I am a huge fan of mobile device management (MDM), and I think this exciting technology is now well on its way to becoming a key element in IT operations. Mobile devices in many forms -- handsets and all types of mobile computers -- are now the new edge of your network. Forget the perimeter -- whatever that used to mean. You need to control provisioning, access, security, integrity, and every other IT element that keeps your shop productive, whether the edge of your network is down the hall or in someone's pocket in Rangoon. And that, in a nutshell, is the essence of mobile device management.
So MDM faces a pretty tall order. Just think for a moment about all that's required here and you'll see that the list is just as long as we've seen for more traditional network and IT elements within the traditional four walls.
First, there's provisioning -- getting the handset operational and properly configured. This almost always involves loading a mobile device management client onto the handset (we're really just considering smartphones and platform phones here, so this isn't too hard), but we need to make sure the client is always available and can't be disabled. Think of it as a beneficial rootkit, and already the technical challenges appear.
Next, we need to have this client communicate with back-end systems to do policy (security and usage) enforcement, configuration management, and remote control to explore and remediate problems as they are detected or reported, establish and enforce security, maintain integrity, disable (and possibly wipe) the device if it's reported lost or stolen, fix application settings, monitor usage, and process updates and changes, to name just a few major mobile device management operational categories. Of course, like all management systems, the client-server model is important here, and the MDM server needs to handle a large number of clients while automating routine tasks and otherwise augmenting the productivity of help desk and other support staff -- a tall order, indeed.
There's a big question to consider, though, once we've defined the scope of a particular MDM operation: Which entity should actually provide the MDM services? MDM is clearly a natural fit in carrier networks. After all, they have provisioning, updating, and various control and monitoring functions that they need to do for consumer and enterprise users alike. So it makes a good deal of sense for operators to provide, on an outsourced basis, a potentially huge array of mobile device management services to enterprises. By and large, though, carriers don't yet see the business opportunity here and thus aren't usually set up to offer this capability. So this model is relatively rare today, although I think it will increase in popularity over time as just another outsourced service.
So, in the interim -- and perhaps for longer -- it may make more sense for the enterprise to provision MDM on its own. This approach has the added bonus of being able to maintain end-to-end security no matter which carrier is used, as carrier personnel never have access to critical data on handsets, for which, of course, your MDM solution is securing and enforcing access policies. But this level of effort may be more than many enterprises can undertake today. That's why I think a hybrid model -- outsourcing many mobile device management functions but keeping data management in-house -- may, over time, become the most popular of all.
And I think you'll find -- again, over time -- that MDM becomes a default capability, with standards (like the Open Mobile Alliance's Device Management effort) easing the path and APIs providing the flexibility needed to address any enterprise MDM applications. But, no matter how it's implemented, mobile device management is going to become a key element in your mobility solution going forward. There's already a good array of products and services to choose from, and, as we're really just getting started here, you should expect mobile device management to remain a hotbed of innovation for the foreseeable future.
About the author: Craig J. Mathias is a principal with Farpoint Group, a wireless and mobile advisory firm based in Ashland, Mass. The company works with manufacturers, network operators, enterprises, and the financial community in technology assessment and analysis, strategy development, product specification and design, product marketing, program management, education and training, and the integration of emerging technologies into new and existing business operations, across a broad range of markets and applications. Craig is an internationally recognized expert on wireless communications and mobile computing technologies and has published numerous technical and overview articles on a variety of topics.