« Will Good Technology's IPO Be Better than Good? | Main | Apperian Goes Big on User Acceptance Testing »

08/15/2014

EMM Vendors not Doing Enough to Satisfy Mobile Security Requirements

Securing mobile deployments in a fragmented security landscape

VDC will be releasing its annual mobile security report next week, which takes an in-depth look at how enterprise mobility management (EMM) vendors have enhanced their mobile security capabilities and how ownership models like that of BYOD impact mobile security investments, as the line between personal computers and mobile devices is increasingly blurred. While the mobile hardware race is in full swing, so too is the battle among mobile ISVs, who are all vying to be the primary provider for an increasingly broad range of mobile solutions for today’s enterprise. An ever-growing mobile workforce carries with it an increasing amount of potentially vulnerable data ranging from emails and attachments, voicemail and private corporate data.  Vulnerabilities such as malware, direct attacks, data interception, exploitation, and social engineering all have transitioned into the mobile space as fluidly as the operating systems themselves. In addition to having a significant financial impact, such breaches can cost organizations in terms of lost time and productivity. As a result, infrastructure investments for mobile management and security are rapidly become a top priority for CIOs, CISOs and IT leaders.

There is no silver bullet

Traditional MDM vendors have expanded their functional range to include integrated end-to-end enterprise mobility management platforms, which incorporate key app, content and network management capabilities; although organizations are recognizing that more is needed to ensure that their devices are secure in a constantly evolving threat landscape. Given the nature of how work styles have changed, and increasing desire of employees to want/need to work at any time, from any location, with data that’s accessible from the company network, the Web, or the cloud, IT is faced with a moving target and requires a broad range of protective measures depending on their organization’s security posture. Given the multilayered security dynamics of mobile platforms, security cannot be assured by finding an ideal hardware configuration or relying on a single type of communications network to catch all threats. In a dynamic market, operating systems, applications, devices, and networks all have a significant impact on security.

Mobile-first ISVs with a strong security orientation that have entered the market are taking a decidedly different path. These vendors are using a combination of technologies and have taken differentiated approaches to securing mobile platforms. One clear difference is their focus on not limiting users to specific applications (what some call an “appnostic” approach) by providing the means to apply security policies to any application. This vendor class is also keen on promoting their vision of what containerization means. To these vendors, moving into a work persona is a form of containerization, or any app that is “badged” may also be considered as being containerized. Another key area of differentiation is the focus on data and applications rather than on devices themselves.

Enterprises are looking to boost EMM investments

Enterprises are looking to mitigate the risk of data breaches, but the solutions aren’t entirely satisfying enterprise requirements. According to a recent VDC survey, nearly 50% of the respondents to a survey recently fielded by VDC indicate that they were not completely satisfied with the level of security they were being provided by their mobile device management vendor partner.

Chart_for_blog

VDC expects that continued investment in device management solutions will drive adoption of mobile security-related products, as enterprises deploy advanced solutions to track, monitor and authorize corporate data access, as an increasing number of their employees bring their devices into the workplace. For this reason, we believe that mobile security vendors can expect to see continued investments in their solutions due to their ability to secure heterogeneous mobile deployment environments and help to prevent against data loss from lost, stolen, compromised, or decommissioned devices.

(with Eric Klein, Senior Analyst)

TrackBack

TrackBack URL for this entry:
http://www.typepad.com/services/trackback/6a0115714871cc970c01a73e028514970d

Listed below are links to weblogs that reference EMM Vendors not Doing Enough to Satisfy Mobile Security Requirements:

Comments

Feed You can follow this conversation by subscribing to the comment feed for this post.

Verify your Comment

Previewing your Comment

This is only a preview. Your comment has not yet been posted.

Working...
Your comment could not be posted. Error type:
Your comment has been saved. Comments are moderated and will not appear until approved by the author. Post another comment

The letters and numbers you entered did not match the image. Please try again.

As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.

Having trouble reading this image? View an alternate.

Working...

Post a comment

Comments are moderated, and will not appear until the author has approved them.