We frequently encounter the perception that device management (MDM) is the best and only way to ensure corporate apps and data are not compromised when a mobile device is lost or stolen. Yet the requirement to wipe an entire device of its contents is not necessary, nor desired in many situations. MDM isn't appropriate for BYOD or applicable for other unmanaged devices in the extended enterprise, such as those owned by contractors or your dealer networks, because a device management profile cannot be implemented. Mobile application management (MAM®) is built to secure just what you need to protect -- corporate apps and data -- and a robust MAM platform should make it easy, with or without MDM.
Take Preventative Measures
With stand-alone MAM, you can wrap apps
with security policies to implement safeguards before a device goes missing. For example, the 'corporate authentication' policy requires users to enter their corporate credentials before the app will open. Additionally, the 'data-at-rest encryption' policy, encrypts the data stored in the app, without having to encrypt the entire device. (Read about more mobile app security
policies.) If someone attempts unauthorized access, your corporate data won't be compromised.
Wipe the Data
If a “data wipe” policy was applied to the app, then you can remotely delete all of the app’s data, rendering it a useless shell. This command can be issued remotely, without user input, and will eliminate any risk of the app being used in the future. Again, your sensitive corporate data won't be compromised. This is an extremely powerful tool that can effectively decommission an app on any and every device—even those not under management by MDM.
These preventative and data wipe measures are useful in other situations as well. When an employee leaves the company, a contractor's engagement ends, or a dealer partnership terminates, you can quickly remove access to apps and data. Disabling enterprise credentials blocks access to an app wrapped with a 'corporate authentication' policy. You can also wipe the data stored in the app with the "data wipe" policy.
We believe the true endpoint of mobility isn't the device, but the corporate apps and data. If a device is lost or stolen, MAM still has your data covered.