SAN FRANCISCO -- As employee-owned smartphones and tablets increasingly serve as workplace tools, enterprise security requirements have moved beyond mobile device management to securing applications and data.
F5 Networks Inc. demonstrated a hybrid cloud solution at the RSA Conference for security professionals in San Francisco this week, which marks the company's entry into the mobile application management (MAM) space. The network appliance company was among many vendors at RSA showcasing a new generation of mobile device management (MDM) and MAM products intended to help companies address the security risks inherent in bring-your-own-device (BYOD) environments.
Citrix Inc. is highlighting a Mobile App Management Solutions Bundle for Enterprise Mobility Management, which combines XenMobile MDM (formerly Zenprise) and CloudGateway. AirPatrol Corp. is demonstrating its location-based policy control system ZoneDefense LT for Fiberlink's MaaS360 cloud-based MDM after both companies announced their integration plans and partnership earlier this month. AirWatch is highlighting a standalone MAM product, which it introduced in January, for its MDM portfolio. Good Technology and BoxTone combined forces in December to create an enterprise mobility management solution with MDM and MAM, among other components.
F5's introduction in this space is of interest because the F5 Mobile App Manager, in conjunction with the company's Big-IP Access Policy Manager (APM) appliance, offers a hybrid cloud solution that could lower costs for companies looking to deploy BYOD programs. The Software as a Service enables IT to create app wrappers with policy and security measures to protect internal and third-party apps, while maintaining on-premises identity stores, according to F5 Networks. The company is planning to launch an F5 App Store in June 2013.
Google Android and Apple iOS device users can connect to corporate email, a Web browser, encrypted apps and data (or use PIN protection) over a secure application VPN, while maintaining control over their devices and personal applications. Network administrators can push updates, retract apps or data, monitor devices individually or in groups, and detect threats and vulnerabilities using a management console.
Big-IP APM already supports MDM products from AirWatch, MobileIron, SilverbackMDM and Zenprise (now part of Citrix). While MDM products provide software provisioning and authentication, MAM offers another layer of application and data security, according to its proponents. The question is, do companies need both?
Device management products can't effectively manage BYOD because they are inherently non-scalable, according to Zeus Kerravala, principal analyst of Westminster, Mass.-based ZK Research. "Users change devices so fast, software and systems change so fast, it's hard for MDM software to keep up."
The F5 Mobile App Manager is designed to secure applications on the network. "It's sort of a lightweight client that gets downloaded upon the user onboarding, but it really does the management of the devices in the BYOD environment from the network, not from the device," Kerravala said.
Early MAM products have faced hurdles, however. Unpacking apps and adding a security and management layer remains challenging for many IT departments. The quality of the containerized apps from organizations and vendors may not match the offerings that Apple iOS and Google Android users are accustomed to in traditional app stores.
Enterprise BYOD challenges
Without an easy fix, securing BYOD environments is likely to be one of the hottest topics at this year's RSA Conference. "It is the area of IT that is going to create the most amount of IT pull-through as far as budget goes," Kerravala said. "When you think of mobile computing and cloud computing, they are network-centric computing, so that means more and more of the security needs to shift to the network as well, and I think you will see a lot of the traditional security vendors try and play in network security."
The biggest shift that many organizations will face in securing BYOD environments is giving up management of the device itself, according to Kerravala. "It really isn't about giving up control, it is about shifting control, and I think that one of the things that IT managers need to think about is: How do they shift control to something that they own in the network?"
View all of our RSA 2013 Conference coverage.