Skip to main content
Jan 19, 2015

With MAM®, what happens if an employee loses a device?

We frequently encounter the perception that device management (MDM) is the best and only way to ensure corporate apps and data are not compromised when a mobile device is lost or stolen. Yet the requirement to wipe an entire device of its contents is not necessary, nor desired in many situations. MDM isn't appropriate for BYOD or applicable for other unmanaged devices in the extended enterprise, such as those owned by contractors or your dealer networks, because a device management profile cannot be implemented. Mobile application management (MAM®) is built to secure just what you need to protect -- corporate apps and data -- and a robust MAM platform should make it easy, with or without MDM.

Take Preventative Measures

With stand-alone MAM, you can wrap apps with security policies to implement safeguards before a device goes missing. For example, the 'corporate authentication' policy requires users to enter their corporate credentials before the app will open. Additionally, the 'data-at-rest encryption' policy, encrypts the data stored in the app, without having to encrypt the entire device. (Read about more mobile app security policies.) If someone attempts unauthorized access, your corporate data won't be compromised.

Wipe the Data

If a “data wipe” policy was applied to the app, then you can remotely delete all of the app’s data, rendering it a useless shell. This command can be issued remotely, without user input, and will eliminate any risk of the app being used in the future. Again, your sensitive corporate data won't be compromised. This is an extremely powerful tool that can effectively decommission an app on any and every device—even those not under management by MDM. These preventative and data wipe measures are useful in other situations as well. When an employee leaves the company, a contractor's engagement ends, or a dealer partnership terminates, you can quickly remove access to apps and data. Disabling enterprise credentials blocks access to an app wrapped with a 'corporate authentication' policy. You can also wipe the data stored in the app with the "data wipe" policy. We believe the true endpoint of mobility isn't the device, but the corporate apps and data. If a device is lost or stolen, MAM still has your data covered.  


More from the Blog
Feb 20, 2019

Part 4: App Security Should Be An Integral Part Of Your DevSecOps Process — Not An Afterthought

How Arxan can help streamline and optimize your DevSecOps process One of the most important factors to keep in mind when dep ...
Read more
Feb 13, 2019

Part 3: App Security Should Be An Integral Part Of Your DevSecOps Process — Not An Afterthought

Situations When DevSecOps Won’t Work Though DevSecOps is getting more popular by the day, and has many benefits to an organi ...
Read more
Feb 06, 2019

Part 2: App Security Should Be An Integral Part Of Your DevSecOps Process — Not an Afterthought

How to start implementing a DevSecOps process As you may have read in our
Read more