Search
  • LINQ Tech Team

Where MDM Falls Short: The Mobile Endpoint Protection (MEP) Market

Updated: Oct 22

When people invest in a Mobile Device Management (MDM) environment, they often have misplaced expectations about what the software can do. It allows for centralized inventory, policy enforcement, software distribution and remote wipe, but many clients expect more; they believe that they can monitor employee’s apps, see what websites they’re visiting, how much data they’re using, and more, but unfortunately, that’s not how MDM’s work.


This is where MDM ends and another category of software called Mobile Endpoint Protection (MEP), begins. There are many flavors of MEP, with some leaning more towards security (such as anti-virus products like Lookout, Zimperium, or MobileIron MTD) and others leaning more towards data, content, and traffic management.


Overview

Today we will explore two MEP products that can help prevent phishing attacks on mobile, ensure that your employees are staying productive, and restrict them from using company data for personal use. Wandera and Asavie are two front runners that have a few key differences.

Both Wandera and Asavie have specific use cases:

  • Web Traffic: Provide visibility into how a device is using cellular and potentially Wi-Fi data (where are they surfing? Where are their apps taking them?)

  • Carrier Expense Management: Identify and control cellular data usage a user is consuming overall (both the amount of data being used and which websites or applications the data is being used for)

  • Manage Productivity: Restrict where a user can “surf” on their mobile device through curated content restrictions (for example, a blanket restriction on adult content or conditional restriction on YouTube access until after-hours or only when on Wi-Fi)

  • Mobile Threat Defense: Prevent users from going to potentially harmful or compromised sites that may attempt to infiltrate the device or “phish” for sensitive data

In both cases, you can choose to “protect everything” and get licenses for a broad set of your devices or you can choose to buy a small set of licenses and “move them around” to monitor specific users or use cases. While setup for the above scenario is not exactly easy from a deployment and support perspective, it is possible.


What is Wandera?

Founded in 2012, Wandera provides zero trust cloud security that empowers businesses to manage their remote users. Its services protect from threats, filter content and enable secure access to cloud and private applications. In 2021, Wandera released a product that allows for monitoring and protecting specific Verizon MiFi devices.


Wandera pricing

At the time of writing, Wandera charges $6 - $9 per device.


Wandera pros and cons

Pros:

  • Mature management console with custom reporting

  • Rich security event logs

  • Smart MDM integration to apply MDM policies based on certain Wandera risk assessments

  • Generally works best when installed on an iOS, Android or even Windows device

Cons:

  • Less focus on non-iOS, Android or Windows device types (non-carrier specific mobile hotspots).

  • Difficult implementation (Profile based enrollment).

What is Asavie?

Established in 2004, Asavie offers mobile security services that provide visibility and control over mobile devices. Asavie is offered directly from the carrier under different carrier-branded product names.


Asavie works at the carrier/network level therefore it can theoretically protect devices without requiring an overt install. Because of this, LINQ has deployed Asavie in cases where the client requires protecting MiFi or Cradlepoint type devices.


Asavie pricing

At the time of writing, Asavie charges $10 per device.


Asavie pros and cons

Pros:

  • Works on standalone hotspots and Cradlepoint type devices

  • Great functionality at the network level requiring less implementation.

Cons:

  • Slightly less mature management console and features

  • Requires additional software component to monitor the WiFi traffic for a mobile device

  • For some edge cases, this solution has hard-to-follow “this only works on specific carrier or device” situations

  • Separate management portals for Verizon and AT&T devices

Final thoughts

It is important to understand where an MDM stops and where an MEP product begins. If managing and monitoring employee device usage is a priority for your business, MEP is likely the right option for you. Fortunately, there are at least two mature product offerings that can assist in monitoring and protecting mobile devices when it comes to content filtering, threat defense and data usage. For more information, or to find out how to get the most out of your MDM or MEP solutions, contact us.

35 views0 comments