How far should you go with Mobile Device Management?

Originally posted May 16, 2012

The latest IT craze today seems to be Mobile Device Management (MDM) and may have a gravitational pull equal to or greater than that of VDI.  The topic of MDM also pulls towards it the ideas of Mobile Application Management (MAM), Mobile Content Management (MCM), and Mobile Access Management (also MAM).  This new found interest is driven partly by the fact that we, as regular employees, have unprecedented access to greater mobile computing powers than we have ever been able to utilize before.  To this point, I doubt you can walk more than ten feet in a public area without crossing paths with someone who has in their possession a smartphone or tablet.  This personal device computing trend has spilled over into the corporate environment, beyond just the use of smartphones for email access.  I discussed the topic of personal computing and its evolution in my previous post here.

If your company allows access to corporate email from smartphones, then you are already engaging in MDM.  The policies put in place to allow access external connections to the corporate mail server is one legacy example of MDM.  The trend forward, however, is accelerating due to consumer items such as iPad and Dropbox, and creating a need of IT to develop strategies for broader management as opposed to just opening up email access.  End users are finding more and more ways to be productive without the intervention of IT.  Brian Madden wrote an interesting article on how IT is now competing with the wave of consumerization.  I admit, I have to agree with his assertion.

But what does this all mean? What should IT organization do to meet this trend head on?  It is these question that has allowed the recent formulation of a technology space and a vast array of companies are trying to fill it.  The truth is, right now there is not a solid answer on how to facilitate the ever growing need of IT consumerization.  Some believe that you should only manage the applications and data.  But where is the dividing line?  Do you manage just the corporate applications and data or do you implement broader control of all resources on the device?  Some believe that you should outright manage the device.  But you still need to determine the level of management.  Do you control the entire device?  This would not likely be well received if we are talking about a personal iPad.  So then should we only facilitate the selective management of the device?  How?  Some believe that we can get away with just managing the access of the corporate data and application from those devices.  Do these concepts only extent to BYOD or should they apply to both personal and mobile corporate devices?  Whatever the answer or solution is, it will have to facilitate the needs of the end users to be productive while maintaining security and compliance, as well as, not be too complex for wide adoption by IT.  I don't believe there is a standout solution in this area yet but I suspect it wont be long till we see one.