Skip the navigation

MDM: Part of the mobile security solution?

By George V. Hulme
March 19, 2012 11:27 AM ET

CSO - The good news for enterprises: Mobile devices are packed with power. A new iPhone is 100 times lighter, 100 times faster, and 10 times less expensive than the luggable notebooks of the early 1980s.

What's good news for enterprises is also bad news for CISOs. Mobile devices can store substantial quantities of data, the applications are powerful, and their network speeds are forever increasing. And, oh yeah, users are bringing their own devices, downloading their own apps, surfing the Web from whatever connections they choose--all with little to no direct control by the enterprise.

[Also see 5 questions to ask about your mobile device security policy]

To help make mobile devices more manageable, enterprises are increasingly turning to mobile device management (MDM) applications and services. And MDM can help with security issues--but how much? Experts say this tool can absolutely reduce mobile risk. But they also say relying on an MDM-only mobile security program is like sitting on a one-legged stool.

Mobile Mania

According to Forrester Research, there are more than 40 vendors in the MDM market, offering software with core features such as configuration management, troubleshooting and support, inventory, remote control and reporting capabilities. The market is growing: Research firm IDC pegged the MDM market at about $265 million in 2009, growing at more than 9 percent annually. The firm expects that growth rate to rise to more than 10 percent next year.

These applications reduce risk by being able to detect and remotely wipe data, and by enforcing password and encryption policies.

"It makes sense to move to MDM and enforce security policies in a more automated way," says Pete Lindstrom, research director at Spire Security.

"With mobile device sprawl, and the value of the applications and data on the devices increasing, more enterprises are going to want to manage the configuration of the devices, what the devices are and where they're being used--many of the things one would expect in traditional asset-management capabilities," he says.

However, just as traditional asset-management applications helped create some level of security and control over notebooks and telecommuters' systems, they certainly fell short of managing everything necessary to keep those systems and data secure. MDM will be no different.

Dig Deeper Than Just the Device

"You can't just focus on the device and expect to have a high level of security," says Rafal Los, chief security evangelist at HP Software Worldwide.

"You have to look at the system holistically. That includes the infrastructure, the applications, how data is accessed and used," argues Los. "That includes looking at not only the inherent security of the applications on the device, but also the application servers and databases they connect," Los says.

Originally published on Click here to read the original story.
This story is reprinted from CSO, an online resource for information executives. Story Copyright CXO Media Inc., 2006. All rights reserved.
Our Commenting Policies
Consumerization of IT: Be in the know
consumer tech

Our new weekly Consumerization of IT newsletter covers a wide range of trends including BYOD, smartphones, tablets, MDM, cloud, social and what it all means for IT. Subscribe now and stay up to date!