Learn what an EMM platform can achieve in the enterprise

Mobile device management is no longer enough to secure enterprise data. In the wake of BYOD and IoT, companies need EMM, but they must know its capabilities and challenges beforehand.

Devices have changed how enterprises execute work. Look around any meeting you attend -- almost everyone will have a smartphone.

The slew of different mobile devices on the market, however, has made it challenging for IT to show that enterprise mobility management (EMM) is a necessity for organizations. The first surge of mobile management began in 2012 with the push for BYOD and choose your own device.

Mobile device management (MDM) was once the standard approach for device protection. But using just MDM to address this issue is akin to using a sledgehammer to put in a nail. MDM requires the owner of the device to allow the company to have complete access to the device, but companies have realized that the device isn't necessarily the issue -- its data is.

IT administrators now look for tools that can manage mobile, PC and emerging form factors, such as IoT, so EMM has become essential for companies today. With more and more IT admins now required to manage phones, tablets, computers and IoT devices, it is important to understand what an EMM platform does, the challenges it may bring and what a successful EMM process looks like.

What is EMM?

EMM developed as a more mature and complex process to augment and, in many cases, replace MDM. The main difference between the two is that while an EMM platform utilizes many of the same tools, it extends the core functionality of MDM with increased support for security, identity management, content control and development. Indeed, customers are now looking to EMM to manage all endpoint devices.

The focus for EMM is:

  • device management;
  • secure and control access to corporate apps; and
  • secure and control access to corporate data.

Capabilities of EMM

An EMM platform includes more than one process. EMM is a collection of services that manage the whole mobile corporate environment. The following are the most traditional services that should be part of any EMM strategy:

  • MDM: As discussed before, MDM provides control over the whole mobile device and is the most mature management service in EMM.
  • CMT: Client management tools for internet of things devices.
  • Mobile application management (MAM): MAM provides more precise control over an individual app -- often wrapping the app in a container -- enabling the app to be separate from the rest of the device.
  • Mobile content management (MCM): MCM enables companies to secure the content in an app by separating the content into a container.
  • Mobile identity management (MIM): MIM is a much more streamlined method of user authentication than using a VPN, which often makes users not want to connect to data. A good example is the identity management provided in Microsoft's Office 365 login process.
  • Unified endpoint management (UEM): UEM enables IT admins to manage all devices, including mobile devices, desktops, laptops and servers.

These technologies form the foundation of an EMM platform.

EMM differences between iOS and Android

Apple's iOS and Google's Android are the dominant mobile operating systems in corporate environments. The two OSes are very different and should not be lumped together just because they power phones and tablets.

Apple iOS has a strong foothold in many companies largely due to its security capabilities, while malware and viruses have plagued Android products for many years. Apple's Device Enrollment Program (DEP) is an effective way to manage corporate devices. Devices are able to connect to a company's system through the use of DEP.

Arguably, Apple has done an excellent job supporting corporate environments with its security capabilities. Within four weeks of an OS patch or upgrade release, over 60% of all active devices are usually upgraded.

There are many other EMM platform features Apple has implemented in iOS, as well as changes that affect third-party EMM services. For instance, Apple Managed Services for education gives school admins excellent control over iPad rollouts. Apple's device management support options include managed app configuration, streamlined deployment, features for managing work and personal data, and supporting user-owned devices.

Google is aware of Android's underlying problems and has been working hard to fix them. Android Enterprise builds on the Android for Work foundational technology released along with Marshmallow update. Also, Android O has added support for tools that protect data at rest, strong authentication, encryption key eviction/password reset and network logging to analyze threats.

The bottom line is you should not treat iOS and Android as one and the same. Both mobile OSes have significant differences, and it is important that the EMM service you chose effectively supports each OS.  

What does a successful EMM implementation look like?

An EMM platform is more complicated to implement than MDM. As with any complex project, you will want to ensure that you are applying the most efficient plan and putting forth the best team.

An EMM platform is more complicated to implement than MDM.

The first step in implementing EMM is to leverage the help of a consulting company that has successfully done the work before. Many companies specialize in EMM processes, so take advantage of the experience these companies have collected. One note of caution: hire a consultant independent from the company that owns the proposed EMM services to avoid bias.

The next step is to review all of the products that are available on the market. Keep an ongoing record that shows the impact of one service over another when selecting one for a rollout.

The last step before rollout is to have a communication plan in place for stakeholders in the project. Do not rely on just email. The EMM platform has the potential to affect every employee, so treating it as mission-critical is crucial.

IT admins should present an exact EMM strategy to their company's executives, group directors and managers. Also, ensure that you have secure communication during and following the rollout of EMM services.

The final step in your implementation is planning future support. Mobile is not going away; it is maturing and changing. Your EMM platform should support the changes you see.

Challenges of EMM

There are many challenges that companies face when implementing an EMM platform. Some of the challenges include:

  • security;
  • providing mobile data access;
  • securely delivering applications;
  • app distribution;
  • managing an ever-increasing number of endpoints;
  • supporting a mobile workforce; and
  • managing employee expectations.

The challenges of EMM are not unlike the challenges of rolling out new desktop or laptop computers and other digital tools. Many EMM tools look to utilize one platform to manage all endpoints, including emerging technologies such as Apple TVs, wearables and IoT.

The final and most dynamic challenge is to keep up with the rapid changes in technology. It is important to keep adjusting your strategy as newer devices enter the market. Low price points for hardware and rapid upgrade cycles for software and services ensure that there will be rapid change.

EMM today includes support for tablets and phones; the next stage will be support for wearables, such as Android Wear and Apple Watch, and the internet of things. Companies should keep a close eye on the rapid explosion of hardware as their EMM platform will need to expand and evolve to support the data on these new devices.

Dig Deeper on Mobile management

Unified Communications