The MDM Story - What's The Real Use?

Ankush

The CIO office is going through a drastic change in ecosystem and technology for the last one year. At the center of this drastic change lies the mobile device that has made the life of the CIO less comfortable over the last decade. When the enterprise moved from the Desktop world to the laptop world it was less of an issue. After all the dominant OS remained the same (Windows) and all enterprise solutions where made keeping Windows as the center OS dominating the enterprise world. Cross platform meant only making the product and technology available on the Macintoshes of the world. But with the advent of the mobile phones and the skew of the OS changing towards Android and iOS devices all hell went lose in the CIO ecosystem.

Suddenly “Consumerization of IT” and “Shadow IT” were the terms that were used to define the ecosystem where a number of non-IT approved technology started showing up at the workspace. A recent report from Stratecast Research points that more than 80% of the employees are using one or more of a non-approved SaaS app for their collaboration, communication or Line of Business use. “Consumerization of IT” and BYOD lead to large number of CIOs making a beeline towards technology that could enable smooth enterprise mobility on BYOD and corporate owned devices.

One of the first solutions that was adopted by many CIOs across the world was the Mobile Device Management (MDM). The CIOs wanted security and manageability features and this is where more than 100 MDM providers in the industry pushed solutions on both on-premise and SaaS tools. Buying MDM was in fashion with IT leaders adopting at a frantic pace to remotely manage the large number of diverse mobile devices from phones to tablets on platforms that includes Android, iOS and Windows Mobile. This has resulted in large number of acquisitions also in the MDM industry with big valuations seen in the likes of the Airwatch-VMWare deal.

The two needs of the enterprise that the MDM players have been capturing the market place is Security and Manageability. An IT leader wants to secure and manage the data going on mobile devices. As the end point device increases from phones to tablet to wearables the MDM would be expected to serve the needs on these devices as well. This is where the biggest question of the ROI of MDM comes into play – does MDM solve the problem of Security or is it only the manageability of device that the MDM caters to?

To answer this question we need to understand the real problem that the IT leaders face with the advent of Shadow IT. These are Single-Sign-On on diverse mobile OS, Data leaks from enterprise apps – documents being one of the largest pain points and deployment of productivity apps to manage and secure data. So the real problem lies in “Securing” the data before an incident happens so that we can safely say that the hack will never take place and to “manage” the data once it goes on mobile device including the malicious intent of the user itself. MDM as the name suggests has traditionally been a solution that caters to the second part of the problem primarily with a few features to cater to the security needs.

MDMs help the IT leaders to manage the devices once the mobile architecture and strategy of the company is ready. This leaves a large gap in the security of data. The biggest bottle neck in the adoption of enterprise mobility lies in securing the end point data than managing the device. With security being fixed there would be more relevance of an MDM as CIOs would be happy to roll out new apps for their daily needs which in turn can be managed by the MDM. Today an MDM costs $40 to $100 per user all of which goes into managing an email app – the only move many CIOs have done in enterprise mobility as they are still worried about data leaks and securing end point data. With just the email apps being managed it is difficult to prove the ROI of the MDM solution.

Large scale adoption of mobile devices cannot be achieved without solving the security issue. Imagine a trader giving a stock order on a mobile device requires high level of security, encryption and identity & authorization features needs to be built in on the mobile device. Security is being handled at both the application layer as well as the mobile OS layer. App security includes bringing all features of enterprise like authorization, authentication, permissions, data viewing, collaboration and communication all happening within the framework of the app itself. The other approach is to harden the mobile OS to secure the device and its content. An after market Android based approach that can be activated on the device if the CIO so allows.

I can compare BYOD and the resulting sale of MDM as the same phenomenon as the Y2K that drove sales for ERP companies in the 90’s. Security being a large need has driven the sales but a large number of licenses lay dormant or have achieved manageability on email app, which was a solved problem already. Security on enterprise mobility is a problem and would require a focused approach to solve for the CIO for a large scale adoption of enterprise mobility.