This article is your guide to everything you need to know about enterprise mobility management and related topics. If you’re new to EMM, you can learn the basics. If you’re already familiar, bookmark this to find key resources. And if you want to know our world-view on anything, we’ve got that, too.
This article gets updated every few months, most recently on February 20, 2018. For daily EMM news and opinions, head to the BrianMadden.com homepage, our RSS feed, my Twitter account, or our Friday Notebook series.
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
What is EMM and why should you care?
In the past, I would point to articles like In the mobile/cloud era, it’s just how we do things, this 5-part series on the state of EMM, or this article about “workspace” management. But in 2018, I think it’s safe to say that everybody “gets” EMM now. Of course, we’re always watching to see what’s next, like wearable devices, machine learning, and voice assistants.
Understanding mobile device and app management
While everyone gets what EMM is and why we have it, there’s still a lot of complexity to unravel. Here are a few places to start:
- My three-part guide to mobile app management: Part 1: Why we need MAM, but why it’s challenging; Part 2: Different MAM techniques; Part 3: MAM applied to different use cases. (You can also see a video version via my Citrix Synergy 2016 session.)
- Infographic: When to use MDM, MAM, and other EMM techniques. A visual guide to how Android enterprise, iOS MDM/DEP, Samsung Knox, and mobile threat defense apply to BYOD, COPE, embedded devices, and the extended enterprise.
- Android enterprise has come a long way in the last few years, so see The state of Android enterprise in 2017 and Android BYOD should be easier in 2018 (and in 2019, and in 2020...)
- iOS management has been strong for many years, though lately I think it’s missing out on some important features, as described in Apple’s iOS management protocol needs to get better for BYOD. Here’s why and what they could do.
For some recent thought on MDM, MAM, BYOD, and use cases, read:
- What does the Microsoft Graph API for Intune mean for the rest of the EMM market?
- Corporate devices are getting all the love these days, but BYOD challenges remain.
- Do you let your BYOD users choose between MDM enrollment and MAM-only?
- Are we too focused on typical office workers? The rise of the extended enterprise.
- Mobile device management products aren’t a commodity, despite past predictions.
If EMM applies to the mobile part of the “mobile/cloud era,” identity and access management is one of the most important technologies for dealing with the cloud part (at least from the end user perspective). See:
Mobile security and mobile threat defense
Mobile devices have a completely different threat model than desktop operating systems. See:
- A look at the official iOS and Android security reports
- In 2017, Mobile Threat Defense is finding its groove - Part 1 - The landscape; Part 2 - The technology; Part 3 - The market
- Apple’s iOS 11 security white paper (PDF)
- Android.com security overview
- Googles Android 2016 Security Year in Review (Blog post | complete PDF) (The 2017 version should be coming soon.)
Apple and iOS MDM resources
Most of Apple’s official iOS and macOS MDM documentation is pretty easy to find these days:
- iOS Deployment Reference, macOS Deployment Reference, and Apple TV management overview
- Apple device configuration profile key reference
- Over-the-air profile delivery and configuration
- Mobile device management protocol reference (This is newly-public, it used to be vendor-only!)
- Device Enrollment Program, Volume Purchase Program, and Apple School Manager
- Apple Configurator (Free in the Mac App Store.)
- Ground Control is a third-party product that’s useful for dealing with large numbers of DEP-enrolled and supervised devices.
iOS updates are usually announced in June and roll out in September with new iPhone models, and for a few years now their have been significant spring updates as well. Here’s the most recent information:
- Apple WWDC 2017: Here are the enterprise management updates for iOS 11
- Deep dive on iOS 11 in the enterprise - BrianMadden.com Podcast #131 with guests Aaron Freimark, CEO of Ground Control and founder of com, and Russ Mohr or MobileIron.
- Apple announced iOS 11.3 in January 2018, and the updated Configuration Profile Reference revealed a new MDM restriction that allows IT to delay iOS updates on Supervised devices for up to 90 days. This is a big, long-requested feature, but note that Supervision is only intended for enterprise devices, so there’s still no way to prevent BYOD users from upgrading. Here are more details, via Russ Mohr.
Google and Android MDM resources
We all know the Android MDM story: Originally, Android didn’t have great MDM capabilities, so OEMs like Samsung added their own. Then in 2014 and 2015, Android for Work came along, and now it’s just called Android enterprise. Things are really moving fast now, as it’s been required long enough that it should be pretty much everywhere, and even Samsung Knox has been re-architected to utilize Android enterprise features. Most recently, Google announced the Android Enterprise Recommended device program. Here’s where to find more information:
- The Android enterprise homepage lists supporting vendors and devices.
- Google’s official Android enterprise blog
- Android enterprise help page
- Managed Google Play help page
- Google’s Developer side for Android EMM has a lot of information that’s valuable for anyone that wants to learn more about it.
- Also see the Android EMM Developers site, this test device policy controller app, and Device Administrator documentation; as well enterprise features by version: Android 5.0; Android 6.0; Android 7.0; and Android 8.0.
- You can also check out Android enterprise guides (plus other guides and blog posts) from Jason Bayton.
Samsung Knox provides EMM features that can be used on top of (and underneath) Android enterprise. See:
Windows 10 MDM and Unified Endpoint Management
Windows 10 brought Modern Management and support for MDM, and now a new trend (and confusing acronym): Unified Endpoint Management. Here are some recent blog posts:
- How Windows 10 co-management works with SCCM and Intune/MDM, and how third parties can use it, too
- Put your Windows 10 deployments on AutoPilot
And here are shortcuts to Microsoft’s documentation:
Gabe and I have written a couple recent articles on the Internet of Things: