Original URL: https://www.theregister.co.uk/2013/03/14/mdm_2013/
These mobile devices just aren't going away. What'll we do, Trevor?
I'm a busy man, lads, but pull up a chair for a bit
Mobile Device Management (MDM) has become an important sector of the IT industry, but is also something of a moving target.
Companies from the level of my own three man shop to the largest enterprises are weighing their options for securing mobile devices. For many, Microsoft's System Center 2012 is the barometer by which all other MDM solutions will be judged: it's a fine piece of software that has few true peers and is something many companies already have in their environment.
What else is out there? My investigations turned up nearly 100 active competitors in this market, and this market is red hot. Acquisitions are occurring on a near weekly basis. New competitors are springing up left and right; even Spiceworks is said to be pondering an entry. I've picked a few out at random to get a cross section of the market. Here's MDM 2013:
The best of the best
Fiberlink Mobility as a Service 360 (MaaS360) was the surprise 800lb gorilla of 2012's MDM scene. They have an excellent, comprehensive offering with pricing that is within reach of most SMBs. MaaS does not advertise its prices, but anecdotal evidence says they charge around $5 to $6 per device per month; they also offer the option to pay per user.) MaaS have won a slew of awards, got onto Gartner's Christmas list and otherwise made the competition cower in fear. These are the folks to watch this year.
Airwatch are one of the strongest competitors in the MDM market. They can go toe-to-toe on features, but have a pricing scheme that is friendly right down to the smallest business. They offer a cloud-based version of their software, an on-premise virtual appliance or an on premise physical appliance. They make their real money in support contracts, but don't have a reputation for cramming them down your throat.
Good for Enterprise has a unique take on MDM: it doesn't really do it. Instead it drops an encrypted container and a special app on your phone. You can only get access to the business goodies inside through the app. Good uses its own mail client to get the job done; Android users in particular are known to complain about the way it looks like a cheap knockoff of the iOS mail client. Proponents of the technology champion the ease of support offered by a homogenous interface. They are definitely enterprise priced.
Absolute Manage roll Windows and OS X endpoint security together with MDM. Their mobile offering is somewhat weaker than the market leaders, but not by much. Absolute gets kudos for adding patch management and asset inventory/license management; they are very well priced, especially above 100 devices.
MobileIron are old hands at this MDM thing by now. They have a mature, robust platform and work as closely with the mobile vendors to use the native client architecture to get things done. Their shtick is support and they are highly regarded in the large enterprise space. Prices start around $4 per device per month.
Sybase Afaria is a true enterprise solution. It is quite powerful, however it's reputedly quite a pig to manage, including up to eight separate servers just to make it go! It's one of the first big MDM solutions - hence the cruft - and plays in the top end of the features market. Licences cost about $39 per seat per year.
Blackberry Enterprise Server (Formerly Blackberry Mobile Fusion) is a top-notch MDM solution supporting Android, iOS and Blackberry's own devices. While it is naturally better at working with Blackberry's own handhelds than the competition, that is arguably because from an enterprise standpoint, Blackberry still makes the most secure devices. If you have Blackberry handhelds in your fleet, use BES 10. Other MDM software can support Blackberry devices; none do it as well as BES 10. Costs are very competitive with the rest of market; even though many lament the loss of the free "express" version of the software.
Sophos Mobile Control leaves me with mixed feelings. Mobile Control circa 2011 was an absolute farce, but it has seen two major versions since then. Sophos still has a ways to go to catch up to competitors like Fibrelink, yet they offer a range of endpoint security products that together can be quite compelling. They have obviously been dumping enormous resources into Mobile Control and I expect it to close the gap with the market leaders some time early next year. Sophos offers a perpetual license; prices start around $56 per user.
Trend Micro Mobile Security and Mobile Device Management for BYOD wins the "most awkward name" award. Their website looks like it was run over by a fleet of marketing bulldozers and the same press release was so heavily SEO'd that there is zero signal to be found amongst the noise. The few people I can find who have used it say it is a middling offering, though it is cheaper than many competing solutions.
Centrify takes a different approach than most others in this space: a freemium model. You only pay if you need premium features; it is great for managing and maintaining your family's device loadout for free, but if you're a business you'll want the paid version. The whole system works by putting an agent on your network that jacks into Active Directory and links with their cloud. You control devices via GPOs. Centrify offers endpoint security for OS X, Unix and Linux and is big unto the single sign-on concept. These folks are worth a look, no matter what size your organisation is.
For the price, you can't really argue
Meraki Mobile Solution gets an honourable mention as the company that the Spiceworks community just won't shut up about. Grab any random 10 people from amongst the 2 million+ Spiceworkers and the time to a Meraki discussion is shorter than the time it takes the barkeep to get me my beer. I haven't had time to investigate these folks myself, but they offer a free MDM solution. If the Spiceworks community is to be believed, Meraki can walk on water while making you coffee and finding the next mersenne prime. If you dig a little, the MDM software is nothing special - it is a loss leader for their rather excellent networking software - but more than good enough for most smaller deployments.
Google have a mobile device management offering built into their Google Apps for Business. At the moment, it only supports Android and is honestly pretty crap. It crashes out on all my Gingerbread phones on a regular basis and exhibits any number of truly bizarre behaviours. That said, it is free if you use Google Apps and if your handhelds are Ice Cream Sandwich or newer then it "just works."
While the above is a brief look at the MDM scene, it is a bit like trying to describe Tokyo in detail while whipping through it on a bullet train. There are a few resources that can help you out further. Enterprise iOS has a nice tabbed interface that really helps drill down on features and support. Solutions Review has a high-altitude overview and the Gartner Magic Quadrant on the topic is worth a look as well.
Let us know in the comments what your experiences with MDM software vendors has been. ®