MobileIron, an early leader in the fast-emerging category of mobile device management, announced its cloud strategy Wednesday, creating another delivery vehicle for software that helps make the consumerization of IT more palatable to the "IT" part of that equation. This version of the cloud service, while not quite as complete as the on-premises MobileIron offering, is a step in a good direction since managing even more computing devices isn't necessarily a headache that IT needs.
In some sense, systems like these (MobileIron calls it Connected Cloud), especially in the cloud, let IT focus on unleashing the productivity that mobility brings, rather than trying to tame it through a slow burn of policy definition, configuration, and enforcement. The first part is still necessary, but in theory, MobileIron handles the rest, including the ability to remote control devices, set e-mail and application access control, permissions, and overall management, and provide an overall unified view of all mobile devices, including hardware and software inventory, data usage, and the security posture of the device (that is, the ability to know if the device has been compromised--jailbroken or rooted, for instance). And that's just a partial list of capabilities.
MobileIron's cloud offering is essentially the company's on-premises software, just hosted by MobileIron in its own SAS 70-compliant data center, running as a multi-tenant service. Each managed device still needs to run the MobileIron agent, but that agent can connect directly with the MobileIron back-end service running in the cloud. A light piece of server software runs on premises, according to Ojas Rege, MobileIron's VP of Products and Marketing. This software is really the integration point between the corporate directory and security systems and MobileIron's service.
MobileIron supports Microsoft Active Directory, or any LDAP-based directory service (this is no different than its on-premises system) for authentication and policy definition and enforcement. Rege said that MobileIron's cloud system doesn't just do scheduled directory service data dumps, but retains a real-time connection into the corporate directory, which is particularly vital where there is concern about data protection during employee turnover, for example.
The cloud version only supports Apple iOS and Google Android devices for now. Although that represents a significant portion of the emerging enterprise mobile market, and clearly the two platforms that provide IT with the biggest headache, the lack of BlackBerry support is a significant omission, especially since some companies are either moving away from BlackBerry, or incorporating more platforms into a BlackBerry-heavy mix. A MobileIron spokesperson said BlackBerry support will come later this year.
The on-premises version of MobileIron also supports BlackBerry, Symbian, and Microsoft Windows Mobile; it supports Microsoft Windows Phone 7 and HP's WebOS via ActiveSync for email and application access control.
For the BlackBerry platform, MobileIron integrates with RIM's BES to handle remote control, monitor real-time activity, perform selective wipe, and provide an employee self-service portal for lost device management, as well as application and file provisioning. MobileIron integrates all of that into a central view. Naturally, the RIM BES solution takes care of policy definition and enforcement, and does so with the sort of flexibility that no other provider can match; MobileIron doesn't attempt to re-create that.
Rege did say that MobileIron is starting to see many of its customers migrating from the BlackBerry platform and "capping their RIM investments." MobileIron, he says, helps them make that migration--but beyond that, this little factoid adds even more fuel to the RIM-is-in-trouble fire.
All communication between device and server (on-premises and in the Connected Cloud version) is encrypted using TLS. MobileIron's on-premises product connects with Microsoft's CA on the back end for over-the-air certificate management and distribution. The company will add this capability to the cloud version later this year, Rege said.
One of MobileIron's useful features is Sentry, which taps Active Sync to discover mobile devices that might be hitting your Microsoft Exchange server. Sentry can classify those devices as registered, or not, and choose to block or allow them on that basis. This feature, however, is only available in the on-premises system for now. A company spokesperson said that Sentry will be available in the Connected Cloud version in the fourth quarter, 2011.
Editors Note: After publishing this story, a MobileIron spokesperson contacted us to let us know that the information provided to us regarding Sentry was incorrect. Indeed, Sentry integrates with Connected Cloud.
MobileIron launched in early 2008, and its first product emerged exactly two years ago (August 2009). It recently raised $20 million in venture funding, and has raised $57 million so far. The company now employs more than 150 people and has more than 600 customers, Rege said. Approximately 40% of those customers are outside of the U.S.
Its initial launch coincides with the rise of touch-based smartphone platforms, notably the iPhone and Android devices.
In fact MobileIron, along with a host of other competitive offerings, comes along at a time when a majority of IT departments are dealing with the onslaught of devices end users have for personal and professional purposes, and at a time when those IT professionals are helping define a safe mobile application strategy--including how severely to implement security and policy features, sandboxing the personal from the workplace applications, and even creating corporate-approved app stores.
MobileIron has had the cloud version in beta with 11 customers for three months now, and Rege says that six of those are in the Fortune 1000, and half of the companies are in heavily-regulated industries. The product is available starting August 3, and runs $4 per managed device per month. This is the same price as the on-premises version. MobileIron also provides a perpetual license option for $75 per device, with a 20% annual maintenance fee. Rege says that customers also can run MobileIron in a private cloud, managed by a systems integrator.
MobileIron works through the channel, and has a special deal with AT&T that lets customers get billed through the carrier.
-- Video Demo of Fiberlink mobile device management
-- Our mobile device management buyer's guide, under development
Fritz Nelson is the editorial director for InformationWeek and the Executive Producer of TechWebTV. Fritz writes about startups and established companies alike, but likes to exploit multiple forms of media into his writing.
Follow Fritz Nelson and InformationWeek on Twitter, Facebook, YouTube, LinkedIn, and Google+:
At the 2011 InformationWeek 500 Conference, C-level executives from leading global companies will gather to discuss how their organizations are turbo-charging business execution and growth--how their accelerated enterprises manage cash more effectively, invest more wisely, delight customers more consistently, manage risk more profitably. The conference will feature a range of keynote, panel, and workshop sessions. St. Regis Monarch Beach, Calif., Sept. 11-13. Find out more and register.