GDS International - CIO - Summit - US - 3

Achieving True Enterprise Mobility:

MDM Is Only Halfthe Battle

CITO ResearchAdvancing the craft of technology leadership

December 2011

Sponsored by Fiberlink

Contents

Introduction 1

Security, Scale, and Simplicity 1

A Tale of Two Mobile Management Paradigms 3

True Enterprise Mobility 4

MaaS360 from Fiberlink 6

Conclusion 7

1Achieving True Enterprise Mobility:MDM Is Only Half the Battle


IntroductionTo achieve true enterprise mobility, mobile device management (MDM) is only half the battle. On its own, MDM only controls the shell of a device, and not the personal-ity—applications. Organizations today need to enable and simplify distribution, man-agement, security, compliance, and updating for these apps. It’s a management battle with many fronts and shifting targets. MDM offers part but not all of the solution.

Organizations need fast, low-cost solutions for enabling employees to comply with legal, corporate, and IT requirements. They need a holistic approach to enterprise mobility, as more staff bring their own devices to work and expect IT to support them—while IT maintains the security and integrity of corporate data and applica-tions on those devices. If you need to enable consumer smartphones and tablets in the enterprise, you’ll need more than MDM.

To date, IT has led the MDM charge. But now line-of-business teams are also leading the charge for mobile apps to increase productivity, customer satisfaction, and com-petiveness. Enabling these apps requires comprehensive mobile application manage-ment (MAM) as well as device-level control. Devices and apps seek to be harmonized, if things are off key—the result is enterprise mobility deployment with gaps. For instance, if you don’t have a document-sharing application for corporate files, users might download a consumer app, like Dropbox, and open security holes. Just like that, your business plan could end up in the wrong hands.

In this paper, CITO Research explains how to chart a path to true enterprise mobility, where two capabilities converge into one with an added dimension: the ability to manage the ever-shifting mobile app landscape securely in the cloud.

Security, Scale, and SimplicityManaging enterprise mobility is multidimensional. You need security. You need scale to meet the needs of myriad users. And somehow, you need to keep all this simple.



SecurityIt’s one thing to build an app and push it out to your staff, but how do you ensure that:

• users get access to only their authorized apps?

• you can remove apps when users leave the company?

• devices aren’t jailbroken or rooted?

Employees who bring their own devices to the workplace expect access to corporate data. Most consumer applications and devices have limited security controls, leaving corporate data vulnerable. IT must protect sensitive corporate data from leaks or cor-ruption. Yet if IT denies use of corporate apps and data, employees may “go rogue” and find a way around the policy.

Data will be lost if devices are not adequately protected. Built-in cameras can pho-tograph sensitive documents and instantly upload them to the Internet. Automatic syncing with cloud-based file sharing services such as Dropbox or iCloud can instantly launch your unreleased sales figures into the universe for anyone to potentially see.

ScaleIf you have been charged with distributing mobile apps to a large user base across multiple devices, you’re probably asking: How many people should access and down-load these apps at any given time? How will you keep up with upgrades and patches? What happens when 1,000 employees try to download the same app at once? Do

Authentication andauthorizationContext-based securityApp whitelist and blacklist

Security Scale Simplicity

Rapid deploymentHosting and distributionVolume purchase

Uni�ed managementEnterprise app catalogSeamless updates

The Three S’s of Enterprise Mobility



you have native support for the latest mobile operating systems and devices, such as Apple iOS 5 and Android 4.0? Traditional, on-premise solutions are buckling under the strain of these questions, leaving breadcrumbs of failed downloads and varied versions across the range of mobile devices. These solutions are not designed to eas-ily support elastic scalability or rapid growth in user adoption. A true software as a service (SaaS) platform running in the cloud lets companies easily add mobile devices and apps, as requirements change. Apps can be distributed and updated as needed without installing new infrastructure.

SimplicityTo be viable, your enterprise mobility strategy has to simplify mobility management. Enrollment and configuration are only the beginning. You have to quickly and easily apply policy and application updates. At the same time, you must often juggle com-peting demands for user support, device upgrades and updates, internal business policies, and external compliance regulations.

Unless you plan to reconfigure existing systems and networks, think about enabling mobility through a cloud-based architecture. Consider how you will add devices and apps with simple, automated workflows and provide a seamless experience for man-aging both from a single console, efficiently streamlining time-consuming tasks. A cloud-based service for mobile devices and apps is dramatically easier to implement and manage, compared with heavyweight on-premise servers. For the employee, everything from device enrollment to app access and updates must be simple and similar to their native device experiences.

When mobile device and mobile application management converge into a single solution, the three “S’s” can thrive.

A Tale of Two Mobile Management ParadigmsIndividually, the two mobility management paradigms—mobile device management and mobile application management—have fallen short of their promise as total enterprise mobility solutions.



Mobile Device ManagementMobile device management (MDM) is a set of capabilities for controlling the more complex aspects of smartphones and tablets in the enterprise. With MDM, you can configure security settings, apply policy, automate actions, and enforce compliance.

To further support security, MDM may offer context-based rules, such as turning services on or off, depending on whether the user is in the workplace or offsite, head-ing off data loss and excessive roaming charges. On some platforms, you can remove documents if a certain user leaves the premises. Or, if a user downloads an unauthor-ized app, an automated action can block email access, restrict device features and apps (such as blocking use of the camera or iCloud), or remotely wipe the device.

Using an MDM platform, you can empower individuals to manage their devices with-out calling IT, enhancing simplicity. For instance, if your tablet is missing, you can log into your company’s end-user portal and determine its location. Users can remotely reset passwords or wipe their device (if it’s lost or stolen).

Mobile Application ManagementMobile application management (MAM) provides the ability to distribute and update mobile applications, supporting scale, simplicity, and security. Rather than install servers, you can use a cloud-based SaaS solution to manage both public and in-house apps, delivering them through an application distribution system (scale) and pre-senting them to employees through a “company app store” (simplicity). This way, custom and public applications can both be delivered securely (security) from a single user interface, without straining your internal systems. You can automatically push updates and patches from a management console to your company app store. Further, MAM simplifies the process. You can manage volume purchases from Apple’s App Store and upload redemption codes to streamline the provisioning, license man-agement, and administrative process—which definitely beats sifting through 1,000 $1.00 expense reports.

True Enterprise MobilityMobile device management and mobile application management come together. Convergence leads to empowerment. With true enterprise mobility, administrators and developers get a complete picture and can seamlessly manage mobile apps operational and security lifecycle.



True enterprise mobility makes scenarios like these possible:

• Set app security policies, including required (whitelist) and disallowed (blacklist) applications

• Enable enforcement rules for out-of-compliance devices, including active alerts, email blocking, device restriction, and remote wipe

• Ensure only authorized users have access to in-house apps from their mobile devices, and that the apps are hosted in a cost-effective and secure environment

Mobile Device ManagementSecurity con�gurationContinuous monitoringPolicy enforcement

Mobile Device ManagementSecurity con�gurationContinuous monitoringPolicy enforcement

Mobile Application Management

Enterprise catalogsDistributionAccess controls

Mobile Application ManagementEnterprise catalogsDistributionAccess controls

True EnterpriseMobility



Benefits of True Enterprise Mobility

MaaS360 from FiberlinkConquering mobility and harnessing it for business success involves battles on many fronts. Those battles shift almost by the hour. In surveying this market, CITO Research found that a cloud-based solution makes a great deal of business sense. Not only does MaaS360 represent a convergence of MDM and MAM that addresses the full spectrum of requirements for enterprise mobility, but Fiberlink offers it in a cloud-based, mobili-ty-as-a-service platform, combining the functions of mobile device management and mobile application management in one integrated offering.

With this approach, you can enforce mobile device management policies and devel-op best practice workflows for managing the complete lifecycle of mobile apps. And through a secure, web-based management console, public apps from the Apple App Store, Android Market, and apps developed in-house can be easily added to a master enterprise catalog and distributed over the air to all users, groups of users, or indi-vidual devices.

With MaaS360, enterprises can:

• Deploy fast: Gain instant access to mobility management and security with no additional on-premise hardware required to install and manage

• Scale effortlessly: From a small group to a large global rollout, you can turn up devices and apps, on demand

• Automatically upgrade: Through a continuous stream of new capabilities that are rolled into the platform, you are always using the latest version and never have to deal with change control or downtime

Benefits Description Security Scale Simplicity

Development Enhancement

Improve the security profile of your own apps under develop-ment by adding authentication and authorization layers. En-force contextual security policies—without which proprietary apps could be downloaded to compromised devices.

X X

Cloud Capacity Handle the flood of upgrades and downloads through a cloud-based solution for hosting and distributing apps.

X X

Improved IT Productivity

Distribute the right applications (in-house or purchased)—to your users.Reduce cycle time and track and monitor app use on devices. Provision and monitor compliance from a single web-based console.

X X X



CITO ResearchCITO Research is a source of news, analysis, research, and knowledge for CIOs, CTOs, and other IT and business professioals. CITO Research engages in a dialogue with its audience to capture technology trends that are harvested, analyzed, and communicated in a sophisticated way to help practitioners solve diffi cult business problems.

• Keep corporate data secure: MaaS360 provides end-to-end security and compli-ance management capabilities to protect information on mobile devices

• Manage mobility with minimal investment: With zero infrastructure and a pay-as-you-go subscription model, MaaS360 delivers unmatched aff ordability and rapid time to value

ConclusionHow can you achieve true enterprise mobility? When mobile device management and mobile application management converge. And with convergence you get the three S’s: security, scale, and simplicity. You can fi ght the whole battle, not just half. Mobile device and application security, control, distribution, and management all become streamlined processes using MaaS360. You can deliver operational and security lifecy-cle management capability for all apps across multiple device platforms. IT managers, employees, and management can all sleep at night, untroubled by nightmares of lost phones, leaked data, and unsuccessful app downloads. With true enterprise mobility from MaaS360, corporate data is protected, and your organization is more productive, responsive, and maybe even a little happier.

In Practice: Hawthorn PharmaceuticalsMaaS360 has already become a major component of the mobile workforce in companies such as Hawthorn Pharmaceuticals, which uses MaaS360 to manage the iPads used by its entire sales force. Because of the sensitive nature of medical information, Hawthorn needed the ability to remotely wipe data from lost or stolen devices.

Hawthorn developed an application that allows doctors to sign o� on sample deliveries, directly on the iPad. Rather than host the app on its own premises, Hawthorn distributes its app in the cloud using MaaS360, saving on infrastructure cost without compromising security. Hawthorn was able to roll out the app in just two weeks versus an estimated six to eight weeks for other approaches.

This paper was sponsored by Fiberlink and created by CITO Research

Technology

GDS International - CIO - Summit - US - 3