Little did we know when we began experimenting with the novelty of cell phones and wireless networks that workplace mobility would morph into a primary enterprise computing model. And yet, here we are.\nDevices got very smart. Wireless networks grew very fast. Now we\u2019re developing mobility centers of excellence to strategize about the whole mobility enchilada from the top down. And much of that discussion revolves around mobile apps \u2013 creating them, distributing them, and managing them.\nThanks to mobility, employees have become free to do their jobs \u201con location.\u201d They are closer to customers and situations and able to resolve business issues faster. However, their apps are no longer snugly hosted behind the safe, static corporate firewall. So managing and securing them \u2013 and the data that resides in them \u2013 has become a top priority.\nThe mobile industry has come to the realization that even more important than managing a mobile device is controlling who accesses the corporate apps and data on it. Taking that a step further, ensuring controls are in place for the apps that to are designed to automatically share data with other apps and even social networks, which could pose a security risk. And finally, when supporting BYOD, personal and business data comingle on a single device, introducing the potential for inappropriate data sharing among apps and compounding your risk of data leakage.\n\u00a0So now we have a discipline we often call mobile application management (MAM). Specific methods within MAM help protect enterprise apps and data while leaving the rest of the user\u2019s device untouched. The features between the methods are similar in spirit, in that they all involve partitioning business from personal data. They just do so in slightly different ways:\n\n\u00a0Sandboxing. Partitioning all business apps from consumer apps by putting all business apps in one big encrypted \u201csandbox.\u201d Usually apps within the sandbox can share data among themselves, but not with apps outside the sandbox.\u00a0 One password generally gets a user access to all sandboxed apps.\n\n\n\u00a0Containerization. Isolating individual business applications from one another; each app is inside its own encrypted container and requires a separate password for access.\n\n\nApp wrapping. Considered by some a form of containerization, IT sets policies on how apps can be used, which apps can share data and with what. The difference is it doesn\u2019t require changes to the underlying application.\n\n\u00a0You might end up using any mix of the above capabilities, and they\u2019ll likely be embedded in a comprehensive enterprise mobility management suite. Each has its pros and cons, but it\u2019s helpful to know the nuances among them as you build your mobile protection strategy.\nTo learn about how you can secure your mobile workspace, view the whitepaper, Secure Application Delivery for a Mobile Workforce.