The Next Generation of Mobile Application Management (MAM) - A Conscious Uncoupling

As the dynamics of the workplace and customer mobility journeys evolve, the breadth of use cases continues to grow. A one size fits all approach does not fit well in today’s environments.  Organizations have loosened the reins on corporate-owned devices, partially due to the cost involved in both purchasing and maintaining those devices for their workforce.  As they have moved to BYOD models, companies are still actively managing many of those devices throughout their entire lifecycle for a large portion of the workforce, and for good reason.  It enables them to provide secure access to applications and internal resources within their organizations, whether those resources reside on premises or in the cloud. 

Is It Time for a Break Up?

However, there is a time and a place where full device management is not always the best approach.  Sometimes, it makes sense to separate application specific capabilities from the complete set of management capabilities.  At MobileIron, we have always believed in creating the best solutions to solve our customers’ problems, and our solutions reflect that.  

There are a couple of situations that have greatly influenced the way organizations approach workplace mobility.  First, in a world where employees can easily download productivity apps via their personal accounts, it can be very difficult to gain full acceptance within the organization to manage 100% of the mobile devices.  Second, most organizations today embrace an extended workforce consisting of many different types of temporary workers and business partners - an environment that makes securing, supervising and managing devices much more complicated.  

Mobile Application Management Use Cases

In light of this backdrop, there are a few business use cases that consistently emerge – BYOD for unmanaged employee devices, contract workers and partners.

There are many cases where BYOD is needed for unmanaged devices within full-time employee populations, but one of the most prevalent is fueled by employee privacy concerns. A fear of  sharing personal content with their employer causes employees to resist corporate management of their personal devices.  This concern is unfounded if you have already been using MobileIron, as we are able to completely separate personal data from corporate data on the device.  Even still, a new approach needs to be considered to minimize security risks and gain acceptance of the BYOD and contractor community of users.

The use of contract employees, generally short-term workers that either work on specific projects or serve as temporary extended team members, has grown exponentially in recent years.  This is seen most often in fields that leverage per diem workers for staff augmentation, such as hospital nursing staff, or business consultants that work as part of a service organization, for instance an accounting firm providing corporate tax preparation services.  Interestingly enough, in both of these examples there is quite a bit of sensitive information that needs to be secured.

Lastly, partners with whom companies have close working relationships such as supply chain partners, independent dealers, or other strategic partners are often required to access backend systems through business applications on their personal devices.  

In all of these instances, users generally need access to proprietary information within the organization, but quite frequently use their own personal device, or for some contracted employees, a device managed by their employer.   This provides a unique challenge.  If users already have their device managed by another organization, it precludes them from having it managed by a second party.  

AppStation - a New Client Application

We recognized that in order to serve even more users in customer environments we needed to offer another option that provided a MAM (mobile application management) solution separate from our full MDM solution.  We enhanced our MAM capabilities within our MobileIron Cloud platform a few months ago, enabling administrators to securely deliver corporate applications without employing full mobile device management. 

In our most recent quarterly announcement , we have taken mobile application management one step further. We now offer a new client application for unmanaged devices, AppStation, to deliver corporate applications (in-house applications, MobileIron EMM apps, or third-party apps) all in one place for easy and efficient user access to corporate applications.  Users are up and running in an instant and all of their relevant corporate applications are presented within AppStation, without infringing upon their personal device information.  Once an app is wrapped, whereby a management layer is added to applications and specific policies can then be applied to those apps, an administrator simply checks off a box in the console and bypasses full MDM for the user if he chooses.  Not only does this make configuring devices easy, it allows the organization to help mitigate security breaches. 

We even integrated our MobileIron Threat Defense capabilities into AppStation, allowing organizations to implement threat detection against known and zero-day threats on the device, in applications, and on the network.  

MobileIron continues to evolve its Cloud platform to meet the needs of our customers, even if that means giving them the choice to “uncouple” if that’s what’s best for their organization.

*additional license required


Girish Bhat

Girish Bhat

Vice President, Product Marketing

About the author

Girish leads the Product Marketing and Technical Marketing Engineering teams at MobileIron and is responsible for sales enablement, GTM planning and execution, pricing and packaging and customer engagement.

Previously, Girish held various roles managing SIEM, UEBA, authentication, compliance, VPN, DLP, IDS/IPS, mobile, SaaS, IaaS, virtualization, networking and network monitoring solutions at startups and global brands.