Mobility

Enterprise considerations for smartphone management platforms

Scott Lowe lists some key items that need to be considered when choosing a mobile device management platform.

I'd argue that the iPhone marked the beginning of the current Bring Your Own Device (BYOD) revolution that is the subject of many blogs and rewritten organizational policies. The iPhone started life as a purely consumer-oriented device, but due to its (at the time) revolutionary user focus and the eventual rise of the app store -- which allowed users to quickly extend the device's capabilities -- it was a hit, and people began to wonder why the same device couldn't be used for both work and personal purposes.

Then, two more things started to happen:

  • Android picked up steam in a significant way and gained some enterprise capabilities, such as the ability to synchronize with Exchange.
  • iPhone added its own enterprise features -- again, most notably, with the addition of Exchange synchronization.

These two device platforms exploded in consumer-land, and they have inevitably creeped over into the enterprise space as well. This is evidenced by the serious challenges that are facing RIM, the maker of BlackBerry, which is truly struggling to maintain its viability. While RIM may have had some consumer interest, their biggest market has always been the enterprise, due in large part to their synchronization and security features.

A vendor overview

This shifting market has created a need for a new class of service in the enterprise. While some organizations can get by just fine by using ActiveSync rules, others want to take additional steps to segregate corporate data from personal data in order to better protect the organization and support BYOD initiatives that can save money. This is the space the BlackBerry Enterprise Server used to occupy.

There are a number of options out there that meet different needs:

  • Good: I used to use Good's products way back when I was a Treo user running Palm's OS. Good's software allowed me to synchronize my Treo with Exchange. Today, the company's products have evolved to include mobile device management capabilities for iPhone, Android, Windows Mobile, Symbian, and PalmOS. Good Mobile Control makes it possible to manage device security over the air from a centralized console, while Good Mobile Messaging provides a containerized view into a user's corporate inbox. This physical separation between a user's personal and corporate accounts on the same device, along with more robust management, helps to protect the organization.
  • Zenprise: Zenprise has emerged as a leader in this nascent mobile device management space. Zenprise MobileManager can be used to manage BlackBerry, iPhone, iPad, Google Android, Windows Mobile, and Palm devices. It includes features such as user self-service and health monitoring, change tracking, over the air deployment, security compliance, remote wipe, and expense management to help ease mobile device management challenges.
  • MobileIron: MobileIron provides advanced mobile device management for Android, BlackBerry, iOS, Symbian, webOS, and Windows Phone, making it well suited for today's mix of mobile operating systems. One of MobileIron's features is known as Enterprise Data Boundary, which allows you to "Set mobile device privacy configuration consistent with company policy. Enforce separate policies for employee-owned and company-owned devices. Set enterprise data boundaries by phone or phone group." When it comes to supporting a mix of corporate and personally-owned devices, it's great to be able to apply different policies based on ownership.

Features

Here are some key items that need to be considered when choosing a mobile device management platform:

  • OS support: Does the vendor support the mobile OSs in use at your company?
  • Policy support: Does the vendor support the policies you want/need to put into place? How are these policies handles across the different mobile operating systems?
  • Remote assistance: Do you need to be able to provide remote support to mobile users, and does the solution support this?
  • Software deployment: Can the solution be used to deploy new software to mobile devices?
  • Data segregation: Does the solution have the ability to separate personal and corporate data and make sure it's encrypted?
  • Self-service: In the age of BYOD, do users have the ability to self manage devices that are under the auspices of the corporate umbrella?

Summary

Most of the mobile device management products on the market allow you to manage policies (such as an encryption policy) and to determine whether or not services (such as BlueTooth, cameras, and Wi-FI) are allowed, among other things. I suspect that we will see a growing number of vendors in this space as mobile use grows and as companies find it necessary to get a better handle on mobile inventories.

About

Since 1994, Scott Lowe has been providing technology solutions to a variety of organizations. After spending 10 years in multiple CIO roles, Scott is now an independent consultant, blogger, author, owner of The 1610 Group, and a Senior IT Executive w...

2 comments
Ctravis
Ctravis

Excellent article Scott! We just went through the process of evaluating various MDM???s, and ended up opting to go with AirWatch. You touched on some good points, and I???d offer up some additional considerations when deploying such a system: ??? Passcode policy enforcement ??? Remote deployment of common security certificates ??? Deployment of VPN or WiFi connections ??? Apple Volume Purchasing support ??? Remote Enterprise or full wipe capability ??? Blacklisting of apps The other nuance I noted with the MDM???s I evaluated, was that iOS consistently had far more security (passcode length, complexity, etc.) options than did Android. This should be noted when you???re looking for an overall passcode compliance. In regards to the BES reference, I found that most MDM???s can only do little with BlackBerry???s, in the area of management (for example, you can redirect 411 calls, or change the BlackBerry???s screen brightness). This is evidently because RIM seems to encapsulate their own controls within BES.

noel
noel

Great info Scott - Have you implemented one of the solutions? Did you move from BES or do you run BES in addition to the new MDM platforms? Seems the best solution allows for business and personal personas to co-exist, which is why Blackberry may be at a disadvantage in MDM, even if they do offer support for Android and iOS. The companies you mention are all great but have you checked out others, such as Trellia, which was bought by Wyse today? And as Mobility consultant I would also check out managing the expense side of managing the devices, preferably in real time, like Anomolous Networks and many other companies do. And I have no financial interest in any of these. Just spend a lot of time consulting on solutions.