Mobile device management is a fully commoditized market. In the strictest definition of MDM, the available functionality is limited to those application programmer interfaces that are made available by the operating system vendor (Google or Apple). There is very little that traditional MDM offerings can do to differentiate themselves from the other 100+ vendors in the market. This causes significant price pressure on the offerings. Value for MDM is rapidly approaching zero. As we have seen over the past year-and-a-half, core MDM component offerings have been continuously lowering their prices in an attempt to maintain market share. There is a transition by the major MDM players to expand well beyond the traditional "wipe," "lock," and "locate" concepts available to them into more advanced technologies such as content and collaboration systems, security components at the network and application layer, as well as partnerships and integrations with secondary market offerings. These features have value. MDM at its core does not.
I think it's about time someone came out and said it. Just like Dobby from the Harry Potter books, MDM should be free. I've been telling all of the vendors that I work with that if they don't put out their MDM offering in a freemium model very shortly, the other vendors will beat them to the punch. Traditional MDM offerings are a land grab for enterprise market share and should be used as an upsell or wedge into more advanced and differentiable offerings. I predict that in the next 6 to 9 months we will see most, if not all, of the leading MDM vendors giving away their core functionality.
It's hard to believe that a company could burn through $225 MILLION dollars in 11 months, but it looks like that may have been exactly what AirWatch did. According to data released by AirWatch and written by financial analysts (links to all data sources at bottom of post), AirWatch likely had burned through nearly all of its available cash in record time. Based on an assumption of $120K burn per employee (fully loaded) per year and an assumed removal of $50M in equity at the time of the venture round, AirWatch would have had somewhere between 5 and 6 months of runway left as of January 2014. These assumptions are corroborated by the fact that VMware has contractually extended AirWatch an offer to provide a bridge loan if the acquisition deal does not close in the next 6 months.
What did AirWatch do wrong? It sounds like they may have made some over-assumptions with regards to their growth rates for 2013. It could have possibly been the adoption rates in countries outside of North America. It may have just been bad luck. Or it could even be a cooling off of interest in mobile device management technologies based on containerization. We won't know exactly why they were getting near the end of the runway, but what we can say is that VMware may have overpaid in multiple. Based on the data provided by VMware of AirWatch bookings for 2013, VMware paid somewhere around 16x bookings for AirWatch. Man, that's a lot of bread!
My esteemed colleagues Renee Murphy and Nick Hayes joined me in a fully collaborative, marathon evaluation of 19 of the most relevant GRC platform vendors; we diligently pored through vendor briefings, online demos, customer reference surveys and interviews, access to our own demo environment of each vendor’s product, and as per Forrester policy, multiple rounds of fact checking and review. The sheer amount of data we collected is incredible.
On January 22, 2014, a new mobile security player was born. This is the date that VMware announced its intention to purchase the mobile device management (MDM) firm AirWatch. With a price tag of $1.5 billion, this acquisition confirms that the mobile security market is scorchingly hot. This news comes on the heels of the November acquisition of Fiberlink by IBM. I expect additional mobile security market consolidation to occur throughout the remainder of 2014. This acquisition is a shot across the bow of any other major vendor looking to play in the mobile security market. If you don't step up and spend now, you might just be left holding the bag.
Digitally empowered customers are disrupting every industry; the age of the customer brings with it some inherent risks that will push organizations to increase spending on security software. In Asia Pacific, security software has leapfrogged other software categories and leads the region in terms of expected software spending growth in 2014 (see figure below).
We believe that the high growth in security software spending in Asia Pacific is primarily due to the following risks related to the age of the customer:
Migration to public cloud services. In a recent survey, 41% of Asia Pacific firms identified public cloud and other as-a-service offerings as a high or critical priority for 2014. Increased adoption of public cloud-based services like storage and disaster recovery is stretching the attack surface, exposing enterprises to a variety of security issues related to confidentiality, integrity, availability, and accountability. In response, firms must strengthen their security infrastructure.
Increased mobility. Nearly 45% of the Asian organizations in our survey identified mobility as a high or critical priority for 2014. As enterprises introduce mobility into their environment and add devices to support the initiative, the footprint of their infrastructure increases. The new access points attached to the network create opportunities for attackers to break into the infrastructure directly or via mobile application portals that provide gateways to protected, sensitive data.
Data Privacy Day is on January 28. But isn't all hope lost when it comes to the P-word? Interestingly, Daniel Solove is one key expert who doesn't think so: His recent Year in Privacy roundup sounds a number of positive notes, largely having to do with regulatory pressure driven by public pressure. In the age of the customer, we really can see "water wear away stone" when ordinary people demand change.
My colleague Fatemeh Khatibloo recently published some must-read research on contextual privacy: a framework for negotiating the collection and use of personal data that ensures a fair value exchange for both the customer and the business. Don't miss the blog post where she lays out some takeaways:
Privacy isn't dead, it just needs redefining.
Privacy will be a market differentiator.
Privacy technology will disrupt the marketing ecosystem.