Data Centric Security is ‘the new hot’ for Enterprise Mobility Management

The past few years have been important for enterprise mobility management (EMM), where many start-up companies and large organizations were putting their stakes on the ground competing for a share in this USD 64 billion market (2012) that is expected to reach USD 238.39 billion by 2020, at an estimated CAGR of 17.8% from 2014 to 2020.

Early adopters of available technologies have already recognized how transformative and fast paced the enterprise mobility management market really is.



Analysts and enterprise mobility experts are paving the way out of MDM (Mobile Device Management) saying it’s a too heavy-handed approach to secure mobile applications and data, where IT literally take control of employee-owned mobile devices. To this point, there are lighter-handed MDM options available on the market that offer a good degree of control without being too intrusive.

The market answer is to move to a mobile application centric approach, the MAM (Mobile Application Management), where a number of different technologies and approaches are used to secure mobile applications enforcing polices and security. Some of the technologies in use by MAM are application wrapping, application secure VPN and even SDK driven application frameworks where mobile application are developed on top of frameworks that manipulate and handle security.

MAM commonly supports custom-built enterprise mobile applications that have been built specifically to use the MAM vendor’s API; or in a more light-handed approach it will require the application to be wrapped with the MAM technology.



The number of employee owned smartphones and tablets in the work place is set to exceed one billion in the next five years, according to a report by Juniper Research. This demonstrates not only that mobility in general is full steam ahead, but also that employees want to use mobile technologies to be more productive.

To get work done employees will look for applications that make them more productive, and if those are not available in the corporate application store they will likely go outside to find a new apps that suits their ‘business’ needs. This has happened previously with file-synchronization engines such as Dropbox, Google Drive and is currently happening with note-taking applications. If the application is not available in the corporate app store it’s possible that organizational content have already been created or moved to public cloud services.

On the offensive, vendors are exploring this market, enabling content sharing with added security features for corporate customers. However, if an employee wants to use a different service, or if tomorrow there’s a better application that will make them more productive, nothing will stop them from moving data or creating content using non-approved corporate applications and services.

Just like MDM, MAM is focusing on security aspects of who is using the application, leaving a security gap that delineates the usage boundaries for the DATA.

I like the idea that all mobile applications should be freely embraced by organizations, enabling “Bring-Your-Own-Device”, but also “Bring-Your-Own-Application”.

Organizations should care about who is accessing corporate data and what can be done with it, not who or how the application is being used. An application downloaded from iTunes or Google Play store could and should have access to corporate data, but data would be be geo-tagged not allowing it to be consumed from unauthorized areas, data could be meta tagged not allowing it to be utilized under specific conditions or by specific devices, data could be tagged with mechanics of how it can be shared across applications etc.

Allowing employees to use their own mobile applications with content management does not eliminate the risks associated with content being intentionally moved or created outside enterprise repositories, but it gives options for employees to do the right thing.

Achieving this level of data centric security will only be possible when mobile application vendors embrace a common security framework for data management and tagging. Yet, for this approach to be successful the framework must consider both mobile and non-mobile contents. On that note, I am pleased to see that MobileIron (NASDAQ: MOBL) is taking the steps required to make that a reality, disclosing a US patent grant (MobileIron Secures the Personal Cloud to Solve the Most Persistent Data Loss Threat to the Enterprise).

Microsoft also recently unveiled the new Microsoft Rights Management service enabling organizations to share sensitive documents of any type with a protection scheme that provides SDKs, Apps, and Azure Services for mobile application developers.

The market is quickly fragmenting and it will be a long haul before we have a common mobile security framework for data and public management services. My hope is that few of the market player will get together to create a open framework coalition that will allow everyone to play, but history teach us that this is not happening anytime soon.


I originally published this article in April 2013, but after the MobileIron announcement I revisited the ideas and market status to re-publish this article. The original article can be found here.


Bring Your Own Device (BYOD) Market Analysis And Segment Forecasts To 2020

BYOD, mCommerce, Consumer & Enterprise 2013-2018


This article was first published by Andre Leibovici (@andreleibovici) at

1 ping

  1. […] If you want to find out more about my thoughts on data centric security read my article Data Centric Security is ‘the new hot’ for Enterprise Mobility Management. […]

Leave a Reply