MDM vs MAM - How Are They Different? - CWPS

Posted by Gary Utley on November 29, 2018

As mobile devices have become an increasing security risk, many companies have explored different ways of managing them. Mobile Device Management (MDM) has become a common method of securing mobile endpoints -- but it has several failings, especially when it comes to modern security threats. Mobile Application Management (MAM) is a newer approach to securing mobile devices, and one that often yields far superior results.

MDM vs MAM: How Are They Different?

An MDM solution secures the device itself. Often, an employee will have an "agent" or application that lives on their device, ensuring that it is updated with the most up-to-date security information. On the server side, the company will be able to connect with these agents and ensure that they are working as they should. The company security server will be notified if a device appears to have fallen out of date or been breached, and will be able to revoke authorization to that device until the issue has been resolved. For many smaller businesses, an MDM solution can be sufficient -- but there are some marked and notable downsides.

An MAM solution secures the application that is used to access corporate data. Rather than installing something on the device itself, the server that provides company-related information and authenticates users is secured on the server-side. Users will need to go through an authentication process to even connect to data and none of the data will ever be hosted on the device itself.

Why An MAM Solution is Better

When it comes to MDM vs MAM, MAM solutions are considered to be more advanced in a few ways:

  • Better control over corporate data. When corporate data is downloaded to a native device -- such as through email inboxes or instant messaging services -- it automatically becomes as vulnerable as that device. MAM prevents corporate data from ever leaving the company servers.

  • The separation between personal and private data. For an employee, the ability to keep their personal data on their device while still safely accessing corporate data is important. With an MDM solution, an employee could find their device bricked or wiped for security issues. This will not happen with MAM.

  • Adherence to regulatory standards. Many new regulatory standards -- especially in Europe -- require that employers not exert a substantial amount of control over an employee's personal device. Many MDM solutions will run afoul of this, while MAM solutions will not. 

  • A reduced amount of IT work. IT professionals under an MDM solution need to manage and maintain not only their servers but also the status of the endpoint devices. With an MAM solution, IT professionals need only concern themselves with the security of their business data.

  • Cheaper cost of licensing. Despite being the more advanced solution, MAM solutions are often much cheaper to license, as they don't require that companies purchase licensing seats for the endpoint devices that they need to secure. 

Ultimately, MAM solutions provide better overall security, which is what makes an MAM solution the better fit for most organizations. Microsoft provides a complete out-of-the-box Mobile Application Management suite with Office 365 EM+S. If you want to secure your network and get started with Microsoft Office 365 EM+S, contact CWPS today.

2019 Cybersecurity Threat Ebook

Topics: Office 365 EMS