- Cisco’s enterprise security portfolio lacks a strong play on mobile devices, especially those running iOS or Android.
- By acquiring MobileIron, Cisco would gain strong enterprise EMM technology and the much-needed ability to enforce policy on disconnected mobile devices.
Tech industry prognosticators enjoy speculating about what companies Cisco will acquire next. In enterprise security, the vendor has a several needs, perhaps none more glaring than the need for improved mobile device security and policy enforcement.
Cisco’s security objective is to offer end-to-end security from the cloud to the endpoint, but it lacks a strong play on mobile devices – iOS and Android in particular – which has become crucial. On-network devices can benefit from the protection afforded by its network security capabilities, but when mobile devices leave the network, they are vulnerable, particularly to inbound malware.
Cisco’s current products don’t fully address the issue. Its AMP for Endpoints offering supports Windows, Mac, and Linux, but only some Android devices and nothing running iOS. The recent addition of Umbrella DNS security to Cisco AnyConnect VPN clients partially addresses off-network Windows and Mac clients using AnyConnect, but to thwart malware and other attacks involving social engineering, Cisco needs a way to enforce policy across all endpoints, static and mobile, on- and off-network.
A better solution would involve enterprise mobility management (EMM). With the evolution of mobile device management (MDM) products that safeguard e-mail and productivity data as well as manage provisioning, policy management and enforcement, reporting, and compliance, EMM has evolved to incorporate mobile application management (MAM) for secure deployment and management of applications on endpoints. Through its acquisition of Meraki, Cisco now owns a cloud-based MDM offering, but one that has a largely SMB customer case and lacks the advanced application deployment and security capabilities of mature enterprise EMM platforms.
A fascinating acquisition for Cisco would be MobileIron. The last remaining top-tier pure-play EMM vendor, MobileIron would not only provide Cisco with an enterprise-caliber, best-of-breed EMM offering to secure mobile data, devices, and applications, but also give Cisco the much-needed ability to enforce policy on disconnected mobile devices. Furthermore, the synergy between Cisco’s network-centric worldview and MobileIron’s Sentry in-line data security gateway is hard to ignore. Given Cisco’s growing penchant for building security functionality into the fabric of its network devices, it would make all the sense in the world for Cisco to bundle Sentry as a software function of its ISRs in the same way it recently added StealthWatch Learning Network. This would allow ISR customers, in theory, to upgrade their routers to serve as trust brokers for (and propagate policies to) mobile devices, and even grant or deny access to cloud services.
Despite inheriting Meraki MDM, Cisco has shown little interest in the MDM/EMM market. Yet, given the ever-increasing profile of employee-owned or otherwise partially managed mobile devices coming and going from enterprise environments, it wouldn’t be a surprise to see Cisco’s EMM stance change. And with MobileIron’s market cap hovering around $250 million, the acquisition cost to Cisco might be more palatable than some think. MobileIron’s strong technology, partner ecosystem, and most importantly, its ability to fill a portfolio gap may be enough for Cisco to rethink making an EMM acquisition.