The BYOD (Bring Your Own Device) trend has spread to almost all enterprises to varying degrees. Along with the convenience of mobility, organisations face many challenges on the security and management front, forcing them to think about new ways on how to better manage their enterprise mobility solutions.
Enterprise administrators are required to manage security and prevent IT threats at diverse endpoints. An Enterprise Mobility Management (EMM) product suite helps enterprises tackle this problem with ease. This article provides a birds eye view of what Enterprise Mobility Management comprises and what established players offer.
The building blocks of Enterprise Mobility Management
The prime concerns of an enterprise CIO are endpoint protection and corporate data security. Also, users need complete privacy and control of their personal data with no compromises. Enterprise Mobility Management solutions are the new buzzword in the market to solve these problems.
Gartner has defined the EMM space as: Enterprise mobility management (EMM) suites consist of policy and configuration management tools and a management overlay for applications and content intended for mobile devices based on smartphone OSs. They are an evolution from the previous generation of MDM (mobile device management) products that lacked application and content management. IT organisations and service providers use EMM suites to deliver IT support to mobile end users and to maintain security policies.
Broadly speaking, there are three major categories of EMM solutions, namely: Mobile Device Management (MDM), Mobile Application Management (MAM) and Mobile Content Management (MCM). Let us take a brief look at each of these solution categories that together make up a major chunk of an EMM product suite.
MDM solution provides for device level management functionality. For instance, a company may want to restrict an employee using a corporate-owned device to connect to a network through company Wi-Fi only. The features of an MDM solution are heavily dependent on the support provided by the target device platforms. As we know, Android, iOS and Windows Phone are the popular mobile platforms in the market today. A very limited number of management APIs are being supported by the vanilla Android platform. Many OEMs like Samsung have enhanced the Android platform on the devices they offer to make them ready for enterprise usage. The more manageability a platform provides, the better the control that an MDM solution will have on those devices. Administrators manage the policies to be set on the device through an admin console, and the policies are made effective dynamically on the target devices by the MDM solution. Enterprises usually adopt different strategies to manage corporate-owned and personally-owned devices using an MDM solution. Some policies typically used under MDM are passcode enablement, Wi-Fi restriction, application whitelisting, mandated VPN, storage encryption, etc. This solution plays a crucial role in managing CO (corporate owned) devices.
MAM focuses on securing corporate data from possible unauthorised access and misuse. The data downloaded by the enterprise apps on the mobile device is often available for offline access. Typically, an application management solution supports app level policies like blocking screen capture, copying of screen data, offline data encryption, etc, to ensure that the corporate data remains sandboxed and protected. These policies are supported through a corresponding admin console and get dynamically applied over the chosen enterprise apps. The users personal apps and data remain totally unaffected from the app level policies. In the event of a user leaving the firm or the loss of a device, the enterprise administrator can wipe out enterprise app data, thereby securing corporate data. This solution is very important in case of BYOD and COPE (corporate owned, personally enabled) devices.
MCM takes care of securing the corporate content accessed and shared on the devices in the form of files. It provides the users a way to access, store and view documents from enterprise content repositories while letting the administrator establish controls to protect this content from unauthorised and unsafe distribution. Some controls usually deployed under this category include document encryption, access control rules on sharing, file sync policy, etc. IT managers use MCM in powerful ways to secure and manage corporate content across devices and platforms, while complying with company standards set by the CIO. MCM is crucial for all devices to ensure secure and flawless collaboration among all enterprise users.
The commercial EMM suites provide for various unique features being supported under these category heads. Some even provide for add-ons related to network management — for example, secure apps for browser and personal information management. Let us now take a closer look at who the top players in the EMM space are.
Enterprise Mobility Management Players
There are innumerable EMM solutions out there, ranging from cloud-based to site-based deployment options. While the SaaS-based model is becoming the preferred choice in the industry, the EMM focal point is gradually shifting to data and unified endpoint management.
As per Gartners Magic Quadrant for EMM report 2014, the leaders in this space include AirWatch, MobileIron, Citrix, Good Technology and IBM. While each of these vendors provides a complete suite of EMM solutions from the technology perspective, they also lead in terms of overall revenue earned, compared to other vendors.
A few companies have been listed under the Visionaries category by Gartner, signifying that they offer some unique capabilities in certain aspects of EMM. These are: SOTI, Symantec and Sophos.
Let us take a look at the major features offered by one vendor from each of the categories mentioned above.
Features of AirWatch
- It provides a flexible model for asset management, policy enforcement and distributing profiles, apps and content, based on device ownership.
- It supports containerisation of apps, which helps to standardise enterprise security and data loss prevention strategies.
- It provides real-time device details and continuous compliance monitoring to ensure your devices and corporate data are secure.
- It integrates well with other enterprise solutions.
- AirWatch Secure Content Locker protects sensitive content in a corporate container, and provides users with a central application to securely access the latest sales material, board books or financial reports from their mobile devices.
- It has advanced reporting and analytics including expense management and BI-like reporting features.
- You can control which mobile devices access email, prevent data loss, encrypt sensitive data, enforce advanced compliance policies and allow users to easily sync email through the self-service portal.
- It supports native email clients, enterprise services, cloud-based clients, as well as its own clients.
- AirWatch Browser allows administrators to define and enforce secure browsing policies from the admin console.
- It provides support for laptop management and multi-user management.
Features of SOTI
- It supports remote diagnostics and troubleshooting issues anytime, anywhere with the help of BlitFire 10X technology.
- It establishes a virtual fence to keep devices in a specific area, or to trigger a warning or action if they enter or exit the fence.
- It provides advanced Web-filtering technology that allows companies to enforce the responsible use of mobile devices.
- It provides desktop grade anti-virus and malware protection to managed devices.
- Its secure content library integrates seamlessly with existing content management infrastructure to provide secure access to content.
- It supports the setting of thresholds, the management of wireless expenses, and prevents nasty surprises related to overshooting roaming budgets by sending timely alerts.
- It gains extensive control over hardware and software features across managed devices. MobiControl provides security and protection of enterprise valuable data.
- It helps apply enterprise-wide policies or to tailor policies for specific organisational needs.
- It helps ensure no device is left behind by alerting and taking action on out of contact devices.
- It helps ensure responsible use of corporate voice minutes by whitelisting or blacklisting specific phone numbers for individual users or groups.
- MobiControls rich reporting capabilities allow companies to report on a wealth of live device data and generate meaningful insights.
The idea of a post-PC world is quickly becoming a reality. EMM is becoming necessary for any organisation that manages more than a handful of mobile devices. Assessing your companys needs and accordingly choosing the right EMM solution is the key to achieving the expected return on investment (ROI) for an enterprise mobility solutions.