News/Trends, Tech/Engineering

Where MDM Stumbles

Anant Mahajan

Mobile Device Management systems (MDM) accomplish a lot of good things, and they help IT manage critical applications and data on corporate smartphones and tablets. But MDM has limitations, particularly in governance, which means enterprise IT is still creating more work for itself — or making the company vulnerable. Here’s some of the issues that IT managers need to consider, and find ways to complement MDM in their organizations.

The use of an enterprise MDM package to manage a set of mobile devices and applications is becoming more commonplace. These application suites help organizations distribute applications to the company’s mobile devices, and they provide tools to help IT departments to oversee the physical distribution of devices, to synchronize information, and to provide security. TechNavio, an independent tech-focused global research firm, predicts the MDM market will grow at 32% CAGR from 2014 to 2018.

MDM software relies on the native mobile operating systems’ capabilities to offer services including:

  • Mobile application configuration and policy management
  • Distributing and enabling access to enterprise content repositories
  • Hardware and application inventory
  • Data loss prevention (DLP) services, such as remote wipe and enforcing security policies (e.g.users employing a PIN)
  • Mobile OS management

What’s not to like?

The problem is: MDM is limited. It’s not bad; it just doesn’t go far enough.

Many of our conversations with customers have led to larger discussions about securing and governing data on mobile devices. These questions most commonly take a form like:

An enterprise that relies on only MDM software for all its mobility needs will realize that there is a burning need for a unified endpoint management solution to address these major problems.

The restrictions mobile OS vendors put in place to protect devices make it harder to back them up. With a massive increase in the number of mobile devices and the flow of corporate data on these devices, enterprise IT needs to backup data on mobile devices. Simply put, a huge amount of information lives only on a user’s mobile device — and nowhere else.

Mobile operating systems have always restricted the level of access provided to backup data on smartphones and tablets. While Apple claims that iOS devices can backup data to a laptop or desktop computer via iTunes, this data is not encrypted. It also requires manual intervention (from end users or from IT) to secure the data, especially when a restore is needed. That’s especially important when users are in remote offices or in other places where IT can’t get to the system settings.

No MDM software available today provides a reliable approach to protect corporate data on mobile devices; the applications’ strength lies in managing the hardware itself.

MDM isn’t centralized for coping with data on both laptops and mobile devices (that is, phones and tablets). MDM software lacks capabilities to manage the data on the device, barring a few solutions which enable access to enterprise content repositories.

With most mobile data backup applications today, enterprise IT is left with incomplete backups unless there is end-user intervention to complete a backup per schedule. In other words: We couldn’t make users backup their desktop systems, and we’re no more able to motivate them to do so with their mobile computing devices. Even though those systems are even more likely to be at risk since the devices can be stolen, left on the seat of a taxicab, or dunked in a hotel pool.

The obvious disadvantages of a siloed solution to backup mobile devices are:

  • The cost of implementing a different approach to backup different types of endpoints (one answer for laptops and desktops, another for smartphones and tablets)
  • An intrusive solution that depends on end users tethering their devices to a laptop or desktop
  • The inability to integrate and interoperate with the company’s existing software infrastructure

Companies want to enable eDiscovery on mobile devices. The BYOD phenomenon increased the complexities of Legal and Compliance teams to govern mobile data and make it available for eDiscovery. In some cases, governing data on mobile devices is is a primary requirement.

The need to collect data from mobile devices is driven by the increasing use of corporate data on these devices which must be accounted for in an eDiscovery. SMS, app data, chat messages, call logs, and messages sent through social networks all form rich sources of information during internal investigations or litigation. No MDM solution can govern data on mobile devices and make it available for eDiscovery. And an enterprise relying solely on an MDM solution for all its mobility needs may prove to be costly during litigations, HR investigations, or when it needs to ensure regulatory compliance.

Think you need a complementary tool to your MDM solution which addresses these problems? Register to attend a webinar and learn more.