Status of Mobile Device Management (MDM)
Is the hype about MDM over?
According to a recent study by the 451 Group research firm:
- Fewer than 15 percent of enterprises have deployed an MDM tool beyond Microsoft Exchange’s native capabilities.
- Most organizations feel that encryption and password requirements, coupled with the remote lock and wipe capabilities, provided by Exchange is sufficient
So, do you really need to look into all the MDM products and try to justify the ROI?
Is Microsoft Exchange Active Sync (EAS) sufficient for you MDM needs?
- Transmission Encryption: Requiring the use of SSL encryption for communications.
- Strong Authentication: Supports the use of two-factor authentication or private/public keys for SSL certificates.
- Remote Wipe: If a mobile phone is lost, stolen, or otherwise compromised, one can issue a remote wipe command from the Exchange Server computer or from any web browser by using Outlook Web Application.
- Device Password Policies: Configurable option for device passwords – (1) Strength of password, (2) Inactivity time (3) Enforce password history, (4) Enable password recovery, and (5) Wipe device after failed attempts.
- Device Encryption Policies: Can be set for group of users – (1) Requiring encryption on device and (2) Require encryption on storage cards.
- No capability of managing applications on the device
- No way of identifying which mailboxes have a mobile device paired with it or identify the number of mobile devices or type of mobile devices paired with a mailbox.
- No audit trail – which may be needed for compliance need.
- No way to get device inventory.
- No private App Store.
- No Mobile virtualization or secure app containers.
What if you are looking beyond what EAS provides?
There is a movement to erasing the artificial division between mobile and desktop management. There is a shift away from standalone “mobile device management” to “enterprise mobility management”.
There does not seem to be any open source MDM solution available – I have looked but have not been able to find any.
Do let me know if you have come across any solution.