When it comes to enterprise mobility management, IT administrators have a lot of choices. You may have wondered about all the different mobile device ownership models, acceptable use policies and management technologies that are available to implement. In this series, we tackle some of the biggest head-scratchers facing mobility admins to help you get things straight.
Mobile device management and mobile application management are two of the more popular technologies for enabling secure smartphone and tablet use in the enterprise. They have different use cases, but some of their features overlap, and more vendors are combining the two technologies into single products.
That means mobile device management vs. mobile application management isn't necessarily the discussion you should be having in your IT department. Instead, take into account your users' needs, your organization's security and compliance requirements, and other factors, then decide which technologies will best help you meet those objectives. It may be one technology or the other, but it may also be a combination of both.
Mobile device management vs. mobile application management
Mobile device management (MDM) takes a full-device approach to securing and controlling smartphones and tablets. IT can secure access to the device by requiring the use of a passcode and keep sensitive data out of the wrong hands by remotely wiping a lost or stolen device. Other basic features of MDM tools include the ability to enforce policies, track inventory and perform real-time monitoring and reporting.
The problem with MDM is that the full-device approach can be too heavy-handed in an era where employees, not their employers, own their smartphones and tablets. Users may wonder, "If I only use my phone to check email at night, why do I have to enter my work password every time I want to use the phone?" or, "If I lose my phone, why does my IT department want to remotely wipe pictures of my dog?"
Mobile application management (MAM) offers more granular controls. MAM gives IT the ability to manage and secure only those apps that were specifically developed to work with a particular MAM product. In the example above, IT could wipe or cut off access to the employee's corporate email without deleting his dog photos. In fact, IT wouldn't even know the dog photos were on the device in the first place. Admins can also use MAM to deploy apps and limit the sharing of corporate data among apps.
But MAM has its own challenges as well. Because every app requires unique coding to work with each individual MAM product, the availability of apps for a specific platform can be limited.
Combining MDM and MAM
Why add MAM to MDM?
MDM takes care of basic security and controls, but mobile application management tools allow organizations to unlock the full potential of mobile devices. With MAM, IT can enable workers to get more real work done on their smartphones and tablets -- which is what they want in the first place.
Integrating MDM with enterprise data and apps
Some mobile device management tools can integrate with MAM to automatically deploy and update mobile apps. Others also offer mobile document management features that can tie in nicely to server-based applications such as SharePoint.
Using MDM and MAM for security
The general perception is that MDM is more of a security play, while MAM focuses on enablement. But don't sell MAM's application security capabilities short. Admins can use MAM products to create a catalog of safe, approved apps for employees to download, which supplements the blacklisting and whitelisting features found in most MDM products.
More MDM vs. MAM resources
MDM's pros and cons
Understanding the pros and cons of mobile device management can help set proper expectations. MDM accomplishes some pretty important security tasks, but it can be expensive, and it doesn't protect against every kind of data leak.
What to get out of MDM
All MDM products are different, especially now that the line between MDM and MAM products is blurring. You won't need every feature offered, but knowing what's available and how it can (or can't) meet your objectives is important. With this MDM checklist, nothing will slip through the cracks.
Controlling consumerization with enterprise app stores
One of the most common MAM features co-opted by MDM vendors is the ability to build and maintain enterprise app stores. Like their consumer counterparts, such as the Apple App Store and Google Play, enterprise app stores let users pick and choose the software they want to download to their devices. Enterprise versions take extra steps, however, giving IT the power to limit users' options and make available corporate apps that aren't found in public app stores.