Evaluating Mobile Device Management Solutions: Criteria

The last few months I have seen an uptick in interest in mobile device management solutions in the enterprise. It seems like every other customer I am in front of is asking about this technology and in almost every case the customer needs help identifying the criteria by which to evaluate the different solutions out there. It makes a great topic for this week, so here is the criteria I'd use:

What type of platform is it?
The objective here is to understand what type of platform the vendor being considered offers. Is the platform one that can manage the phone natively or is it one which deploys a virtual container on the phone? I have found that some enterprises like the idea of managing the phone natively, but others prefer a complete separation of personal and work. The latter is obviously a clearer, more well-defined delimiter. Meanwhile, the native phone management provides for some technical challenges in that you have to be able to clearly distinguish between personal data and enterprise data.

In both cases, however, you want to avoid managing the device itself -- in the age of BYOD and consumerization, we don't want to take a step back and go back to the complexities of managing a device. Managing a personal device is the user's responsibility; instead, we simply want to manage the enterprise resources we deliver to these devices.

What types of operating systems does the platform support?
Identify how many types of mobile phone device operating systems the vendor supports. Of course we want support for every mobile operating system out there, but sometimes not all vendors build in support for all OSes. If you find a vendor that you like and a solution which meets your needs from a feature standpoint, ask about a roadmap for supporting the other OSes. Keep in mind, however, that you are deploying this solution to manage consumer devices, so be very cautious in selecting a vendor with the widest range of support for at least Apple IOS and Android, with a roadmap for the other OSes like Microsoft Mobile.

Is the product offered as SaaS or premise-based?
Understand how the solution is deployed. Some vendors offer strictly a SaaS service, while others offer premise-based software installs. Few offer both solutions. It is important to to investigate both types of solutions, understand the differences from a feature as well as a management and training standpoint, and of course, from a cost and time-to-production standpoint.

Is it able to enforce baseline security policies?
The product should be capable of checking for required security products, prompt for acceptance of company usage policy and enforce password policies such as password length and complexity. The solution should be able to offer encrypted backups, detection of jail breaking or blacklisted applications. In addition, the solution should be capable of enforcing folder-level encryption, full disk encryption or both.

What about location awareness and remote wiping?
The ability to track the device for recovery purposes is a key factor. You should investigate the products for their GPS and location awareness capabilities which will aid administrators in possibly recovering the asset or remotely wiping it should the need arise. You should also evaluate the products' ability to wipe/destroy selective data and the ability to wipe out business data while keeping personal data intact.

Application manageability?
You should investigate the product's capability to manage installed applications on mobile devices, such as the ability to remotely update an application or even remote uninstall . If this feature is not possible on certain mobile operating systems, what alternatives does the solution offer?

Is the product capable of disabling certain features of the device?
Some enterprises find it important to be able to disable certain features of the device, such as the camera. Depending on which area of the campus or building you are in, understanding the capabilities of the solution will open the doors for you to find good uses for it.

What about monitoring and reporting capabilities?
Monitoring and reporting capabilities are important to any organization. You should investigate the different products for these capabilities. Furthermore, you should also be looking to understand how much out-of-the-box reporting capabilities the product offers as opposed to highly customizable, difficult-to-export data that may increase the operational cost of deploying the product.

Does it have out-of-the-box integration capabilities with incident management system?
I highly recommend that you understand and thoroughly evaluate the products' ability and ease of integration with the existing enterprise incident management system/process, as this will be important for you to support the solution without needing to have separate systems to track support calls.

As you can see, the list of things to look for when evaluating MDM is not terribly long but it is definitely involved. Carefully define the business objectives, don't try to enforce things that are out of your control. For example, don't try and fight consumerization by saying, "We will only support Apple devices or Android device or Windows devices." Instead, keep an open mind and accept the fact that you have to choose a solution that caters to almost everything or a solution that has a roadmap that caters, supports and most importantly keeps up with the different devices, OSes and trends in consumerization and mobility.

Posted by Elias Khnaser on 02/13/2012 at 12:49 PM