BYOD Update: What’s the Difference Between Mobile Security and Mobile Device Management?

August 2014: Mobile security was not that big a deal before smartphones leapt onto the scene. You just synced your contacts, calendar and email onto your Personal Digital Assistant (PDA) over USB and that was it.

When WiFi and cellular data plans hopped in, PDAs and mobile phones fused into smartphones — BlackBerrys, specifically, became the darlings of enterprise productivity on personal devices. Then Apple and Google introduced consumer versions and the love affair with smartphones went global — fast!  Which is when employees started using their favorite personal devices for work, whether or not they had permission.

What an information-management nightmare!

Corporations had to scramble to keep corporate data safe on personal devices. They wrote Bring Your Own Device (BYOD) policies and incorporated Mobile Device Management (MDM) to keep it all under control.

Fortunately, as mobile technology has gotten more advanced, so has mobile security.
Mobile security has grown out of MDM — it’s simpler in that it protects business data rather than employees’ individual devices. Here’s what you need to know about the two approaches:

MDM is all about protecting, standardizing and managing employee mobile devices so they’re safe to use for business. This can be a gargantuan, ongoing task as new device models, apps and threats roll out daily. Conformity is critical so IT can keep things under control. Conformity and control of personal devices, however, drive employees crazy. While they’re madly in love with their favorite devices, they’re not in love with the option of either carrying a separate phone for business or giving their bosses insights into their non-work lives. And bosses aren’t interested in Angry Birds addictions and browser histories anyway.

Mobile security takes a more streamlined approach. It protects what’s actually important to the business on each device — its corporate data — rather than the device itself. It does this through a secure, centralized business platform that resides on each device and takes up about as much hard drive space as a typical mobile app. Employees access, create and store business information through the secure app — and only the secure app. It’s a streamlined approach that grew organically out of MDM and is similar in concept to Virtual Desktop Infrastructure (VDI).

Here are more details about the different approaches:

Mobile Security:
Controlling Business Data
Mobile Device Management (MDM):
Controlling Devices and Apps
Protects data Protects devices
Extends corporate protection strategies and processes to BYOD devices, apps and data Establishes cross-device policies and standardization of BYOD devices for consistent enforcement of security requirements
Distributes business content in secure ways, similar to VDI Improves device visibility and control by providing instant views of compliance, inventory, protection and device health
Allows businesses to run a stand-alone solution (app) that gives employees access to company data only through a secure vault — employees work within the app, and data on the device is encrypted Allows IT to identify, manage and block (blacklist) risky apps or app categories, and can whitelist apps and push them to devices through a company app store
Encrypts business data stored on devices Provides inventory management and reporting for devices, apps and groups
IT configures, manages and monitors threat and data protection centrally IT enrolls, provisions, de-provisions and tracks devices remotely
Secures company data on a broad range of mobile platforms: iOS, Android, BlackBerry, Symbian and Windows Phone Enables tracking, management and deployment of volume purchase programs on iOS devices

Airwatch, Mobile Iron and others offer stand-alone solutions that prevent the intermingling of business and personal data on mobile devices. Sophos, Kaspersky and Symantec have mobile security products, too.

You may also be interested in: