Skip to main content
Mobile Application Management MAM in IT Asset Management

Mobile Application Management MAM in IT Asset Management

$249.00
Toolkit Included:
Includes a practical, ready-to-use toolkit containing implementation templates, worksheets, checklists, and decision-support materials used to accelerate real-world application and reduce setup time.
Your guarantee:
30-day money-back guarantee — no questions asked
How you learn:
Self-paced • Lifetime updates
Who trusts this:
Trusted by professionals in 160+ countries
When you get access:
Course access is prepared after purchase and delivered via email
Adding to cart… The item has been added

This curriculum spans the equivalent of a multi-workshop program, addressing the end-to-end integration of Mobile Application Management with IT Asset Management, from platform selection and application onboarding to compliance auditing, incident response, and decommissioning, reflecting the depth of an internal capability build for enterprise mobility governance.

Module 1: Defining Mobile Application Management Scope and Integration with ITAM

  • Determine whether MAM will cover only corporate-owned devices or extend to BYOD, requiring clear separation of personal and corporate data.
  • Select integration points between MAM and existing IT Asset Management (ITAM) systems to synchronize application inventory, license allocation, and device ownership records.
  • Define which application metadata (e.g., version, publisher, license key, deployment date) must be captured and retained in the ITAM database for compliance reporting.
  • Establish ownership roles between endpoint management teams, application owners, and ITAM stewards to avoid duplication or gaps in accountability.
  • Decide whether containerized applications require separate lifecycle tracking from the underlying mobile OS in the asset register.
  • Map MAM-controlled applications to software license entitlements to identify over-deployment or underutilization across the fleet.

Module 2: Platform Selection and Vendor Evaluation Criteria

  • Compare MAM capabilities across enterprise mobility platforms (e.g., Intune, VMware Workspace ONE, Jamf) based on depth of app wrapping, policy enforcement, and reporting granularity.
  • Evaluate whether on-premises, cloud-hosted, or hybrid MAM architectures align with data residency requirements and existing identity infrastructure.
  • Assess vendor support for both public app store applications and internally developed line-of-business (LOB) apps, including sideloading and private distribution mechanisms.
  • Validate API accessibility and stability for integrating MAM data into centralized ITAM dashboards and service management tools (e.g., ServiceNow).
  • Test application blacklisting and whitelisting performance under high-concurrency conditions to prevent deployment bottlenecks.
  • Review vendor patch cycles and backward compatibility commitments to ensure long-term support for legacy applications still in use.

Module 3: Application Onboarding, Wrapping, and Distribution

  • Develop a standardized process for submitting new applications to MAM, including security review, metadata tagging, and approval workflows.
  • Implement app wrapping for internally developed Android and iOS applications to enforce encryption, copy-paste restrictions, and authentication policies.
  • Configure distribution channels (e.g., public links, private app catalogs, automated pushes) based on user group, role, and geographic location.
  • Test wrapped applications across multiple OS versions and device models to confirm functionality is not degraded by policy injection.
  • Establish version control procedures for updating MAM-wrapped applications without disrupting user access or requiring full re-wrapping.
  • Document and enforce naming conventions for internally distributed apps to prevent confusion with public app store versions.

Module 4: Policy Design and Conditional Access Enforcement

  • Define conditional access rules that block application access when device compliance status (e.g., jailbreak detection, OS version) falls out of policy.
  • Implement data loss prevention (DLP) policies that restrict file sharing between managed and unmanaged apps on the same device.
  • Configure authentication requirements (e.g., biometric, PIN, SSO) for application launch based on data sensitivity and regulatory classification.
  • Set time-based access policies for temporary contractors or project-based users to automatically revoke app access after contract expiration.
  • Balance usability and security by exempting low-risk applications (e.g., public news readers) from strict containment policies.
  • Log and audit all policy violations and access denials for inclusion in security incident response and compliance reporting.

Module 5: License Management and Cost Accountability

  • Track per-user or per-device license consumption for paid mobile applications and reconcile against procurement records.
  • Automate license reclamation when users leave the organization or devices are decommissioned to avoid unnecessary renewals.
  • Allocate mobile software costs to business units based on application assignment data from the MAM system.
  • Identify shadow applications deployed outside MAM control and assess whether licensing obligations have been violated.
  • Enforce license caps during deployment to prevent over-provisioning of volume-purchased apps (e.g., Apple VPP, Google Play EMM).
  • Generate monthly reports showing license utilization trends to inform budget planning and vendor negotiations.

Module 6: Compliance, Auditing, and Regulatory Alignment

  • Configure MAM to generate audit logs that capture app installation, removal, policy changes, and access events for SOX or HIPAA compliance.
  • Map application data handling practices to GDPR or CCPA requirements, particularly for apps that process personal data on personal devices.
  • Conduct periodic access reviews to validate that only authorized users retain access to regulated applications.
  • Preserve application usage logs for legally mandated retention periods, even after device or user deprovisioning.
  • Integrate MAM compliance status into broader IT risk dashboards used by internal audit and governance teams.
  • Respond to data subject access requests (DSARs) by extracting application usage and data access records from MAM logs.

Module 7: Incident Response and Application Remediation

  • Define escalation paths for responding to compromised or malicious applications detected in the MAM environment.
  • Execute remote wipe of corporate application data without affecting personal data on BYOD devices during security incidents.
  • Roll back application updates that introduce instability or violate compliance policies using MAM’s version rollback capability.
  • Quarantine devices that exhibit anomalous behavior (e.g., repeated policy violations, unauthorized app installations) via automated triggers.
  • Coordinate with application vendors to patch vulnerabilities identified in third-party apps distributed through the MAM catalog.
  • Maintain an incident playbook specific to mobile application breaches, including forensic data collection from MAM logs.

Module 8: Lifecycle Management and Decommissioning

  • Establish retirement criteria for mobile applications based on vendor end-of-support dates, business process changes, or security risks.
  • Notify users and business owners in advance of application deprecation to allow for migration planning and data export.
  • Remove retired applications from distribution catalogs and block access via MAM policies to prevent continued use.
  • Archive application metadata and usage history in the ITAM system for historical reporting and license reconciliation.
  • Update dependency mappings in ITAM to reflect decommissioned apps and identify systems that may be affected.
  • Conduct post-retirement reviews to assess user impact and refine the application lifecycle process for future sunsetting events.
!