[seibelj]

Mobile Device Management (MDM). Blackberry got the ball rolling in the early 2000's, but it was the release of iPhone and Android that got vendors rich.

Apple and Google created API's and enrollment processes to manage devices (device lock, wipe, etc.). Companies created software to consume those API's, the biggest being AirWatch, Mobile Iron, and MaaS360. AirWatch was acquired by VMware for $1.5billion in 2014 and Mobile Iron went public, rising 22% in the first day of trading. MaaS360 was acquired by IBM for several hundred million.

At first, license fees were high, competition wasn't too fierce, and the market was booming.

Then many more low-cost players moved in. Open source MDM software appeared. One company (Miradore) gives MDM away for free to hook customers on IT management fees and various other upsells. Mobile Iron stock is down 70% for the year.

I was listening to an NPR podcast this morning and heard an advertisement for a product named Bushel doing Apple MDM. I think the definition of commoditized tech is when you hear companies advertising on NPR.

My take on the situation is that it's risky to build a core business merely consuming other company's API's. Doing analysis and more advanced things, sure. But simply executing an API command is not special. The MDM list of features is completely controlled by Apple and Android manufacturers, and anytime they release a new feature, every MDM player instantly gets access to it. The only differentiation between products becomes how effectively they use the pre-existing API's (scaling, integration with other enterprise products, etc.) and pricing. This obviously becomes a race-to-the-bottom on pricing, destroying margins.

The reason I know so much about this is that I work at a company called Apperian, focusing on Mobile Application Management (MAM). We use to compete with the MDM guys, but it's a completely different game now. All of our core technology is unique, most of it is patented / patent pending, and we solve problems that the MDM API's cannot. We dominate the MAM industry, although niche and much smaller than the MDM sector, is growing very quickly. It would be extremely difficult and costly for a company to implement what we do, in contrast to the MDM guys.

It's been very interesting to watch the rise and fall of big players, as our sales keep booming. I will keep watching the drama unfold.

[i336_]

I had to Google MAM to clarify what it meant, and then I realized this was what I was wondering about the other day, puzzling over how BYOD isn't a massive security nightmare.

I must admit, I'm very fascinated with application management would actually be executed, from an academic / computer science angle.

I can also completely understand patenting from a business perspective, but I'm also curious as to what things have actually been (publicly) patented.

How is MAM different from MDM?

[seibelj]

MDM uses operating system level API's provided by the vendors (Apple, Google). These require the device to be enrolled with management software (Airwatch, Mobile Iron, etc.).

MAM vendors like Apperian use various other techniques to manage the applications and their data only. The device is completely irrelevant, because we only care about the app. We do this through clever use of API's and a technology called 'App Wrapping'. This takes the mobile app, decompiles it into machine code, and very carefully injects new security features directly into the decompiled app. This allows adding security features like data at rest, analytics, etc. without needing any OS level API's. https://www.apperian.com/mam-blog/app-wrapping-lets-get-tech...

[i336_]

Wow, thanks for the reply! :)

> decompiles it into machine code

...this was the part my eyes started getting big...

> very carefully injects new security features directly into the decompiled app

...and this was the part I had a small jawdrop moment. :P

> This allows adding security features like data at rest, analytics, etc.

_Wow_. I think I suddenly get the rationale behind patenting.

Hah.

* Reads link *

> Mobile app wrapping is able to provide the same level of security as device management and even takes it a level deeper by securing the app itself and inspecting that app to know what it is doing and if it contains any malware.

(Italics at the end mine)

After an admittedly short look around, I've concluded that you seem to be focusing entirely on enterprise-controlled system-/app lockdown.

To me, the technical accomplishments you've achieved to make this possible provides a massive opportunity just waiting to be fulfilled: a new, unique approach to mobile antivirus. It wouldn't be for everyone, but I can totally say that I'd use it, and a lot of technically-oriented "tinkerers" would probably love some of the introspection and analytics your system provides, in an antivirus context. :D

I suspect most of your existing tech could translate across really easily - and that the effort you make to make antivirus better will also translate across into even better lockdown heuristics.

Granted, I don't fully understand the platform, so I might've missed a point somewhere, but I still think this is pretty amazing tech. Thanks for the info! :D

[seibelj]

Are you looking for a job? We are hiring now for solid engineers. seibeljames@gmail.com or jseibel@apperian.com. We are doing some very interesting tech for governments / corporations with high-security clearance needs. I can explain much more in depth if this interests you