If there's one thing tech vendors hate it's being told that a marquee product is essentially the same as what competitors offer and, by the way, also not a great match for customer needs. But that's the reality today in the growing mobile device management market, as IT teams try to use software meant for managing mobile devices to secure the data on those systems. It's not all the MDM vendors' fault--mobile operating system vendors are either reluctant to share control of functions like encryption and policy enforcement (Apple), or they let device makers mess with the OS (Google) so they end up exposing the capabilities needed for MDM unevenly, if at all.
Mobile vendors care first and foremost about controlling the user experience--of prime importance in the battle for consumer mindshare. But that goal is fundamentally at odds with letting third-party software vendors provide all the features needed for enterprise-class security, as we discuss in our InformationWeek State of Mobile Security report. But instead of admitting that no one product can do it all, vendors often just slap new names on existing products, many times without adding a whit of new functionality, as they scramble for advantage in a hugely crowded market that is, frankly, overdue for consolidation.
To make sense of this market, we asked 40 vendors, from Absolute Software to Zenprise, not just about features, cost, and functionality, but also how they classify their products: mobile device management, mobile application management (MAM), bring-your-own-device suites, all of the above, some of the above, or the ever-popular "other." While (the so broad as to be meaningless) BYOD was the No. 1 answer, multiple categorization is also quite popular.
This is a bad time for confusion to reign. Ninety-one percent of companies think tablets will increase somewhat or significantly in importance, we find in our new InformationWeek 2013 Mobile Device Management and Security Survey. That's a 12-point jump from our August 2011 poll. Our survey also shows that 43% have MDM software deployed or are in the process of deploying it, compared with 39% still evaluating their options.
We understand IT's reticence to cut a purchase order. These suites tend to lack clarity in terms of not just what they're called, but what they can and can't do: 24 of the 40 vendors surveyed for this report say their offerings could be called a BYOD suite, but 14 also indicate that their BYOD products could qualify as some other type, including MAM and MDM.
Don't sit around waiting for vendors to put neat lines around these product categories. Your goal is to let employees be productive on their personal smartphones and tablets while maintaining data security, and that will likely take more than one software suite--at least until the next wave of ARM chips that support virtualization and allow for multiple personalities on phones: one work, one personal.
"There is no such thing as a 'BYOD solution,'" says Philippe Winthrop, founder of the Enterprise Mobility Foundation, a community devoted to promoting the value of mobility. "Vendors are marketing to the pain points that end user organizations are dealing with. They are making the most of the buzz surrounding BYOD."
It's clear vendors are repurposing and renaming existing products with a BYOD tagline. The key for IT is to stay focused on the capabilities they need and what platforms they'll support.
"We are currently in the trial/testing stages of two MDM vendor software suites," says one survey respondent whose business has tied deploying MDM to a BYOD program. His company's biggest concern is wiping all corporate data from the device in the event it's lost or stolen or the employee leaves the company. You'd think that ability would be table stakes, but only 22 of our 40 vendors offer remote wipe. That's just not good enough--remote wipe came in at No. 4 in desirability among 18 features for centrally controlling mobile devices in our survey, behind only compliance and policy creation and enforcement and the ability to push out updates. In addition, the company plans to enforce strong security measures on the devices, such as passcodes, auto lock on idle, and no jailbroken or rooted devices. But nine vendors don't give IT the ability to take action--such as preventing a device from accessing the network--if that device is not in compliance with those kinds of security policies. (You can download vendor responses here.)