Organizations can deploy on-premises or cloud-based enterprise mobility platforms -- but first, they should evaluate the pros and cons of each route.
In the past, there were feature disparities between on-premises and cloud mobile device management (MDM) platforms. Leading unified endpoint management (UEM) platforms offer almost 100% feature parity, so the best route for organizations to take often depends on their existing infrastructure.
Deciding between cloud vs. on-premises MDM, EMM and UEM
Cloud has become more widely adopted as mail servers shift toward Office 365, Google and other services. Cloud services offer many benefits; for example, they always run the latest updates without having to configure them and run change management processes. All leading cloud-hosted enterprise mobility management (EMM) and UEM platforms run on high-availability environments, and there's no need to acquire public IP addresses.
There's a third option, as well: a hosted on-premises equivalent. Organizations can host an on-premises deployment in a cloud or managed service provider data center. This is rarely the best option for most organizations, however, as it has most of the cons of both options. A hosted on-premises deployment is only suited to niche use cases -- for example, when an organization requires a specific feature only available in the on-premises version but does not want to deploy onto its own hardware.
The major factor for most organizations is how they deploy their servers. If most servers are kept in-house, then it often makes sense to continue with this ownership policy and deploy EMM servers alongside the rest of the estate. If the company uses a cloud-first strategy, then cloud-based EMM will be easier to implement.
Generally, organizations should look at their email, file and directory servers. If all of these are on premises, the organization should also deploy its EMM on premises and vice versa. Organizations that deploy cloud-based MDM or EMM with on-premises resources must configure firewall settings and deploy some VMs on premises to accommodate connections to Azure Directory, email, file shares and SharePoint.
Best practices for migrating to cloud-based MDM, EMM or UEM
The first step in a migration to a cloud-based MDM, EMM or UEM is for admins to audit the resources the endpoints use. IT can do this by surveying users to determine which apps, file shares and intranet resources they use. IT departments should know which in-house applications they use and add them to their lists.
The location of these resources will often determine whether a cloud or on-premises product is the best fit. An organization that uses private apps that connect to in-house databases or back ends will be more likely to deploy an on-premises EMM. In the planning phase, organizations should map the resources that will be available to mobile devices, which will usually highlight whether on-premises or cloud-based MDM is the preferred contender.
Once IT admins tweak and test the policies, they should apply privacy settings that comply with the organization's required regulations and privacy policies. This will be different for every organization, and some will require different policies for different user groups. IT can then begin rolling out the platform in manageable phases.
When migrating from on-premises to cloud-based MDM, EMM or UEM, administrators must perform a re-enrollment process for all the endpoints, even if they are staying with the same vendor. Cloud migration tools for EMM and UEM platforms can help with this process. A cloud migration tool can significantly reduce the risk of unmanaged devices or devices still under management of a decommissioned platform after the migration. Otherwise, IT must reset these problematic devices before being able to manage them again.