Mobile Device Management (MDM) is all the rage right now in corporate IT circles. Everyone it seems is rushing to find the perfect MDM that balances security, functionality and ease of use. IT is scrambling to figure out how to best allow and control both corporate and personal mobile devices like iPhones and iPads. MDM is one of the few tools that can provide IT some control over these things. Neither Apple or Google have released their own MDM solution yet (like blackberry has) so several companies are starting to enter into the young MDM marketplace. Here is a look at a few of the MDM companies that I've run into lately and that Gartner placed in their Leaders Quadrant.
MobileIron - I have heard very good things from the customers I know that are using it in production. It works very similarly to a Blackberry BES server. This makes it particularly useful for MDM of corporate owned devices. For personal devices it could get a bit intrusive if you set your policies to harsh. MobileIron is known for its great reporting and fancy dashboards. The GUI is pretty slick and easy to understand. It works as a hardware appliance or a VM appliance. Rumor is they will have a SaaS offering sometime this year as well. That would be very nice indeed. MobileIron can control just about everything you can think of on an iOS device: remote wipe, application install, patch and versioning control, usage monitoring, screen lock, software distribution, remote lock, Jailbreak detection, compliance reporting, block use of external memory cards like SD, encryption policy, rogue app protection, certificate distribution, backend virus scan, lost phone recovery, and many other features. The one major feature it lacks is a virtual sandbox environment for protecting corporate data.
To see more on MobileIron go here www.mobileiron.com
Good Technology - For managing the bring your own device to work crowd, the Good solution is hard to beat. I've also heard positive feedback from customers that are using this solution. Those that tried it 6-8 months ago had some mixed results but apparently the software has gotten much better recently and user satisfaction has been high. Good Technology's Good for Enterprises solution is heavily biased towards secure messaging and secure data storage. It basically creates a AES encrypted sandbox on your mobile device. Inside that workspace you have your email, calendar, browser, Good applications (limited support), and secure storage for downloaded documents. The workspace is encrypted using Good's own technology and does not rely on the device. The solution puts a username and password requirement for entry into the Good app workspace for added security but can also control and audit the device itself to a limited extent. For example, it supports remote wipe, blacklist/whitelist of applications, software distribution, device audit. This solution lacks robust application controls (the white/black lists only determine if they can access the sandbox not if they can load the application on the device) and requires that you run all of your encrypted traffic through the Good NOC. The email and calendar apps that are native to the device do not work with this solution, users must use the Good email and calendar apps inside the secure workspace environment. As I see it the strengths of this solution are really for personally owned devices that need corporate IT security without having to give up complete control of your own device.
To learn more about Good Technologies see here:
Afaria by Sybase and AirWatch - I haven't seen these two in customers just yet but I expect to. They seem to have full solutions and are the last two named in the leaders quadrant by Gartner. AirWatch has a SaaS offering for MDM which could be attractive to some. For more information check out there websites at:
To download the Gartner MQ for MDM go here:
To read my MDM wish list see here:
The opinions and information presented here are my PERSONAL views and not those of my employer. I am in no way an official spokesperson for my employer.
More from Jamey Heary:
* Credit Card Skimming: How thieves can steal your card info without you knowing it
* Google Nexus One vs. Top 10 Phone Security Requirements
* Why you should always shred your boarding pass
* Video rental records are afforded more privacy protections than your online data
* The truth about new SSL attacks
* 2009 Top Urban Legends in IT Security/a>
Go to Jamey’s Blog for more articles on security.
Jamey Heary, CCIE #7680, sits on the PCI Security Standards Council- Board of Advisors where he provides strategic and technical guidance for future PCI standards. Jamey is the author of Cisco NAC Appliance: Enforcing Host Security with Clean Access. (Check out all of Jamey Heary's books from Cisco Press.) He also has a patent pending on a new DDoS mitigation technique.
Jamey sits on several security advisory boards for Cisco Systems and is a founding member of the Colorado Healthcare InfoSec Users Group. He is an experienced speaker who is recognized as an expert in network security architecture, regulatory compliance, and routing and switching. His other certifications include CISSP, CCSP, and he is a Certified HIPAA Security Professional. He has been working in the IT field for 15 years and in IT security for 10 years. Jamey is currently a Distinguished Systems Engineer at Cisco Systems.