of common MDM/MAS features. Mobile Active Defense does not have the most market visibility. In order for full Android control, the kernel must be modified which may be a cause for concern to some consumers. Contact Information: +1 (877) 25-6623 MobileIron Started in August of 2007 with Headquarters in Mountain View, California, U.S, MobileIron has been one of the more progressive vendors on the markets delivering MDM focused products since 2009., WebOS Has the ability to work with many capable partners in all aspects of business. Provides Expense Management services, with a sleek and easy to use interface. This vendor is one of the more stable MDM/MAS companies in the industry with a considerable amount of investors helping their ventures. They have consistently been one of the leading vendors in MDM innovation. In order to use other platforms, additional costs for the platform must be purchased. Only provide the encryption that has already been shipped with the device. New entry into containerization. May have difficulty with larger deployments as they work to expand capacity. Contact Information: +1 (650) 919-8103 Notify Technology Notify MDM Headquartered in San Jose, CA, Notify Technology is a software company primarily offering a variety of Mobile Platform software packages including Mobile Device Management services. 12
Features all the basic MDM features for all Mobile Platforms. Notify also has the ability to offer cloud as well as offer multiple on-premise server points within a DMZ as well as part of the companies internal private network. Can be offered with Notify s NotifySync features. While Notify may have been in the Mobile Industry for over 10 years, their MDM platform was only recently released (/2011). As a result Notify currently has a smaller market presence within the MDM field. Contact Information: +1 (08) 777-7930 Sophos Mobile Control With North American Headquarters in Burlington Massachusetts, Sophos Mobile Control is a UK-based vendor. Sophos offers their services as an entire package that consists of their MDM, Mobile Security software, and device encryption. Sophos can integrate mobile encryption with Dropbox. They deal heavily in international markets. Sophos Mobile Control comes with Sophos Mobile Control allowing for further security including entire device encryption. Unlimited 2X7 support. While Sophos is strongly developing an MDM solution, they are primarily still seen as a Security Software company in the market. Some features are still being developed due to the product being recently released. Contact Information: +1 (866) 866-2802 SOTI MobiControl With Headquarters in Ontario, Canada as well as offices in Europe and the Australia, SOTI MobiControl was launched in 200 starting with Windows Device Management and eventually picked up Android and ios. Has already demonstrated its solution in large markets. Uses AES 256 bit encryption to secure its data transfer connections. Unique features include remote view and remote control. Due to the variety of devices supported by SOTI, features of the MDM are dependent of the device platform itself. SOTI MobiControl does not offer device encryption. Instead SOTI relies upon the encryption offered by the device s OS. Contact Information: Ontario Headquarters: +1 (905) 62-9828 13
Sybase Afaria Sybase (An SAP Company) With Headquarters in Dublin, CA, Sybase is a subsidiary of German Software Company, SAP. Sybase was founded back in 198 and originally working with the mobile database market. Since 2001 Sybase has been working MDM on ruggedized devices and now onto smartphones. Platforms: ios, Android, Blackberry, Symbian, Windows Mobile Offers it s additional applications ( SAP Applications ) that allow for additional features and applications to be installed. Sybase is one of the more professional and stable companies in the field. Sybase strives to allow all devices to have the same features. The Sybase Solutions often lacks in bringing in new features quickly compared to their competitors. Compared to other companies, SAP is a bit costlier than competition. Contact Information: +1 (925) 236-5000 Symantec Mobile Management With Headquarters in Mountain View, CA as well as offices in Japan, Singapore, and Ireland, Symantec is well known for its security software. Symantec has focused its MDM on security. Symantec s size allows for a very stable product. And due to their size, they have been able to start implementing acquired technologies (Ex. Nukona). Due to their size the solution can easily be deployed in large numbers across the globe. Symantec Mobile Management is FIPS 10-2 Certified. Symantec only sells their Mobile Management Suite through resellers, so experiences may vary depending on the vendor. Has a very large company feel when in contact with Symantec. Lacks the innovations seen from competitors. Contact Information: +1 (888) 252-5551 (Note: Symantec is sold solely through retailers.) Tarmac Equinux Software Equinux is a German based vendor with offices in Munich and San Francisco. Equinux is known for their Apple software suites, particularly it s security suite VPN tracker. Tarmac is exclusively distributed via select authorized partners. Platforms: ios Tarmac offers their MDM solution with a VPN Tracking solution as well. Communication between the server and devices is encrypted. With offices in Germany, they comfortably deal with international markets. Tarmac can dynamically remove ios 5 features to have backwards compatibility with ios. Currently, Tarmac is only applicable to the ios platform. Clients looking for USA centric options may be deterred as all US sales are done entirely through retailers. Contact Information: +1 (888) 378-689 1
Tangoe MDM Founded in 2000 and with headquarters in Orange, CT, Tangoe is a public, large company that is known in the field as the leading Telecom Expense Management Provider. Recently however they have put their attention on Mobile Device Management. Their take on MDM s is one that includes their Telecom Expense Management in an attempt to help save the company money. Platforms: ios, Android, Blackberry, Windows Phone, Windows Mobile, Symbian Tangoe is a public company. Offers a self-service web portal for help. Also allows for Resets and Decommissioning without IT specifics. Offers scalable options as well. Offers device encryption respective to platforms. Resources are more divided into it s other products such as telecom expense management. As a result, fewer resources are focused on their MDM services. Tangoe s User Interface looks dated compared to competitors. Contact Information: +1 (203) 859-9300 Zenprise With Headquarters in Redwood City, CA, Zenprise is a Mobile Device Management company founded in 2003. Originally created to try and provide technical support, they have since acquired Sparus Software and from there have developed their own MDM solution. Provides the more unique features amongst MDM s. Zenprise s servers are very capable, comfortably supporting over 70k devices on just one server. Features Expenses Management courtesy of a partnership through Tangoe. Features Data Loss Prevention. Currently does not offer any additional encryption on the devices other than what the device offers itself. Primarily deals with domestic markets. Contact Information: +1 (888) 936-777 The following chart sums up the basic features of each MDM. It is formatted to 8 ½ x 1 paper. 15