Think users will blindly agree to MAM? Think again!

Mobile application management isn't a cure-all for the problem of controlling corporate assets on personal devices. Users will still need a good deal of convincing and persuading -- or, if you prefer a gentler term, "education.

Mobile application management isn’t a cure-all for the problem of controlling corporate assets on personal devices. Users will still need a good deal of convincing and persuading -- or, if you prefer a gentler term, “education.”

During this week’s SearchCIO tweet jam on mobility, I got a wakeup call regarding users’ trust (or lack thereof) in IT and the general lack of knowledge around mobile application management (MAM). We typically accept the fact that mobile device management (MDM) won’t work for BYOD because users won’t give IT permission to delete their personal apps and data. What we don’t expect, however, is for that same resistance to exist around MAM.

It does.

When the issue of MDM and BYOD came up in the tweet chat, I posted what I thought was a generally accepted statement: “If IT can wipe corporate, containerized data and apps and leave personal stuff alone, users will consent.” That led to this conversation:

The mobile elite may see MAM (and, to a similar extent, mobile virtualization/ dual-persona technology) as an easy way to separate corporate and personal assets (and control over those assets) on the same device. But some users will see it as a piece of software that YOU’RE installing on MY phone that will give YOU control.

As MAM continues to make inroads -- remember, a lot of IT people haven’t even heard of it -- we must keep in mind that the technology alone will not solve any problems. Organizations will need to prove to users -- through training, demos, etc. -- that they have no desire to view or control their personal content, and furthermore, that they couldn’t do it even if they wanted to.

Just like any other mobility initiative, without user buy-in, MAM will fail.

Join the conversation


Send me notifications when other members comment.

Please create a username to comment.

I like the idea of saying that "work" is an app (or multiple apps) just like any other app a user has. Then you can go on and give them a choice, saying if you want work on your personal phone, we have to make sure it's secure. You can have email in the native client, but then we have to secure the whole device, or you can have email in a third party app, but the experience of that app might be a little bit different then your normal email. That seems pretty clear cut and easy to get. Agree?


That's a great idea in theory. I just wonder how many organizations would be so accommodating of users that they would offer that choice. IT traditionally takes a one-way, my-way-or-the-highway approach.


Most IT people I talk to have a BYOD policy that typically boils down to this: if you want to use a personal phone on the corporate network for whatever reason (email, etc), then you have to pin lock it and we are allowed to wipe the device if you leave the company or if it gets lost/stolen.

That's it.

If the person doesn't agree to that out of fear or not trusting IT, then they are *** out of luck for checking work email on their personal device.

I always feel like IT has a communication/education problem when it comes to mobile more than a security one.  


The tables sure have turned.

It used to be that enterprise solutions needed to completely satisfy the IT decision makers and be minimally acceptable to users.  Game Over.  Now we need to win over the users at all costs, including helping IT to accept ever growing concessions.


Good point, Jim. Some companies don't even notify users about the potential of IT wiping their devices when they enroll in ActiveSync.


I'm not sure how the if you leave the company we wipe your personal device would work in reality, I can understand the theft use case.

And what is stopping a user simply backing up the entire device?


I work for a company who has recently acquired some cool EMM tech :-)

I am provided with a corporate iPhone which up until now I have full control over, with the exception of some  fairly unobtrusive carrier filters. It holds a whole bunch of personal photos and other data which I would not want at risk of clumsy corporate data management.

I'm sure there are plans to start using our cool EMM tech to nail down our corporate phones and it is at this stage that I will be buying my own device and will probably just forget to carry my corporate phone around with me, just like in the old days when the company phone was a piece of junk and my own was much more capable.

I will frequently be unreachable on my corporate device and much less agile as far as my employer is concerned.

I have seen and played around with our cool new EMM tech and it has far too many controls and features which if used incorrectly will make my life miserable.  I know from bitter experience that our IT guys can and will screw up so I will not give them that chance.

One of the posters above mentions that if their staff dont accept corporate control then they are 's41t out of luck', well this works two ways these days I'm afraid, all part of the FUIT world we live in.

We have to find a middle ground where security can be applied unobtrusively and without the risk of personal data loss. There is no doubt in my mind that the MAM/MDM offerings available today and the pool of skills in this area are just too immature to trust with any device which contains personal data.

I think EMM is really cool,  I just dont want it anywhere near my tech.


Great comment, help4ctx. More evidence that IT needs to make separation of powers crystal clear to end users -- and then abide by them.


Hi Colin

Great read! I completely agree with you; "without user buy-in, MAM will fail".  In fact, I will extend it to "without user buy-in, any tech/product will fail".

Yes, users like to use their personal/choice-of devices to use for work.  We need to understand user-needs; what are they trying to do?  Their job.  They are trying to do their job without having to open their laptop/mac, painfully connect to VPN and try to finish their tasks.

As Enterprise IT, our objective is to enable user productivity.  We need to proactively offer the right tools to our users before they find their own workarounds.  And the key to any "right" tool is user buy-in.