Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

Mobile device management vs. mobile application management

Mobile device management and mobile application management do different things but also have some overlap. Knowing their differences is important.

When it comes to enterprise mobility management, IT administrators have a lot of choices. You may have wondered...

about all the different mobile device ownership models, acceptable use policies and management technologies that are available to implement. In this series, we tackle some of the biggest head-scratchers facing mobility admins to help you get things straight.

 Mobile device management and mobile application management are two of the more popular technologies for enabling secure smartphone and tablet use in the enterprise. They have different use cases, but some of their features overlap, and more vendors are combining the two technologies into single products.

That means mobile device management vs. mobile application management isn't necessarily the discussion you should be having in your IT department. Instead, take into account your users' needs, your organization's security and compliance requirements, and other factors, then decide which technologies will best help you meet those objectives. It may be one technology or the other, but it may also be a combination of both.

Mobile device management vs. mobile application management

Mobile device management (MDM) takes a full-device approach to securing and controlling smartphones and tablets. IT can secure access to the device by requiring the use of a passcode and keep sensitive data out of the wrong hands by remotely wiping a lost or stolen device. Other basic features of MDM tools include the ability to enforce policies, track inventory and perform real-time monitoring and reporting.

The problem with MDM is that the full-device approach can be too heavy-handed in an era where employees, not their employers, own their smartphones and tablets. Users may wonder, "If I only use my phone to check email at night, why do I have to enter my work password every time I want to use the phone?" or, "If I lose my phone, why does my IT department want to remotely wipe pictures of my dog?"

Let's get this straightMobile application management (MAM) offers more granular controls. MAM gives IT the ability to manage and secure only those apps that were specifically developed to work with a particular MAM product. In the example above, IT could wipe or cut off access to the employee's corporate email without deleting his dog photos. In fact, IT wouldn't even know the dog photos were on the device in the first place. Admins can also use MAM to deploy apps and limit the sharing of corporate data among apps.

But MAM has its own challenges as well. Because every app requires unique coding to work with each individual MAM product, the availability of apps for a specific platform can be limited.

Combining MDM and MAM

Why add MAM to MDM?
MDM takes care of basic security and controls, but mobile application management tools allow organizations to unlock the full potential of mobile devices. With MAM, IT can enable workers to get more real work done on their smartphones and tablets -- which is what they want in the first place.

Integrating MDM with enterprise data and apps
Some mobile device management tools can integrate with MAM to automatically deploy and update mobile apps. Others also offer mobile document management features that can tie in nicely to server-based applications such as SharePoint.

Using MDM and MAM for security
The general perception is that MDM is more of a security play, while MAM focuses on enablement. But don't sell MAM's application security capabilities short. Admins can use MAM products to create a catalog of safe, approved apps for employees to download, which supplements the blacklisting and whitelisting features found in most MDM products.

More MDM vs. MAM resources

MDM's pros and cons
Understanding the pros and cons of mobile device management can help set proper expectations. MDM accomplishes some pretty important security tasks, but it can be expensive, and it doesn't protect against every kind of data leak.

What to get out of MDM
All MDM products are different, especially now that the line between MDM and MAM products is blurring. You won't need every feature offered, but knowing what's available and how it can (or can't) meet your objectives is important. With this MDM checklist, nothing will slip through the cracks.

Controlling consumerization with enterprise app stores
One of the most common MAM features co-opted by MDM vendors is the ability to build and maintain enterprise app stores. Like their consumer counterparts, such as the Apple App Store and Google Play, enterprise app stores let users pick and choose the software they want to download to their devices. Enterprise versions take extra steps, however, giving IT the power to limit users' options and make available corporate apps that aren't found in public app stores.

Next Steps

IT can realize benefits from riding the MAM-only wave

Dig Deeper on EMM tools | Enterprise mobility management technology

Join the conversation


Send me notifications when other members comment.

Please create a username to comment.

What's your approach to mobile management?
App management is essential along with device management. We need focus of enterprise built apps, their updates and access as they relate directly with end users.
use lookout [premium pkg] mobile security for basic protection; eval'ing enterprise vendors ...
Many of the traditional MDM vendors now offer MAM as well. In BYOD scenarios, MAM is a better solution. The market is evolving very quickly. Should be investing in securing enterprise assets only meaning if the enterprise doesn't own the device, you should only secure the apps and data.
I am about to jump on a conference call right now with Westcon as we are considering their hybrid approach combining Maas360's MDM SW with BlueCat's MAM. Stay tuned to see how they look together! Rex
I agree that both MDM and MAM should be used when we are going to controlling the mobile devices used in enterprise environment.
Currently my ORG is managing only applications in mobile devices not yet managed the devices, since its need budgetary support and all kind like that but we are moving towards MDM together with MAM which we are hoping it will be soon.
Although we are looking at some MAM products we currently only use Exchange MDM
Our Company, Hi-Link, a VAR is exploring Hybrid options for our customers such as BYODShield from Westcon as a balanced approach to both MDM and MAM!
I wonder the implementing MDM and MAM has a high score. What kind of recommended tool for doing that?
My experience shpws different - >50% applying MDM & MAM is wishfull thinking only?
The MDM policies are made to configure devices to an "user level" (password, wifi, etc...).
The MAM policies are made to protect mobile devices from malicious apps (rootkit, data theft, ...)
These two mobile protection types are both important, but if we talk about SECURITY, the threats treated by MAM policies are more critical (criticality = occurence * gravity).
For example: if an app sends surcharged SMS you lose money EVERY TIME. If your mobile device does not has a configured password , it's a problem ONLY if the device is stolen.

The trend started with protecting the devices and hence MDM came into existence. With BYOD becoming popular, everyone wanted to control the Apps, and MAM became popular. End of the day, if you ask anyone, all they want to do is protect their data. Apart from managing devices and applications, providing secure access to data is very crucial. Letting end users access data using consumer grade services could lead to data breach.
What is the use of MAM and MEM if MDM is already there? MDM can manage the whole device, so why anything else required to manage mails and apps?