ras-slava - Fotolia
As companies increasingly support mobility, it becomes more difficult for IT to manage mobile applications. Apps need appropriate controls, such as secure connectivity, encryption and user authentication, and IT must distribute apps to the appropriate users. Plus, since few users have two phones anymore, there must be some separation between work and personal data.
Mobile application management software helps IT accomplish these tasks and more. There are two main categories of application management technology: device-level and app-level.
App- and device-level MAM
In the early days, Apple iOS and Google Android didn't have the best enterprise management capabilities, and many devices in the business world were personally owned. To compensate, enterprise mobility management (EMM) vendors and developers built security, management and data loss prevention features directly into apps themselves. Most EMM vendors, for example, offer their own secure, managed email, calendar and browser apps. They also work with independent software vendors (ISVs) and in-house developers to build security and management capabilities into apps through the use of software development kits and app wrapping technologies.
Even though iOS and Android have much better security features today, apps with built-in mobile application management (MAM) features are still important because they provide security and management that is independent of the underlying device. The downside is that most apps don't work with all mobile application management software, so it can be hard for IT to find a product that meets all its needs.
More recently, mobile device operating systems have begun to add more enterprise capabilities, including advanced mobile device management (MDM) frameworks that can provide MAM functionality. Examples of OSes and devices with those kinds of MDM frameworks include iOS 7 and higher, Android 5.0 and higher on devices that support Android for Work, Samsung Knox 2.0 devices and higher and Windows 10.
The advantage of this device-centric approach to MAM is that IT can use it with any app, not just a subset of enterprise-oriented apps. The downside is that, because it's tied to MDM, it requires IT to be able to trust and manage all devices, which isn't always possible.
Differences in mobile application management software
There are several scenarios where the differences between device-level and app-level MAM are important.
Securing devices' built-in email clients requires device-level MAM (and MDM), but using app-level MAM means IT needs to use a third-party email client. Some users prefer not to enroll their devices in MDM, and others (such as contractors) may not be able to. In these situations, IT can't use device-level MAM features.
Furthermore, most Android devices still don't support device-level MAM features, and some ISVs may not want to modify their apps to have app-level MAM features. In those cases, building an in-house or custom app makes it easier to incorporate app-level MAM features.
Some people say users appreciate the more native experience of device-level MAM and that it's easier for IT to manage. Others say the extra layers of security from app-level MAM are crucial. For the time being, we need both. MAM will continue to evolve. Mobile OSes will gain more MAM features, Android for Work will be available on more devices, and Windows 10 adoption will increase. At the same time, more ISVs will add enterprise management features to their apps. No matter what, IT admins need to know how to manage mobile apps.
This article originally appeared in the May issue of the Modern Mobility e-zine.
Learn how a new partnership promotes common MAM features.
Explore the world of cloud-based MAM.