Posted by:Ranjani Rao November 30th, 2011

Brainstorming on the risks faced by modern day enterprises owing to the rising demand of employees wanting access to enterprise data on diverse mobile devices, IT staff enthusiastically brandish the Mobile Device Management (MDM) flag. What is MDM though? And can enterprises rely on MDM alone for a robust and secure infrastructure?

MDM solutions are being adopted by multiple enterprises in an increasingly Bring Your Own Device (BYOD) environment to manage, support, secure and monitor the use of mobile devices by employees. These solutions offer features similar to RIM’s BES features that make BlackBerry such a popular corporate device. However, with consumer choices becoming more heterogeneous and RIM losing share to iOS and Android, enterprises have to think beyond BlackBerry.

MDM solutions rely heavily on the security features provided by a mobile device’s OS manufacturer. These vary across devices and obviously pose a challenge to IT administration. For example, Android devices do not support hardware encryption. MDM solutions implement policies by enforcing secure passwords, disallowing application’s access, and remotely wiping and locking devices for corporate data protection.

The weakness of MDM solutions lie in their lack of application level security, cumbersome usage for employees even when accessing personal data, and lack of differentiation between corporate and personal information. Therefore, an MDM solution alone is not ideal.

There’s no doubt that MDM is better than no MDM. But it should be supplemented with sandboxing of data. The way to reduce personal inconvenience while protecting corporate data is segregating personal and corporate data on the device, implementing application level security – allowing only certain authenticated applications access to corporate data, authenticating individual devices for enterprise network, restricting hacked and jail broken devices, and allowing only encrypted data from device to enterprise server.

What’s the advantage of this two-tiered approach? It frees employees from restrictive policies that prohibit access to say, App Store or the installation of certain apps. Secondly, entering secure and strong passwords is needed only when apps that access corporate data are used. Plus, by authenticating the apps first, enterprises bar third party and possibly malicious apps from accessing corporate data. In case of remote wipe and lock (if device is stolen or lost), only corporate date will be erased, not personal data. Thus, employee privacy is maintained.

Many MDM vendors today offer this additional feature as part of a complete MDM enterprise security solution. It includes functions that make the life of IT administrators that much easier by supporting hierarchy of role and responsibilities, making maintenance and rollout of OTA updates safe, and offering helpdesk functions to support users.


According to a 2011 Strategic Security Survey conducted by InformationWeek Analytics, only 33% of 1,084 business technology and professionals said that an MDM policy is active in their enterprise; 36% are still evaluating; and 25% do not have an MDM policy, with no plans for implementing it either.

This is slow going and that too when MDM alone is not enough. There is immense BYOD pressure from employees in corporate and that’s only going to increase across the globe. Enterprises must have a BYOD security policy in place to protect themselves and their customers.

So, eager to learn why your business MUST take notice of Mobility ? Or want to decide which app is a right fit for your business? Download your choice !

Leave a Reply

Your email address will not be published. Required fields are marked *