BACKGROUND IMAGE: iSTOCK/GETTY IMAGES
If mobile devices are the Wild West of enterprise devices, then the cloud is the still barely explored frontier to manage them. As IT organizations move from mobile device management (MDM) to mobile application management (MAM), actually gaining physical possession of the device to install controls can be difficult, particularly with far-flung employees. Cloud mobile application management aims to change that but, because it is still in its infancy, issues that are cropping up are just the tip of the iceberg and center around security, according to experts.
The issues with cloud-based MAM begin at the intersection of two variables: the performance of the cloud itself and the need for nimble mobile applications, according to Tom Nolle, president of Voorhees, N.J.-based consultancy CIMI Corporation. "Anytime you do a cloud application, application management is always complicated by the fact that, in the cloud, there's no static relationship between the application components and resources," he said. In the cloud, enterprises tend to encounter issues with performance that they don't see anywhere else, he added.
Add in the need for the applications to provide a point-of-activity experience that enhances productivity, and any cloud performance issues, whether from the MAM side or the application side itself, can defeat the purpose of putting a mobile device into an employee's hands, Nolle said. "If the application performance messes up even a little, that could create a situation where all productivity improvements have been lost."
MAM is more about the maturity of the organization and the strategy, rather than the features of the software.
Theo Priestley, independent analyst
To keep these two issues from intersecting, Nolle advised companies to set boundaries for what the tolerable latency limits are. "With application management in the cloud, you have to start at the top by using the quality of experience goals of the mobile worker's application," Nolle said. This requires, first, defining the range of productivity and conditions that the application must meet, such as a three-second display delay, then determining what happens outside of those conditions, like the worker getting frustrated and putting down the wrench while waiting for the application to load, he added.
Another downside of cloud-based MAM is that no vendor can manage everything, according to Theo Priestley, a U.K.-based independent industry analyst. "There are very few to manage both the devices and the applications effectively,' he said.
Because of this, enterprises need to know exactly what they need before choosing a cloud-based MAM provider. Any cloud-based MAM strategy needs to be from an application perspective, Priestley said. An application-based strategy includes security, over-the-air application updates and data security. Things that enterprises should consider before embarking on cloud-based MAM, he said, include remote software updates and distribution, whether or not they will create an enterprise-specific application store to create and provision applications, whitelisting and blacklisting, and allowing application store restrictions from the original equipment manufacturer itself.
However, looking at strategy is key to using MAM, Priestley said. "The biggest thing that gets me is when everyone says these are the things you should look for in particular software, but MAM is more about the maturity of the organization and the strategy, rather than the features of the software," he added.
Part of an enterprise’s cloud mobile application management strategy is to designate a person or small group to be in charge of deciding which applications users can download, according to Bill Claybrook, president of Concord, Mass.-based research firm New River Marketing Research. "If you just let anybody put anything in the application store, who knows what you might end up with," he said. "I would want to control what employees could download for the business side of the device so that if the device gets stolen, you can wipe the business applications off the device."
Provisioning the device is another best practice for avoiding security issues, Claybrook said. One technology allows enterprises to create a virtual phone on an employee's personal device, which segregates the enterprise applications, like access to the ERP system, in a virtual space, from consumer applications like Angry Birds. Space considerations may pose constraints, however. "It's not as much of an issue on a tablet … but with an iPhone with 8 GB or 16 GB, you have a problem," he said.
Security does play a big role in MAM as well, Claybrook said. To ensure access to data while maintaining enterprise security, enterprises need to consider the authentication process as well as what data users can access. Some enterprises may want to limit access to mission-critical data, while others may allow some access, such as read-only or minimal modification to that data, he said.
"From my point of view, the only way to manage the BYOD strategy is in the cloud," Claybrook said. "That way you can centralize control over security and managing the [enterprise] application store."
Follow us on Twitter at @CloudAppsTT.