3 years ago, I wrote a little article that put me on the map and radar called “The Life of a Mobility Engineer”. I went on to detail growing up in the MDM/UEM industry from administrator to engineer to architect. I particularly love one quote from that article, which sums up so much:
When I was an MDM administrator, I thought I was king shit until I went to BlackBerry and realized I was a moron.
Today, we begin a two-part journey about leveling up as a mobility engineer. In Part One, we are going to discuss the transition in our industry and how it grew into what we know today. In Part Two, we will talk about how you can shift in this new landscape, and some of mistakes that I have seen by a few peers. It’s going to be an interesting conversation, but it is one worth having.
The Evolution of Mobility
We are stuck in this inevitable cycle of buzzwords. Everyone knows BlackBerry hit the scene in the late 90s, lost traction, and eventually succumbed to perennial rockstars iOS and Android. Let’s look at a bit at that evolution, first with a little chart.
Obviously, there are so many milestones that you could focus on. I am focusing on major turning points that would cause tidal waves for so many of us. Let’s discuss a bit more!
BlackBerry and its Impact
To be super clear, I credit everything that I have in my professional career to my time at BlackBerry. Honestly, when it came to productivity, efficiency, and reliability nothing ever came close, including what is available today.
My love affair with BlackBerry would go on for years even trying their Android-based devices, which were unfortunately run on insufficient hardware. BlackBerry suffered from a similar fate to many things in our life: they got too comfortable and did not innovate. As phones would get more affordable, people expected them to be “toys.”
People realized they loved apps, which was always the Achilles heel of BlackBerry. BlackBerry’s entire foundation was on a secure platform that would be the inspiration for Apple’s Secure Enclave years later. BlackBerry couldn’t find a way to deliver the apps that people love while maintaining that level of security that was their namesake. A few different container options were tried, but nothing ever got them where they needed to be.
Even BlackBerry 10 despite being a valiant effort to recover market share from iOS and Android still fell short. As someone who worked at BlackBerry, I truly believe their downfall came down to ONE app: Netflix. You cannot imagine how many C-level executives would complain endlessly over the missing Netflix Application. The rest is history as they say.
The Birth of Mobile Device Management
As BlackBerry faltered, true MDM had come. The climatic event to me in the US was when Verizon finally got the iPhone in 2010. When your decision was EITHER a Moto Q or a BlackBerry it’s no big deal. Once the iPhone hit, we were beginning to hit a shift in how people interact with each other as a whole.
In mid-2010, you would see the birth of iOS 4 with their MDM framework.
Android would follow suit with Device Administrator offering a similar MDM experience:
Now, we could finally start to manage consumer platforms and potentially use them in the enterprise. So what would happen next?
We would come to welcome a few major players, such as MobileIron, AirWatch, Good, and more. The nice thing about the MDM standard is they were all playing with the same crayons, but it came down to what box you liked more. Some liked how AirWatch was a more appealing management experience visually and were using some unique ideas around organizing devices. Others enjoyed Good’s container, which delivered the best email app experience. MobileIron was a popular choice as well delivering great security and a mobility suite.
The MDM Evolution Begins
AirWatch and MobileIron would create a very interesting idea. Can MDM be more? Forever, we knew MDM as managing a device, delivering apps, controls, etc. They would introduce a new idea: EMS.
EMS or Enterprise Mobility Suite was a concept around enhancing your mobility journey with other tools, like secure content management, security email gateways, tunneling platforms, and much more. As you can see, mobile can be so much more than just locking things down:
This evolution would become a very important one. People started to think about how they could digitize and eliminate paper. You would have people using iPads in meetings instead of handouts, accessing their global catalog, delivering email outside of a VPN, and addressing a new issue: DLP.
This would also introduce an issue. Your BlackBerry administrator could probably learn how to administer in the console, but now they had their job elevated substantially. They were now responsible for additional servers and technologies they had never touched before. Now, they needed to learn how proxies work, certificates, protocols like SMB and CIFS, and became more crucial to the IT strategy of every organization.
EMS introduced a substantial challenge. You now had to rearchitect your entire environment. Now, that new complex environment could look something like this:
Some sunk and some swam. It was challenging for many people. We have seen similar situations with Middleware engineers needing to adapt to the cloud. Mobility people were commonly a 2nd job from an Exchange Administrator or a converted help desk person/people. This was going to be a real challenge to deliver moving forward.
We Can’t Forget Windows 10 and MacOS
Another game-changing moment was the release of Windows 10. Microsoft went on to release Windows 10 in 2015, which I think is the only reason we see MacOS outside of JAMF, which really elevating things and led to the birth of Unified Endpoint Management (UEM).
Microsoft had a simple idea, which is amazing considering many people are still afraid of it.
Why do you need VPN to get things? Why should VPN be the difference between life or death?
Microsoft realized you could extend GPOs, software updates, application lifecycle management to the cloud, which would go on to be known as CSPs.
The idea is that you could shift your Group Policies to a MDM-like payload concept similar to how mobile devices work today. In today’s age, even PCs and Macs are mobile devices.
Apple has proven this as well with many of their decisions over the last few years, including cost reduction, securing their attack surface, and putting concepts at the forefront like privacy, which people care about.
Why the VMware Acquisition was Pivotal
So, the question is WHY did this matter? The VMware acquisition was many things, but I think it was one important thing. For the people who were AirWatch Administrators, the VMware acquisition provided you with an opportunity.
With the VMware stack intertwined with AirWatch, we could now become more relevant. We had the opportunity to deliver SSO as “VMware Identity Manager” was added to our bag of tricks. We also were brought closer to the VMware stack, which was a potential opportunity for people to learn we are more than “AirWatch Guys/Girls.”
Many people have often felt that mobile people are one-trick ponies that activate iPhones, but now we had a chance to work on something that was becoming very relevant circa 2015 or so: Identity Access Management.
Mobility Expectations are Changing
People were starting to expect that the experience should be delivered everywhere. “If an app is on my desktop, I also want it on my phone or tablet.” That wasn’t the problem, but delivering the same experience was a big issue.
How could you deliver the seamlessness of Kerberos on an iOS or Android device? As I wrote a few years ago, it works on PC just wasn’t good enough anymore. This would lead to the highly popular Ping and Okta gaining relevancy and even VMware Identity Manager with their Cloud Kerberos implementation.
Delivering a great SSO experience regardless of platform while still managing access and control in an effective manner became a crucial tenet of the end user experience. The expectations changed and things were only going to become more challenging.
The Growth of Mobile Security
In 2019, the global mobile security market was valued at over 3.2 billion dollars. We would see a cascading effect where user expectations grew and so did the attack surface. In 2016, several vendors would form the AppConfig community who was committed to supporting developers in configuration and adhering to consistent security standards across the entire landscape.
We would start to see mobile security solutions explode, such as:
- App Reputation
- Mobile Threat Defense
- App Protection/DLP Policies
Let’s discuss them a bit more briefly to bring clarity.
App Reputation was a pretty simple yet amazingly effective idea. You would create a policy, and they would scan apps that violated that policy. When a violation occurred, it would tell your MDM that something was wrong.
You basically created policies saying, “tell me if this app requires access to cloud storage” or “tell me if this app forks processes.” It was elegant and effective, where companies like Appthority and Veracode would be very successful.
Mobile Threat Defense: The Next Generation of App Reputation
MTDs would be the next generation of reputation and protection on mobile devices. The MTD would keep an eye on your device and make sure you’re in a healthy state. Some of them would do content filtering/blocking. Overall, they would act like an antivirus on your mobile device protecting you from many types of attacks.
We would have many great players in this space in recent years like Lookout, Zimperium, Microsoft, and Symantec to name a few. They continue to evolve with one goal in mind: “Protect People from Themselves”
It was another great area where we would have an opportunity to shine. Leveraging reports and intelligence, we could show how we are being great stewards and helping to keep our users safe regardless of what device they use. A sister of MTDs are App Protection Policies, which I strongly recommend reading one of my past articles to learn all about how they protect you at the App Level.
How EUC has Evolved
The last area that I wanted to discuss in the evolution of mobility is how desktop mobility aka VDI has made a major impact. VMware and other vendors have brought VDI and UEM together as they converge on “End User Computing.”
Logically it makes a ton of sense to bring them together. At the end of the day, it is all about user experience now. With this change are huge expectations within organizations. People now expect you to know mobility and VDI. This is a problem considering it makes both groups of people weaker, but at the end of the day it gives end use experience a major win.
I wrote about this a few months ago, but I did change my mind a little bit on it. It does give us one thing: more people are collaborating toward a common goal because we need each other. I think that is what End User Experience is all about.
The Future of Mobility
Today, we know where things stand. Things have evolved quickly and there is this major fork. Some of the things that I could see possible can be seen below:
I know there are many strong opinions around the future of mobility. Inevitably it comes down to what vendors you have hitched your wagon to. VMware, Citrix, Microsoft, etc. have all done a great job at incentivizing you to use their whole stack. There’s no real right answer to how your mobility journey should be taken. Here is a collection of things that I foresee happening in the next 5 years:
- Onboarding automation and synergy is going to be an absolute must instead of a nice to have
- A larger reliance of using REST APIs and less on the GUI
- Desired State Management will grow to other platforms and become the next huge advancement
- More vendors will make virtual assistants part of their eco system
- Identity and Access Management will leverage AI and risk analysis at a much higher level than they do today
- Platforms like PCaaS and BYOD PCs and Macs will start gaining traction as vendors will empower enterprises with other options than VDI.
We all have strong opinions as I said earlier. Some people are VDI-adverse, some are single platform-adverse, and some just refuse to use anything that isn’t Microsoft. At the end of the day, it depends if your gaps are their gaps. The main focus should be to use the right solution. If you are deploying dedicated VDI on $2000 laptops, then you are doing it wrong. It’s vital to do things the right way and not to waste money by duplicating technologies.
Final Thoughts on the History of Mobility
I fully expect and hope for some good feedback on this. The reason that I wrote this article is to setup part two. We will be talking about how many Mobility Engineers are unknowingly making themselves obsolete. They are going to need to realize that knowing iOS and Android are not good enough anymore. You need to elevate your skill set and grow into more. You too, can have a re-awakening like Neo in the Matrix.