Mobile devices have been used for corporate purposes for decades, manifested in the Palm Pilots of the 1990s and the Blackberry devices of the 2000s, but a mobile workforce has only become mainstream since the launch of smartphones and their ubiquitous uptake among the population.
Since the iPhone’s launch in 2007 and the subsequent adoption and proliferation through society, developments for managing these devices in business contexts have been incremental but rapid in succession.
These developments point to an overarching structure termed enterprise mobility management (EMM) and a final unifying framework named unified endpoint management (UEM). Let’s see how the business world is adopting, adapting, and developing mobile technology to empower its employees.
From Hardware Management to the Cloud
Mobile device management (MDM) was the first on the scene to manage smartphone usage for a mobile workforce. It is implemented at either the hardware or operating system (OS) level and often allows an organization to completely control a remote device, including locking out any users and entirely wiping the device of all data. This is acceptable to users when the device is company-owned and used solely for work purposes.
However, with the advent of bring-your-own-device (BYOD) schemes wherein employees use their personally-owned devices for both work and personal purposes, employees understandably showed considerable unease for such heavy-handed MDM approaches. No one wants to lose his or her personal and corporate data if something goes wrong.
To solve the issue, mobile application management (MAM) arose, where only certain apps would be controllable by the company while the rest of the device (personal data and apps) is left unaffected. This was achievable by wrapping the corporate apps with a layer of security. MAM protects confidential data and intellectual property by controlling the applications used to access, process, or store that information locally (on the user device).
Of course, the apps themselves rarely require protection. Mobile information management (MIM) and mobile content management (MCM) focused more on the needs of protecting valuable information/data and content rather than on the corporate applications used to access and process such data. This is achieved through a combination of MAM, authentication processes, and mobile identity management (another MIM).
All of these systems (MIM, MCM, MDM, MAM) have come together under the umbrella of enterprise mobility management (EMM) and are now trending toward unified endpoint management (UEM), which is a continuation of EMM for the realities of a modern, networked, cloud-based world. EMM and the growing suite of UEM solutions incorporate cloud infrastructure, 100%-uptime networks, and the most robust security and data protection practices into a single framework that streamlines the entire concept.
The Two MIMs
Mobile identity and information management solutions, the two MIMs, are particularly relevant for the emerging interconnected model based on cloud structures and a ubiquitously networked world. Information and data serve as the true sources of value and are thus the main targets of attacks, necessitating information protection. Furthermore, users want to seamlessly jump between devices and do so at any location and at any time, a demand that requires real-time, flexible identity management.
One of the most likely future uses of EMM, and particularly its extension into UEM, is to allow employees to access the same data, applications, and infrastructure both at their desktop workstations in the office and on their mobile devices.
EMM and specifically UEM are creating a way to bridge the gap between traditionally mobile and traditionally stationary devices – the smartphone/tablet and the desktop workstation – so end users can learn a single system once and not worry about which platform they will operate in any situation. It won’t matter whether they take action via their desktop in the office, their smartphone on the train, or their tablet in the airport, because all the experiences will be seamlessly stitched together.
One interesting aspect of identity management arises with contextually aware permissions. For example, office-specific applications may be enabled whenever a user carries a smartphone into the office and connects to the local WiFi. As soon as the connection to the office WiFi is lost, the office-specific apps are no longer available on the smartphone. This setup confers a layer of location-based security to further insulate against hacks and data leaks.
Another potential use case for high-security scenarios is to restrict access for data or corporate infrastructure to a single device at any one time: if an employee logs on with a desktop at home, their tablet session may be terminated, ensuring only a single device can view, change, or process data at any one time. This simplifies the detection of rogue employees and destroys plausible deniability, but it simultaneously protects the company and users whose identities have been compromised.
If someone is unexpectedly requested to log off their office machine in favor of a device they left at home, they can notify IT to block the other, possibly stolen device to pre-empt a potential breach.
EMM as a Vector for Efficiency
Solving or alleviating employee pain points is paramount for the widespread adoption of mobility in the workforce and the associated benefits. One promising feature of EMM is a centralizing dashboard that conveys which devices are used in what ways, providing insight for strategic planners to better implement EMM overall.
These dashboards also centralize security information by showing which devices run what software. This enables IT security personnel to encourage updates to devices but also allows them to refuse access to devices that remain vulnerable to patched exploits. With the prevalence of data breaches through the exploitation of patchable security holes and the subsequent (justifiable) blame, IT departments are eager to ensure all security issues are tracked and patched as soon as possible.
Finally, managers can discover how and when employees are most productive and encourage those contexts, whether it be in the office, at home, or at a café. Flexible hours may be encouraged and health and wellness initiatives might be explored through the monitoring of work devices and the actions performed thereon.
UEM as the Continuation of EMM
Unified endpoint management brings all aspects of EMM even closer together and extends its applicability to all platforms. Traditionally, EMM applied only to mobile devices like tablets and smartphones – that is, iOS and Android devices – but Windows 10, macOS, and IoT systems were generally excluded. UEM ensures all of these platforms are gathered and managed under a single framework, not split between smartphones/tablets, desktop environments, and embedded systems in IoT.
Different technologies with similar purposes tend to undergo a centralizing trend as the technologies mature and the scale grows. All of the MxMs have already started to coalesce into EMM, and as IoT proliferates and conventionally individualized systems like PCs trend towards network-based operation, UEM is likely to attract all of them into its orbit.
Virtual Mobility as an EMM approach
EMM is a broad framework that encompasses several aspects of mobility management, and virtual mobility is a modern approach to its implementation. At its simplest, virtual mobility is an app that resides on a user’s device that allows the user to peer into a virtual device that is operating in a secure datacenter. This means that no data gets transferred to reside on the user’s physical device. This provides a myriad of security and data protection benefits.
Furthermore, the containerization aspect of virtual mobility has implications for the MIMs, which can be centralized to corporate systems and be handled entirely on the backend without impacting the physical device itself. Keeping all processes except basic image processing in the corporate infrastructure cloud also means compute-intensive operations can still be directed by even the lowest-resource devices.
Finally, since virtual mobility can run on any device, it forms a natural foundation for UEM because it brings a virtual environment to every device, from the smartphone to the desktop to the embedded systems with visual outputs. This unifies the environment for all devices making it much easier for employees to seamlessly switch between them while also retaining data protections.