Mobile Device Management (MDM) has caught on with enterprises as the new mantra to protect corporate data on employee phones in a BYOD environment. Predictions at the start of the year said that two out of every three enterprises would deploy MBM systems over the next five years to manage corporate data on mobile devices. The MDM space is estimated to be a $784-mn worth market with 128+ vendors having entered the fray.
MDM, in essence, distributes applications, data and even configuration settings over the air, providing enterprises with greater control over what network users receive in their systems. It places the corporate data in a private phone inside a secure and encrypted container with the provision to lock or remote wipe this data. While security is the primary objective, there are collateral benefits of reduced costs and downtime as well. In short, MDM replicates a very successful cloud-computing model.
However, for all the hype surrounding MDM, it does not offer foolproof security.
It is possible to circumvent MDM security by injecting malware into the phone, if the user downloads a malware-infested app from the Android store or anywhere else. Such malwares could assume the form of surveillance tools, creating a hidden binary file to record and log data from the phone and transmit such information to its command and control centre. The encrypted container that MBM offers is not immune to such attacks. Mobile OS has in-built mechanisms to protect themselves against such attacks, but jailbreaking and rooting methods render such security mechanisms obsolete.
The security concerns apart, many MDM vendors continue to offer only limited capabilities. A big reason for the same is the plethora of platforms and multiple versions in the mobile space, each with their own configuration. Such multiplicity makes establishing standard MDM offerings impossible.
As things stand, the future of MDM looks bleak despite the rosy predictions. The industry has already started looking towards mobile application management and application shielding by wrapping a security policy container around the specific apps as alternatives to MDM.