Here's what to look for in MDM software and what limitations IT still faces in letting employees use personal devices for work.
Nine out of 10 technology pros think smartphones and tablets will become more important to business productivity in the next couple of years. Seventy-two percent expect to offer more bring-your-own-device options so that employees can access company data with their personal gadgets.
But IT doesn't necessarily see mobile device management software as essential to coping with this proliferation of devices in the workplace. Only 26% of respondents to the InformationWeek Mobile Device Management and Security Survey say their companies have implemented MDM software, and another 17% say they're in the process of deploying it.
Even those companies that have implemented MDM need to make sure their technology and policies really deliver the data security and management efficiency they seek. All MDM software offers the same basic capabilities, such as data wipe and device inventory, so look for additional features that fit with how you use mobile devices. For example, is it a priority for your company to build an app store, or will it need to get hundreds of new people a month on new devices? Buy MDM software optimized to deliver those outcomes.
Too many IT shops are working without this strategic view. They're merely scrambling to meet pressure from the CEO on down to offer BYOD options or increase mobile app access. "Our deployment of mobile solutions is more of a reaction to 'want,' with many of the expected issues from poor planning becoming major issues," laments one of the 307 business technology pros who responded to our survey.
What do employees want to access on their iPhones, Android phones and tablets? The four most-cited resources are email, Microsoft Office applications, VPN and company file servers.
The common trait? Employees need access to corporate data to do work while they're away from the office, and with that data access comes all kinds of security questions: who can access what data, why, when and where -- and what happens when that device goes missing? But mobile data and mobile operating systems present a different security challenge from PCs, which is why just implementing MDM software won't solve IT's BYOD and mobile management headaches. This article spotlights some of the most important factors to consider for those 39% of IT shops now evaluating MDM software -- and even those that don't think they need MDM.
Mobile Is Different
IT organizations first tried to solve the mobile security problem with the same processes they used for laptops and PCs -- tactics such as endpoint protection software, policy enforcement, password complexity and even data leak prevention software. But when your company doesn't own the device (BYOD) or has to deal with hundreds of versions of mobile operating systems, the PC approaches don't cut it.
MDM software vendors promise to enforce security policies, block employees from installing malicious apps and even encrypt data. But MDM is still young technology. No vendor dominates the market, which includes a mix of legacy security vendors and startups focused entirely on mobile.
Among respondent companies using, planning to use or evaluating MDM, only BlackBerry Enterprise Server and Microsoft ActiveSync are currently deployed or planned for use by more than 14%. Some respondents doubt if MDM even belongs in enterprise IT: Among those who say their companies aren't using MDM, 47% say they have "no need." Says one consultant and former CIO in the survey: "A big reason for BYOD is to get out of the equipment business. If you implement MDM, you are back in the equipment business."
We decided to do a hands-on assessment of MDM products.We sent invitations to more than 20 vendors, but only three agreed to take part. Most of the other vendors said they didn't want to participate until the next versions of their software were available. So when would that software be ready? Crickets.
However, the three vendors that participated -- Good Technology, Symantec and Research In Motion -- are good industry representatives, as each approaches MDM in a different way. Symantec is a security vendor with experience in detecting and mitigating threats in large enterprises. Good uses a secure container approach, replacing the corporate email, calendar and file-sharing applications with its own. Its approach requires employees to learn a different interface, but it's the same across Android and Apple devices. RIM, the newest of the three to vendor-neutral MDM, acquired Ubitexx in 2011 to try to build on its enterprise IT customer base by letting customers deploy non-BlackBerry devices using its management software. We took each vendor's product and deployed it in our lab, with access to normal support but no special engineers or on-site techs.
We tested the products for managing iPad 2, iPhone 4S, Android 2.3, Android-based Samsung Galaxy Tab 7, BlackBerry Bold phone and RIM's PlayBook tablet, where the products supported those devices. We left off Windows Mobile because most vendors don't have full support for those devices -- something to consider if you're a Windows shop. Our three reviews are on the accompanying pages; longer versions plus additional survey data are available in our free report.
InformationWeek Tech Digest, Nov. 10, 2014Just 30% of respondents to our new survey say their companies are very or extremely effective at identifying critical data and analyzing it to make decisions, down from 42% in 2013. What gives?