Understanding MAM: The Container Approach Evolves

Proprietary approaches are giving way to native OS solutions that use a simplified but more robust ‘workspace’ profile.

istock 98790269 small

As mobility becomes the new norm, organizations are understandably seeking the most appropriate blend between protection and usability. After all, even though security needs to remain at the core of whatever route the enterprise elects, IT leadership is well aware that whenever usability is significantly impacted, the user base will find workarounds.

This is where mobile app management (MAM) enters the picture. By definition, MAM solutions offer the enterprise a means of effectively selecting, securing, deploying, and managing mobile apps across the entire user base – all without impacting the device owner’s personal apps or data. Of course, how the solution accomplishes this goal can vary greatly.

Historically, MAM has relied heavily on the use of proprietary containers. On the plus side, these containers offer a true safe zone where organizations gain total control over which apps come in contact with the enterprise network and its valuable data sources. The downside is that customers have a limited set of applications available to them that have been integrated into the container platform.

Fortunately, MAM is going through a significant evolution, with this older proprietary container approach now giving way to solutions with native OS capabilities and newer security technologies. Known as OS MAM or native containerization, this next-generation offering leverages native OS frameworks to manage just the apps and data on the device using a simplified “workspace” profile. The workspace profile takes advantage of a OS permission model, without taking full management control of the device and infringing on user privacy. With this approach, it’s the OS layer – not a proprietary container – that effectively separates business and personal data on the device.

The move toward OS-level MAM is also significant because it opens up the entire ecosystems of Apple and Google for use securely by the business, including data encryption, secure network connectivity, and data loss prevention. This ultimately paves the way for smoother device operation with far less limitations on the user base.

And, with the iOS Managed Apps, Android for Work, and Microsoft Enterprise Data Protection frameworks, IT can ensure that business data can only flow between only enterprise-approved apps to prevent data leakage. Specifically, these frameworks provide IT with a level of management to restrict content sharing between business and personal apps or modify and configure how apps work even after deployment.

The AppConfig Community takes this a step further by making it easier for developers to build enterprise apps using these native frameworks. By outlining tools and best practices that developers can follow, the initiative is driving an expansive ecosystem of business apps, a streamlined management experience for IT administrators, and an improved end-user experience.

Perhaps the biggest benefit of operating outside a proprietary container is that users are able to always embrace best-of-breed apps, whether it’s email, calendar, or a CRM solution – without worrying about compromising enterprise security.

As MAM evolves, IT teams will find it easier to find the appropriate blend between protection and usability for their mobile workforce.

Copyright © 2016 IDG Communications, Inc.