MDM Market Poised For Fundamental Change

Are you ready for mobile device management as just another monthly service--and fee--from your carrier?

Michael A. Davis, CTO of CounterTack

October 10, 2011

4 Min Read
InformationWeek logo in a gray background | InformationWeek

My recent column about the risks of "bring your own device" programs and employees trading in phones hit a nerve with readers concerned about the pace of new devices coming to market. One asked a simple but powerful question: "What should we do to keep up?"

While I still recommend getting major new devices into the hands of your help desk staff, the strategic answer is this: Sit tight if you can, because the world of mobile security in general, and mobile device management in particular, is changing in a big way. And if we're not careful, enterprise IT will be left with nothing but a bunch of cashed checks for on-premises systems that are behind the times.

See, most MDM providers are entering the cloud, and not for the reason you'd expect. If a vendor wasn't cloud-based from the get-go, it likely created cloud-based offerings this year or is moving toward cloud-based services instead of on-premises appliances. Sure, many are looking to cash in on the cloud craze and sell their wares directly to you. But the bigger piece of the reasoning behind this move is simple: Carriers badly want to provide MDM and mobile security to businesses at an additional per-phone, per-month fee. MobileIron has a partnership with AT&T, Verizon with BoxTone, and Good has partnered with Sprint to provide such services. More vendors are likely to announce deals soon.

For IT, this approach eliminates many of the problems associated with managing new devices, deploying apps, and updating on-premises software. It also negates management headaches such as help desk issues, as carriers have device information well before MDM vendors and are usually staffed with people who know the devices inside out. Best of all? No more worrying about where to get capital budget for MDM software, as it will just be another fee on the cell phone bill.

Well, OK, that might be a mixed blessing.

MDM vendors love the idea of partnering with carriers as it opens up the SMB market, and even security-conscious individual users, without the incremental sales and deployment costs it would have taken to recruit these customers.

For carriers, it's a value add and a way to fatten up that monthly bill. In case you haven't noticed, carriers have been courting top MDM players like a Big 10 recruiter wooing a four-star wide receiver. In my response to the reader's question, I stressed that while MDM as an industry may not exist as we know it three years from now, this software is still worth the investment today if you pick the right product and build the proper processes. When I work with clients who are trying to choose vendors or develop requests for proposals, I almost always steer them toward a hosted or cloud-based model so the processes and other infrastructure that they build now will port.

So what should you look for in a hosted MDM provider? Here are six areas to focus on:

1) Have BlackBerrys? You need a BlackBerry Enterprise Server, which isn't normally included in hosted MDM software offerings. Some vendors support BES, others don't, so make sure you check and ensure that this is in your budget if you don't have a BES now. Without the Enterprise Server, BlackBerrys cannot sync calendars and contacts, they can only receive email. And if your users can't get full functionality, they'll push all the harder for BYOD.

2) Ask how quickly the vendor adds support for new devices. The main benefit of hosted MDM is that support for new devices, and changes/updates for existing systems, should be rolled out immediately, or pretty darn close. If you have a BYOD program, this is especially critical. Consider a cloud service-level agreement.

3) Ask how user authentication will be performed on the device. Most MDM systems enable integration with Active Directory, LDAP, or other directories. This is another area where user experience is essential to adoption, and integrating cloud-based MDM may be difficult--or even against your current security policy. Make sure the security team is involved in the authentication-integration process.

4) Remember: Cloud-based MDM providers use the cloud! Make sure you do your due diligence on the data center, processes, and security stance of the MDM vendor, just like you would any other cloud service. You do vet cloud providers, right?

5) What about self-service customization? Many hosted MDM vendors provide some type of self-service portal for users. Make sure it can be customized with your company logo and company-specific information, otherwise it won't be as useful to employees.

6) Watch for sneaky fees. Right now, Verizon requires a $30-per-month fee for use of certain MDM technologies. This trend is sure to accelerate. Make sure you get all the potential fees up front from vendors before signing anything.

Read our new report, State Of The IT Service Desk: Change Management Remains Key. Download the report now. (Free registration required.)

Read more about:

20112011

About the Author

Michael A. Davis

CTO of CounterTack

Michael A. Davis has been privileged to help shape and educate the globalcommunity on the evolution of IT security. His portfolio of clients includes international corporations such as AT&T, Sears, and Exelon as well as the U.S. Department of Defense. Davis's early embrace of entrepreneurship earned him a spot on BusinessWeek's "Top 25 Under 25"
list, recognizing his launch of IT security consulting firm Savid Technologies, one of the fastest-growing companies of its decade. He has a passion for educating others and, as a contributing author for the *Hacking Exposed* books, has become a keynote speaker at dozens of conferences and symposiums worldwide.

Davis serves as CTO of CounterTack, provider of an endpoint security platform delivering real-time cyberthreat detection and forensics. He joined the company because he recognized that the battle is moving to the endpoint and that conventional IT security technologies can't protect enterprises. Rather, he saw a need to deliver to the community continuous attack monitoring backed by automated threat analysis.

Davis brings a solid background in IT threat assessment and protection to his latest posting, having been Senior Manager Global Threats for McAfee prior to launching Savid, which was acquired by External IT. Aside from his work advancing cybersecurity, Davis writes for industry publications including InformationWeek and Dark Reading. Additionally, he has been a partner in a number of diverse entrepreneurial startups; held a leadership position at 3Com; managed two Internet service providers; and recently served as President/CEO of the InClaro Group, a firm providing information security advisory and consulting services based on a unique risk assessment methodology.

Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.

You May Also Like


More Insights