BACKGROUND IMAGE: iSTOCK/GETTY IMAGES
The list of mobility-related acronyms gets longer and longer as technology evolves. There's MDM, MAM, MIM and now EMM: enterprise mobility management.
What can be confusing about these terms is that they all work toward the common goal of creating a more secure mobile enterprise, but they do so in different ways. Mobile device management (MDM), mobile application management (MAM) and mobile information management (MIM) help secure different levels of the mobile spectrum, from physical devices to their apps and data. But there's way more to enterprise mobility management (EMM) than that. Although MDM, MAM and MIM have specific use cases, they also overlap and work together, and they should all be a part of your mobile security strategy.
Benjamin Robbins, co-founder of Seattle-based mobile consultancy Palador, straightened out the differences between MDM, MAM and MIM, explaining how they can work together to improve enterprise mobility management.
What do people use MDM for most commonly?
Benjamin Robbins: Look at device management as kind of the front lines. You want to have device wipe, device lock. You want to track what's going on at the device level. But the best practices on how you approach mobile security have evolved to where MDM definitely has to be part of a larger strategy. It can't be the thing that you rely on to solve all your problems.
What are the most useful features of MDM?
Robbins: If I'm physically separated from my device, and there's no real chance of me getting it back, you want to shut down any possible means of losing the information that's on there. Besides email, calendar and contacts, potentially you've got documents on there that are proprietary information. So the ability to lock and wipe a device is still a use case that I don't see going anywhere any time soon.
What can't MDM do?
Robbins: That depends on your definition of MDM. You have a lot of MDM vendors that ... now offer application management capabilities, and potentially even information management capabilities. MDM doesn't do anything on the application level. It's usually a low-level solution that's concentrated on managing the devices, just worrying about the features at the OS level. And [MDM] definitely does not do anything at the information management level.
Do admins need MDM to handle bring your own device (BYOD)?
Robbins: BYOD versus corporate-owned devices really has more to do with provisioning and who will actually purchase the device than it does with securing. No matter whether you have a corporate-owned device or a personal device, you definitely want to have a security strategy that's going to encompass both.
More on enterprise mobility management
EMM options: MDM, MAM and MIM
Get the most out of your mobility program
Mobile device influx means you need an enterprise mobility strategy
Guide to enterprise mobile device management software
In terms of making BYOD easier, there are MDM platforms that help with device enrollment, setting the security policies on those devices, notifying users of those security policies and all those base features. [MDM's] not required, but it's part of looking at a larger mobile security strategy that meets [your] needs.
What's the difference between MDM and MAM, and how are they different from MIM?
Robbins: We call that "alphabet soup." All of those are really just feature sets inside enterprise mobility management. MAM is managing what's allowed on the device, what's not allowed, what applications you want to push to users [or] restrict.
And then MIM looks at securing the information itself. So forget the device. Forget the apps. If I actually lock down the information itself, that's really all I have to worry about: if I can control who's accessing it, when they're accessing, where they're accessing it from. The challenge with MIM is that it's really in its infancy, so while it sounds like the silver bullet, it's not necessarily there yet.
It seems like MDM, MAM and MIM cover some of the same things. Where do you see the overlap between them?
Robbins: It does depend on how flexible you are with your definitions. One platform may have some MAM functions that do what some MIM functions do, or some MDM functions that do what some MAM functions do. But as long as you're meeting the use cases that your organization has, I think it's less about the definition, because that could just bring confusion.
The end goal is to make sure that your information is secure, to make sure that your devices are secure. What's the best way to go about that? You want to look for something that's going to meet your needs in a singular platform that's going to grow with your organization. Devices will evolve. What mobility is today isn't what mobility is going to be tomorrow. You really need to make sure you're not looking at security from a where-we-are-today perspective. And that's kind of the downfall with MDM.
Merit Service Solutions answers unusual business model with mobile app