Mobility management and security is getting a little less messy
Security and management in the mobility space, at least since the dawn of the iPhone, has always had a "figuring it out as we go along" quality to it. So far we’ve gotten away with it; even though the potential for significant security breaches via mobile devices has always been there, and even though compliance with best practices in mobility is a rare thing, I’ve seen no evidence that they are a significant source of actual breaches. The real problems are what they always have been: SQL injection, weak passwords, social engineering, and so on.
In the meantime, the market for products to manage and secure mobile devices has been maturing. Of course management and security should be closely-intertwined, if not run by the same products. That can be difficult when the major products don’t include more than trivial management capabilities and very little is compatible cross-platform.
This has created an opening for third parties, and those third parties have flooded into that opening. Several large and important companies have emerged, such as AirWatch, Good and MobileIron. They have all been on acquisition sprees and are attempting to fill out the gaps in their management capabilities.
But there are many, many smaller companies, and some of them have clever people and useful solutions. The only road open to them -- short of getting bought by some larger mobility company -- is to start to form alliances with each other to create more useful and complete solutions. An example of this came about recently when Notify Technology and MobileOps agreed to create WorkSecure, a combination of their products complete enough to compete at a high level. Appthority, Boxtone, Appcelerator, Apperian, and Happtique have all made similar moves.
No doubt, when large companies evaluate mobile security solutions, or any product, a big part of it is counting the checkboxes that matter to them. WorkSecure checks a lot of boxes. This has a better chance of getting it in the door when Faceless National Bank conducts its bake-off of mobility solutions.
In the bigger picture, there are two solutions to the lack of standards, assuming you see it as a problem: agreed-upon standards and de-facto standards. There actually is an organization working on industry standards in this space: The Open Mobile Alliance (OMA). It has some backing from Microsoft in Windows 8.1 and RIM is also a member, as are most of the major carriers and many large Android OEMs (including Samsung), but neither Apple nor Google are.
I see more of a future for de-facto standards. Apple has begun to include MAM (Mobile Application Management) capabilities in iOS with version 7. BlackBerry (for what it’s worth) already includes these features in BES 10, and attempts to do what it can with iOS and Android. Samsung is attempting some of the same with its SAFE initiative. I haven’t heard that Samsung or BlackBerry are going to conform to OMA in their products or share their technology with the Alliance.
But clearly Apple, Samsung and BlackBerry are on to something. The basics of security and management, if not the more cutting edge stuff, should be in the operating system. It would be better and more logical for them all to agree on some standard interfaces for it, but sadly that seems to be limited to the basic MDM API created by BlackBerry back when it was pretty much the whole smartphone market.
And allow me a moment here to express disappointment with Microsoft. Even though it’s good it seems to be on the OMA bandwagon, its own mobile products (other than Windows 8 on tablets) have only the crudest management capabilities, and its management tools are uninspiring. I expected more from the company.
So even if a certain amount of basic security becomes included with the product it appears that the overall market will still be a mess, and that should leave plenty of opportunities open for competitors, large and small. I don’t see any consolidation happening sufficient enough to lead the overall market in one clear direction.
If you’re a buyer, this means that you should have an increasing selection of options, from large and small companies, that can provide workable solutions. It won’t, however, translate into that one safe choice you can make. You still have a lot of work to do, figuring out which works best for your organization’s needs.