Gartner Research

Mobile Endpoint Security

Published: 12 April 2012

ID: G00231048

Analyst(s): Eric Maiwald


Securing mobile endpoints (including notebooks, tablets and smartphones) is a requirement for most organizations. The controls needed on the mobile endpoint depend on the information to be stored on the device (if any is to be stored at all), the ownership of the mobile endpoint device and the mobile application architecture. This Decision Point examines the architectural decisions for mobile endpoint controls and shows the relationship between security controls, the mobile application architecture, network connectivity and mobile device management.

Table Of Contents

Decision Point

Decision Context

  • Business Scenario
  • Architectural Context
  • Related Decisions

Evaluation Criteria

  • Requirements and Constraints
    • Offline Versus Online Access
    • Storage of Information on the Device
    • Type of Device
    • Endpoint Ownership
  • Principles


  • Unmanaged Mobile Endpoint Devices
  • Moderately Managed Mobile Endpoint Devices
  • Heavily Managed Mobile Endpoint Devices
  • Managed Containers

Future Developments

Decision Tool

  • Controls on the Endpoint Device Position
    • No Controls Are Necessary on the Device to Protect the Stored Data
    • Controls Are Necessary on the Device
  • Type of Endpoint Controls Position
    • Risk Is Not Appropriate to Accept
    • Take Control of the Mobile Device, Heavily Manage It and Properly Configure the Mobile Device
    • Take Control of the Fixed Device, Control Physical and Logical Access to It, Heavily Manage It and Properly Configure the Fixed Device
    • Put Data Into a Managed Container With Appropriate Controls or Moderately Manage the Mobile Device
    • Use a Managed Container to Separate and Protect Enterprise Data
    • Moderately Manage the Device
    • Require Authentication to the Mobile Device, Consider the Ability to Wipe the Device and Provide Security Awareness to the User on How to Protect the Mobile Device
    • Provide Security Awareness to the User on How to Protect the Mobile Device
  • Configuration and Policy Compliance Position
    • Utilize an Appropriate Agent on the Mobile Endpoint Device and Use It to Verify Endpoint Configurations
    • Do Not Utilize an Agent
  • Anti-malware Position
    • Utilize Anti-malware Controls on the Mobile Endpoint Device
    • Do Not Utilize Anti-malware Controls on the Mobile Endpoint Device

Recommended Reading

©2021 Gartner, Inc. and/or its affiliates. All rights reserved. Gartner is a registered trademark of Gartner, Inc. and its affiliates. This publication may not be reproduced or distributed in any form without Gartner’s prior written permission. It consists of the opinions of Gartner’s research organization, which should not be construed as statements of fact. While the information contained in this publication has been obtained from sources believed to be reliable, Gartner disclaims all warranties as to the accuracy, completeness or adequacy of such information. Although Gartner research may address legal and financial issues, Gartner does not provide legal or investment advice and its research should not be construed or used as such. Your access and use of this publication are governed by Gartner’s Usage Policy. Gartner prides itself on its reputation for independence and objectivity. Its research is produced independently by its research organization without input or influence from any third party. For further information, see Guiding Principles on Independence and Objectivity.

Already have a Gartner Account?

Become a client

Learn how to access this content as a Gartner client.