Mobile Device Management Market Won't Last: Gartner

That was the central message of a panel of industry analysts who offered up their observations about mobile device security in the enterprise and how the bring-your-own-device (BYOD) phenomenon has had a significant impact on the market for mobile device management (MDM) software. Many MDM vendors are stumbling and forced to slash per-seat prices because they offer only limited capabilities, the panel told attendees Monday at the 2013 Gartner Security and Risk Management Summit.

"Mobile Device management is in chaos right now, and I think this market is going to die," said John Girard, vice president and distinguished analyst at Gartner. "MDM will reach an endpoint and then we'll really start to see vendors have to look at mobile application management and application shielding around the app -- that is really what is happening."

[Related: 10 Mobile Security, BYOD Privacy And Security Myths ]

The MDM space is estimated to be a $784-million market with about 128 or more firms vying for customers. It is projected to be $1.6-billion market by 2014, according to Gartner. Despite increasing momentum, market penetration for MDM is currently estimated at less than 30 percent.

The leaders in the MDM space, according to the research firm, include AirWatch, MobileIron, Citrix, SAP, Good Technology and Fiberlink. All the firms are either partnering with other vendors to provide mobile application management capabilities or developing their own ways to wrap a security policy container around apps, Girard said.

BYOD has made certain platform versions nearly impossible to control with standard out-of-the box MDM functionality. MDM vendors can only provide functionality based on the APIs that are available to them by the platform or device makers, and if an enterprise attempts to add more robust functionality, it often runs into limitations, Girard said. "I can't really whitelist or blacklist apps or have remote control or permission to wipe your device, and I can't tell you where to take your device because of BYOD," Girard said.

Three years ago, an MDM product might sell from $60 to $150 per device. Today the price per device in many cases is under $30, according to Peter Firstbrook, a research vice president at Gartner. By contrast, endpoint protection costs $10 to $15 per seat.

"The basic functionality of controlling the configuration of devices is becoming a commodity and the desktop management vendors can consume that market," Firstbrook said. "But there continues to be a tremendous opportunity for many vendors to innovate."

Girard said application shielding or application wrapping enables organizations to place policy restrictions on apps and the data within them. San Francisco-based Mocana and Good Technology are two companies making innovations around application containers, he said. Once an app is wrapped, it inherits its own VPN stack, its own key handler and software license manager. When a user attempts to access it, the mobile app will contact the back-end server and ask permission to run, Girard said.

In some ways, Apple has helped create the direction in which security firms are moving. The company's closed ecosystem means it whitelists apps, only allowing people to get apps from its App Store, said Neil MacDonald, vice president and Gartner Fellow. Google also has platform restrictions, but its more open ecosystem has attracted cybercriminals pushing potentially malicious applications and mobile malware.

"There is a convergence because the MDM vendors that are sharp know the end is in sight, and they are building containers," MacDonald said. "They're building out a mobile application management solution to start out going down that path, because they're saying they have a foothold on that device, so they're the right person to sell you containment."

PUBLISHED JUNE 10, 2013

This story was updated on June 12, 2013, at 10:50 a.m. PST, to correctly note that Gartner projected the MDM market to be a $1.6 billion market, not $1.6 million, by 2014.