This content is part of the Essential Guide: Enterprise mobile management's evolution
Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

Enterprise mobility management: Choosing the right approach

Enterprise mobility management is different for every organization, but it should touch on the areas of device, app and information management.

The list of mobility-related acronyms gets longer and longer as technology evolves. There's MDM, MAM, MIM and now EMM: enterprise mobility management.

What can be confusing about these terms is that they all work toward the common goal of creating a more secure mobile enterprise, but they do so in different ways. Mobile device management (MDM), mobile application management (MAM) and mobile information management (MIM) help secure different levels of the mobile spectrum, from physical devices to their apps and data. But there's way more to enterprise mobility management (EMM) than that. Although MDM, MAM and MIM have specific use cases, they also overlap and work together, and they should all be a part of your mobile security strategy.

Benjamin Robbins, co-founder of Seattle-based mobile consultancy Palador, straightened out the differences between MDM, MAM and MIM, explaining how they can work together to improve enterprise mobility management.

What do people use MDM for most commonly?

Benjamin Robbins: Look at device management as kind of the front lines. You want to have device wipe, device lock. You want to track what's going on at the device level. But the best practices on how you approach mobile security have evolved to where MDM definitely has to be part of a larger strategy. It can't be the thing that you rely on to solve all your problems.

What are the most useful features of MDM?

Robbins: If I'm physically separated from my device, and there's no real chance of me getting it back, you want to shut down any possible means of losing the information that's on there. Besides email, calendar and contacts, potentially you've got documents on there that are proprietary information. So the ability to lock and wipe a device is still a use case that I don't see going anywhere any time soon.

What can't MDM do?

Robbins: That depends on your definition of MDM. You have a lot of MDM vendors that ... now offer application management capabilities, and potentially even information management capabilities. MDM doesn't do anything on the application level. It's usually a low-level solution that's concentrated on managing the devices, just worrying about the features at the OS level. And [MDM] definitely does not do anything at the information management level.

Do admins need MDM to handle bring your own device (BYOD)?

Robbins: BYOD versus corporate-owned devices really has more to do with provisioning and who will actually purchase the device than it does with securing. No matter whether you have a corporate-owned device or a personal device, you definitely want to have a security strategy that's going to encompass both.

More on enterprise mobility management

EMM options: MDM, MAM and MIM

Get the most out of your mobility program

Mobile device influx means you need an enterprise mobility strategy

Guide to enterprise mobile device management software

In terms of making BYOD easier, there are MDM platforms that help with device enrollment, setting the security policies on those devices, notifying users of those security policies and all those base features. [MDM's] not required, but it's part of looking at a larger mobile security strategy that meets [your] needs.

What's the difference between MDM and MAM, and how are they different from MIM?

Robbins: We call that "alphabet soup." All of those are really just feature sets inside enterprise mobility management. MAM is managing what's allowed on the device, what's not allowed, what applications you want to push to users [or] restrict.

And then MIM looks at securing the information itself. So forget the device. Forget the apps. If I actually lock down the information itself, that's really all I have to worry about: if I can control who's accessing it, when they're accessing, where they're accessing it from. The challenge with MIM is that it's really in its infancy, so while it sounds like the silver bullet, it's not necessarily there yet.

It seems like MDM, MAM and MIM cover some of the same things. Where do you see the overlap between them?

Robbins: It does depend on how flexible you are with your definitions. One platform may have some MAM functions that do what some MIM functions do, or some MDM functions that do what some MAM functions do. But as long as you're meeting the use cases that your organization has, I think it's less about the definition, because that could just bring confusion.

The end goal is to make sure that your information is secure, to make sure that your devices are secure. What's the best way to go about that? You want to look for something that's going to meet your needs in a singular platform that's going to grow with your organization. Devices will evolve. What mobility is today isn't what mobility is going to be tomorrow. You really need to make sure you're not looking at security from a where-we-are-today perspective. And that's kind of the downfall with MDM.

Next Steps

Merit Service Solutions answers unusual business model with mobile app

Dig Deeper on EMM tools | Enterprise mobility management technology

Join the conversation


Send me notifications when other members comment.

Please create a username to comment.

So do MDM, MAM, and MIM combined more or less equal enterprise mobility? With MDM products such as Bushel (, it would appear that MDM is becoming inclusive of MAM and MIM as well. Does this mean something like Bushel is more an enterprise mobility product than an MDM product?
At the moment, at least with my organization, it's still a BYOD world, so short of app rollout and removal, there's little that's currently done to handle direct management of devices. For those who do get the devices paid for by the company (sales, etc.) they definitely have systems in place to manage both content and security of the devices, as well as to enable/disable them remotely if needs be.