A few months ago I posted a blog entry entitled: "Containerization vs. Application Wrapping: The Tale Of The Tape." Well... the bout is finally over and a winner has been decided. Using a virtual tape measure, I analyzed the mobile application technology spectrum to determine which technologies are better suited to deployment in the enterprise and why. The results were about what I expected. The fight went right down to the wire and nobody scored a knockout with the winner being decided with a slim margin over the 8 rounds. Here is the judge's score card:
If you have implemented or used either application wrapping or containerization technologies, please COMPLETE THIS SURVEY.
Application wrapping versus containerization: Which technology provides better security to an enterprise mobile deployment? What are the use cases for each technology, and which technology has a longer shelf life when it comes to being the de facto standard for enterprise mobile security? Are there times when containerization provides a better user experience than application wrapping? And more simply speaking . . . what the heck is the difference between these two technologies, and which one should you purchase?
In the sport of boxing, "the tale of the tape" is a term used to describe a comparison between two fighters. Typically, this comparison includes physical measurements of each fighter as taken by a tape measure before the bout, thus the term "the tale of the tape." I'm currently conducting research for a "tale of the tape" report between mobile containerization technologies and mobile application wrapping. There has been a significant amount of discussion lately regarding which of these technologies is better suited for enterprise deployment. In order to settle this dispute, I'm going to get out the virtual tape measure and analyze the fighters!
Mobile device management is a fully commoditized market. In the strictest definition of MDM, the available functionality is limited to those application programmer interfaces that are made available by the operating system vendor (Google or Apple). There is very little that traditional MDM offerings can do to differentiate themselves from the other 100+ vendors in the market. This causes significant price pressure on the offerings. Value for MDM is rapidly approaching zero. As we have seen over the past year-and-a-half, core MDM component offerings have been continuously lowering their prices in an attempt to maintain market share. There is a transition by the major MDM players to expand well beyond the traditional "wipe," "lock," and "locate" concepts available to them into more advanced technologies such as content and collaboration systems, security components at the network and application layer, as well as partnerships and integrations with secondary market offerings. These features have value. MDM at its core does not.
I think it's about time someone came out and said it. Just like Dobby from the Harry Potter books, MDM should be free. I've been telling all of the vendors that I work with that if they don't put out their MDM offering in a freemium model very shortly, the other vendors will beat them to the punch. Traditional MDM offerings are a land grab for enterprise market share and should be used as an upsell or wedge into more advanced and differentiable offerings. I predict that in the next 6 to 9 months we will see most, if not all, of the leading MDM vendors giving away their core functionality.
It's hard to believe that a company could burn through $225 MILLION dollars in 11 months, but it looks like that may have been exactly what AirWatch did. According to data released by AirWatch and written by financial analysts (links to all data sources at bottom of post), AirWatch likely had burned through nearly all of its available cash in record time. Based on an assumption of $120K burn per employee (fully loaded) per year and an assumed removal of $50M in equity at the time of the venture round, AirWatch would have had somewhere between 5 and 6 months of runway left as of January 2014. These assumptions are corroborated by the fact that VMware has contractually extended AirWatch an offer to provide a bridge loan if the acquisition deal does not close in the next 6 months.
What did AirWatch do wrong? It sounds like they may have made some over-assumptions with regards to their growth rates for 2013. It could have possibly been the adoption rates in countries outside of North America. It may have just been bad luck. Or it could even be a cooling off of interest in mobile device management technologies based on containerization. We won't know exactly why they were getting near the end of the runway, but what we can say is that VMware may have overpaid in multiple. Based on the data provided by VMware of AirWatch bookings for 2013, VMware paid somewhere around 16x bookings for AirWatch. Man, that's a lot of bread!
On January 22, 2014, a new mobile security player was born. This is the date that VMware announced its intention to purchase the mobile device management (MDM) firm AirWatch. With a price tag of $1.5 billion, this acquisition confirms that the mobile security market is scorchingly hot. This news comes on the heels of the November acquisition of Fiberlink by IBM. I expect additional mobile security market consolidation to occur throughout the remainder of 2014. This acquisition is a shot across the bow of any other major vendor looking to play in the mobile security market. If you don't step up and spend now, you might just be left holding the bag.
There is a 14-dog race going on, with a goal to win the wallets of the enterprise for mobile security spend. When lined up in the starting blocks, the racers may all seem to have equal chances, but a few are better poised to cross the finish line first and bask in the glory of the winners' circle. Three of these technologies are the odds-on favorites to lead from start to finish, with the rest of the racers struggling to remain relevant.
Coming off the starting block with the "holeshot" are the mobile device management vendors. With huge engines of revenue, large customer counts, and first-mover advantage, this dog is the odds-on favorite to take the championship trophy. Mobile device management vendors are already expanding their technologies and products into security platforms to diversify their rapidly commoditized product offerings. The move is paying off for the biggest and toughest MDM participants in the race, giving them the early, and potentially insurmountable, lead.
All of the fighting has resulted in multiple casualties. BlackBerry couldn't keep up the pace and was eventually chopped off at the knees. Microsoft has yet to gain enough developer volume to be a real threat and will eventually reinvent itself as a new company under new leadership. Third-party app stores are distributed and nimble but really amount to nothing more than splinter groups using guerrilla tactics against the major nation states. They just can't compete in the long term.
In the United States, Google Play and Apple iTunes have become the two superpowers in the mobile app war. With exceptional mobile application uptake, these two players have come to dominate the consumer mobile space. Phones don't sell phones. . .applications sell phones, and these two players have won.
What happens in Vegas shouldn’t stay in Vegas. I was out at BlackHat with other members of the Forrester team over a week ago (seems like yesterday!). It was two jam packed days of popping into briefings, guzzling copious amounts of green tea, and meeting new people and learning new things. In general, I like to keep an eye and ear out for startups to see what’s bubbling up, and came across a few at BlackHat:
Co3 Systems. Co3 Systems* help to automate the four pillars of incident response (prepare, assess, manage, and report) and break down responsibilities and response to ensure best practices are followed along with compliance with regulatory requirements. They just updated their security module to include threat intelligence feeds from iSIGHT Partners, AlienVault, Abuse.ch and SANS, and recently rolled out an EU data privacy and breach notification update to the product. I’m a numbers nerd, so when they let me play with the solution, I immediately started running simulations that estimated the cost of a breach.
FileTrek. FileTrek provides visibility and transparency into where data resides, how it’s being accessed, moved, used, changed, and shared between people, devices, and files. No, it’s not DLP. It’s more like the mother of all audit trails that takes context and sequence of events into account. That way, if someone who is supposed to have access to data starts to do things with it beyond what they normally do, FileTrek will flag it as suspicious activity.