Enterprise mobility is flailing. Maybe it’s time to drop the do-it-yourself approach.


Mobile-device management, app wrapping, secure storage, file sharing, secure app containers — the enterprise mobility management (EMM) puzzle has a lot of pieces. Stitching them together is so painful that few companies have followed through. They’re wasting precious hours, losing money, and the time for that kind of behavior is over.

When it comes to EMM (and, particularly, the ever-present BYOD trend), there are plenty of success stories. For most businesses, however, it hasn’t delivered. Small businesses that actually need BYOD aren’t securing or managing anything, and while enterprises have spent millions of dollars on EMM software, most of it sits unused because making the pieces work together still proves difficult. The result? IT still the bad guy and no one is getting anything done.

Late last year I spoke with several CIOs and CISOs who are using a well-known EMM suite. Most were managing more than 30,000 devices in their respective companies. What I heard wasn’t particularly exciting.


  • Android was still “under evaluation.”  BYOD = iOS.
  • App wrapping and secure SDKs were “on the horizon.”
  • Device management was limited to password enforcement and remote wipe.
  • Email was the only widely supported secure app.
  • What tablets?
  • They were all sure that their users were going around security protocols and using outside services.

If it feels like 2007, you’re not crazy. Hundreds of thousands of dollars of software and staff resulted in what are essentially Siri-enabled Blackberries.

To be fair, the very same day as my interview I heard a medical services firm speak about securing more than 150 custom apps. Still, the CIOs at the table painted a pretty accurate picture of most big business mobile security, and the little folks have it worse. Small businesses often operate on 100 percent BYO, but most of them have no idea EMM even exists, and they certainly have no spare IT resources.

Enter the new(ish) Microsoft response. At TechEd 2014, Redmond announced a full-scale EMM blitz. The gist is that if: If you really want to put Office on all your devices, they’ll give you that, plus features you get from Airwatch /Good /MobileIron, and you can manage everything through Active Directory and Configuration Manager, in the cloud. And it’s cheap.

It’s more complicated than that, but not by much. Microsoft is betting that $4 per month per user (with up to five devices each), and that’s a small fee to pay to ditch your EMM Frankenstein. And of course it works better if you use Office 365, which can be yours for just a few dollars more . . .

Let’s be clear. There was a lot of spin. Prominent features like a native Android Outlook client exist only on the roadmap. And while Microsoft criticizes Good and others for steering users toward proprietary productivity apps, the company is equally guilty. The difference, of course, is that Microsoft’s proprietary apps are largely what the users really want, and that’s a valid point.

Other vendors have much more evolved features. Good’s SDK, for example, will probably outclass Microsoft’s policy wrapping for some time to come. But if you really just need productivity apps to run securely on tablets and phones, giving up micromanagement and making adoption brainless might be worth any theoretical tradeoff.

Microsoft’s offer is a lifestyle choice, and the rest of the industry is headed in the same direction. VMware paid a whopping $1.5 billion for Airwatch earlier this year, aiming at incremental upsells to existing customers and the possibility of pushing more of the VMWare suite to EMM adopters. Citrix is running from the same playbook, though they paid considerably less to buy its way in.

Does this mean the death of best-of-breed integrations? No, but you probably don’t want to do the integration yourself. There will certainly be exceptions, but unless you work for the DARPA, NASDAQ, or some well-funded secret society, you’re probably not one of them.

The remaining EMM companies get this. MobileIron has a 100 percent channel strategy. They don’t want to sell you software. They want Accenture to build you a business system with their software inside. SOTI has a strong channel focus into vertical markets. Good continues to service its core high-security user base (see DARPA, above), but it has expanded into the helpdesk with BoxTone, and its channel is increasingly critical. We’re getting closer to the point where EMM ceases being its own distinct thing and we’re just looking at unified systems management. We’re not there just yet, but we’re close. So if you’re thinking about cobbling together your own souped-up mobility hot rod from scratch, you might want to count to 10.

Late next month we’ll examine what the third-party future looks like in our managed mobility services Sector RoadMapTM report. Until then, let us know what you think. Does DIY EMM still have legs?



No surprise Android is “under evaluation” since it is still fragmented. As a result, finally, Microsoft ‘got it’, that embracing iOS can make them a contender in the Enterprise – thanks to their new CEO.


What’s funny is my company has implemented a MDM to “secure” its information on BYOD mobile devices because we can’t have those devices unsecure. We are a 365 shop and they went so far as to disabling OWA sycn so that you HAD to get your corporate mail on your mobile device via the MDM controls. BUT you can still go to your Outlook.com 365 site from any computer and get your mail, OneDrive, SharePoint sites, etc.

I think most companies do MDM because board members or the CEO heard from Gartner or one of these other analytical companies that they had to do it. Its like the little Dyke Boy with his finger in the hole why the dam is leaking all over the place.


IMHO, big companies are going toward “microsoft is the reply, and to hell with the question” (plus “every system must have malwares, since microsoft have those, and Android too”).

Jim Courtney

Obviously BlackBerry’s new thrust for EMM and enterprise mobile security still needs some awareness building. Currently they are holding BlackBerry Experience events in North American and Europe to present their EMM strategy to CIO’s. There has been good attendance at these (over 1500 in Toronto) and New York (~2000). If you rush, you can register for the Washintgton DC event Wednesday (May 21).

Certainly learned a lot about how, going forward, BlackBerry Enterprise Server can secure iOS, Android and BlackBerry devices (with Windows Phone coming later this year). BlackBerry Balance and BlackBerry Work Space play key roles in isolating personal and business activities.

Their EZPass migration program, launched April 1, has been installed into over 800,000 seats by May 8. http://www.computerworld.com/s/article/9248200/BlackBerry_is_laser_focused_on_the_enterprise_with_BES10

More at http://blogs.blackberry.com/2014/04/blackberry-experience/

Jeremy Geelan @jg21

‘Flailing’ or merely ‘failing’? :)


This might be part of a solution: http://systems.cs.columbia.edu/projects/cells/

“Multiple, isolated, virtual devices on the same phone can allow business professionals to carry a single phone that contains both corporate and personal phones, providing an efficient, high performance BYOD solution.”

Cormac Foster

Hi, John.

The Cells project is cool–particularly if you’re really looking for something lightweight enough to run really high-performance apps, and secure containers of one sort or another are definitely part of the puzzle going forward. But it’s also precisely the kind of thing that’s so frustrating to IT staff right now. Evaluating Cellrox (a commercial implementation of Cells) versus Divide, Bitzer (now Oracle), and maybe some Knox-flavored system is a fairly major project. Doing the same for every other piece of the puzzle, and hoping you don’t inadvertently leak anything between the components is pretty daunting.

Comments are closed.