Cybersecurity
Security
IBM Security MaaS360
August 24, 2023 By Madalina Barbu 4 min read

It looks like an easy day for James, an IT Administrator. It is vacation time and most of his end users are out of the office, so he thinks it is time to have a look at some of the backlog tasks—maybe even procrastinate a bit. But then, the phone rings.

It’s Robert, one of the end users in his company. Robert is very nervous—he’s calling from the hotel because he has lost his iOS smartphone on the beach. Their company has both corporate devices and a BYOD (bring your own device) policy. Robert is enrolled in the BYOD program, so it was his personal device but with corporate data stored, including the latest financial projections he has shared with his team for a presentation.

James opens the mobile device management software that his company is using, immediately finds Robert’s iOS smartphone in the tool, and does a remote wipe. He wants to get back to the backlog tasks.

But, it’s not over. He sees a real-time notification that a user has tried to download a gaming app on the corporate device, which is not in policy. An automatic notification to the end user was left. It is his friend, Mary; Mary’s flight was delayed and her kid was bored and asked for her Android smartphone to watch YouTube. He clicked on an ad promoting a gaming app and tried to download it.

What James has done with Robert’s lost iOS smartphone is part of mobile device management (MDM). In Mary’s case, the access settings for apps that are not in policyare part of mobile application management (MAM). Both MDM and MAM are part of unified endpoint management solutions. Whether a company has BYOD policies, uses only corporate-owned devices or both, and whether the users have iOS smartphones, Android smartphones or tablets, all devices and apps need to be managed and protected. Mobile security strategies need to be put into place, otherwise one can lose corporate data, personal data and sensitive data.

What is mobile device management (MDM)?

Mobile device management (MDM) is a solution that manages smartphones and tablets—no matter the operating system—and protects them against cyber threats and data loss. MDM has become a very popular technology after Apple launched the first iPhone. As the technology has evolved, MDM has transformed into enterprise mobility management (EMM) and is now part of unified endpoint management (UEM).

MDM software is used to manage both BYOD devices and corporate-owned devices that run on any mobile operating system (iOS, Android, iPadOS, Windows or purpose-built devices). MDM solutions use containerization—which separates the corporate apps and data from the personal ones—to maintain device security and the security of mobile apps.

What is mobile application management (MAM)?

Mobile application management (MAM) has emerged with the rise of mobile app usage. It is software used to manage and protect the mobile apps available on users’ devices. It is usually part of MDM software and UEM (unified endpoint management) solutions.

When using MAM software to protect company data either on BYOD policies or company-owned devices, James and other IT admins use the containerization features and security policies to make sure that the right users have the right access to the right enterprise apps—usually part of an app store available in the MAM solutions. This comes with features like access management, multi-factor authentication, granular permissions and control to protect users and ensure data security and control.

James has MDM and MAM software available at hand, which made sure that the data available on Robert’s and Mary’s smartphones are safe. When thinking about MDM vs. MAM, IT admins would need to think about their objectives. They both offer granular control, both have containerization and both use access management and identity management technologies.

So what sets them apart?

Top 5 differences between mobile device management (MDM) and mobile application management (MAM)

1. What they manage:

  • MDM is performed at the device level for enrolled devices and users, including device settings, security policies and apps.
  • MAM focuses on managing and protecting mobile enterprise applications and the business data available to them.

2. What they control:

  • MDM controls the entire device, allowing actions like wipe, selective wipe, lock, locate, enforce passwords and more.
  • MAM has control over the apps themselves. While it also enforces security policies, it does so at the application level.

3. What they secure:

  • MDM focused on device security, user security, encryption, VPN and app security. MDM solutions use functions like wipe, remote wipe and geo-location, and may have threat management features against SMS and email phishing, jailbroken and rooted devices, and many more.
  • MAM focuses on app security, including functions like setting up automatic app removal conditions to prevent unauthorized access. Some MAM software has app wrappers or software development kits (SDK) as security add-ons.

4. How they handle app deployment:

  • MDM technologies usually allow IT teams to push and install apps.
  • MAM technologies allow IT teams push and install apps from an app catalog, but also allow end users to install the approved enterprise apps.

5. How they manage:

  • MDM has standard app management capabilities related to installation and updates. There are also UEM solutions that have MDM and mobile application management capabilities included.
  • MAM offers granular and advanced app management spanning across all the application lifecycles. For example, it enables actions like installation, deployment, patching, integration with public app stores (like the iOS App Store and Google Play Store). IT Admins can also distribute apps and track the installation of apps remotely, over-the-air (OTA), to all users, groups of users or personal devices.

Get started

Mobile device management (MDM) and mobile application management (MAM)are both used in mobile management but for different purposes. They are both very useful for IT administrators to make sure that the mobile devices, users and data remain protected.

IBM Security MaaS360 is a modern, advanced unified endpoint management platform that merges MDM with MAM, helping IT teams be both efficient and effective and keeping the total cost of ownership under control.

Learn more about IBM Security MaaS360
Was this article helpful?
YesNo

Tags

 |  | 
Madalina Barbu
Global Product Marketing Manager, IBM Security MaaS360

More from Cybersecurity
June 28, 2024

Authentication vs. authorization: What’s the difference?

6 min read - Authentication and authorization are related but distinct processes in an organization’s identity and access management (IAM) system. Authentication verifies a user’s identity. Authorization gives the user the right level of access to system resources.  The authentication process relies on credentials, such as passwords or fingerprint scans, that users present to prove they are who they claim to be.  The authorization process relies on user permissions that outline what each user can do within a particular resource or network. For example,…

June 24, 2024

Intesa Sanpaolo and IBM secure digital transactions with fully homomorphic encryption

6 min read - This blog was made possible thanks to contributions from Nicola Bertoli, Sandra Grazia Tedesco, Alessio Di Michelangeli, Omri Soceanu, Akram Bitar, Allon Adir, Salvatore Sollami and Liam Chambers. Intesa Sanpaolo is one of the most trusted and profitable European banks. It offers commercial banking, corporate investment banking, asset management and insurance services. It is the leading bank in Italy with approximately 12 million customers served through its digital and traditional channels. The Cybersecurity Lab of Intesa Sanpaolo (ISP) needed to…

June 20, 2024

What is AI risk management?

8 min read - AI risk management is the process of systematically identifying, mitigating and addressing the potential risks associated with AI technologies. It involves a combination of tools, practices and principles, with a particular emphasis on deploying formal AI risk management frameworks. Generally speaking, the goal of AI risk management is to minimize AI's potential negative impacts while maximizing its benefits. AI risk management and AI governance AI risk management is part of the broader field of AI governance. AI governance refers to…

IBM Newsletters

 Get our newsletters and topic updates that deliver the latest thought leadership and insights on emerging trends.
Subscribe now More newsletters