This article is your guide to everything you need to know about enterprise mobility management (EMM) and related topics. If you’re new to EMM, you can learn the basics. If you’re already familiar, bookmark this to find key resources. And if you want to know our world-view on anything, we’ve got that, too.
This article gets updated every few months, most recently on December 12, 2019. Additions include updated Android 10, iOS 13, and macOS 10.15 resources.
For daily EMM news and opinions, head to the BrianMadden.com homepage, our RSS feed, my Twitter account, Kyle’s Twitter, our Friday Notebook series, and our podcast. TechTarget also translates some of our articles into German and French. And here are the blogging tools I use to keep up with the EUC industry.
What is MDM, MAM, EMM and BYOD?
In 2018, we don’t need to convince anybody that enterprise mobility management, mobile device management, mobile app management, and BYOD are a real thing—they’re all here, established, and mature. I wrote a book on this all the way back in 2013. I don’t have plans to write a new one at this time, so instead, here are articles that explain EUC basics and describe our current worldview:
- What is MDM, MAM, EMM, and UEM, and what’s the difference?
- Infographic: When to use MDM, MAM, and other EMM techniques (Updated in October 2019)
- It’s 2018—Every company already ‘does mobility,’ no matter what
- Even basics like email and Wi-Fi can make doing MDM worth it
- PSA: Every IT shop should be testing the iOS 12 beta
- Are we too focused on typical office workers? The rise of the extended enterprise
- Sometimes it’s okay to say no to BYOD and have two phones (for users or IT!)
- Just what is a "workspace"?
- Citrix and VMware are all in on ‘workflow’ apps. So, what is a workflow app?
- Digital workspace portals are getting all the attention in EUC, but they’re not the only way to work
- What does employee experience mean to end user computing?
In August 2019, I started a new series of introductory posts on fellow TechTarget site SearchMobileComputing.com. Some of these include a brief definition of what we mean by “EUC,” and a history of EUC.
If EMM applies to the mobile half of the current “mobile/cloud era,” identity and access management is how EUC pros deal with the cloud part:
Mobile security and mobile threat defense
Mobile devices have a completely different threat model than desktop operating systems. See:
- What we learned about mobile security from real-world mobile threat defense customer data
- Apple’s iOS security white paper (PDF, updated a few times a year)
- Official Android security overview and Google’s Android 2018 Security Year & Privacy Year in Review (PDF | Our analysis)
- Mobile threat defense vendors are taking on phishing, a rising concern on mobile devices
- Real-world notes on deploying mobile threat defense
- How to plan your mobile threat defense deployment
- Device attestation: Another option for securing BYOD, contractor, and partner mobile devices
Apple and iOS MDM resources
iOS 13 has brought some huge changes for MDM, single sign on, and BYOD. Here is part 1 and part 2 of our full analysis. You should also know some new terms for all the deployment models, like the difference between device enrollment, automated device enrollment, and user enrollments.
Most of Apple’s official iOS and macOS MDM documentation is pretty easy to find these days:
- The basics include the iOS Deployment Reference, macOS Deployment Reference, Apple TV management overview, and Mobile device management settings for IT.
- Also see Apple Deployment Programs, Volume Purchase Program, Apple School Manager, Apple Business Manager, and Apple Configurator (free in the Mac App Store).
- Apple has collected a bunch of their security and privacy white papers at apple.com/privacy. In particular, see the iOS security guide. (PDF, for version 12.3 as of publishing.)
- The MDM protocol documentation is now available on the web, and you can filter it to show changes. This is great! It used to be just a PDF, and for many years it wasn’t public. Also see the Apple device configuration profile key reference (PDF) and the Over-the-air profile delivery and configuration.
- The WWDC session videos and developer.apple.com are great troves of information, too.
- GroundControl is a completely unique third-party product that’s useful for dealing with large numbers of DEP-enrolled and supervised devices.
Google and Android MDM resources
We all know the Android MDM story: Originally, Android didn’t have great capabilities, so OEMs like Samsung added their own. Then in 2014 and 2015, Android for Work came along, and now it’s just called Android Enterprise.
- See the Android Enterprise homepage, Android Enterprise blog, Android Enterprise help page, Managed Google Play help page, and the Android Enterprise glossary.
- You can also work with the Android Enterprise demo and test device policy controller.
- Dig down into features and implementation with Google Developer site for Android Enterprise and Android Developer site for Android Enterprise. Or see features by version: Android 5 Lollipop; Android 6 Marshmallow; Android 7 Nougat; Android 8 Oreo; Android 9 Pie; and Android 10.
- Also see Google Play API for EMM (EMMs use this to deploy apps from Managed Google Play) and the Android Management API, which is a Google service that can act as middleware between a management platform and Android devices. (Here’s the client Device Policy Controller app for it.)
- For more blog posts, check out the Android Enterprise guides (plus other guides and blog posts) from Jason Bayton. Jason has also written for us—read The state of Android Enterprise in 2018 and BYOD & privacy: Don’t settle for less than Android Enterprise in 2018
Samsung Knox provides EMM features that can be used on top of (and underneath) Android Enterprise. See the SamsungKnox.com homepage and blog (not updated often, but sometimes has posts about new versions of the Knox API.) as well as the Knox SDK and developer tools, support, feature list, and partner program.
Windows 10 MDM and Unified Endpoint Management
Windows 10 brought Modern Management and support for MDM, and now a new trend (and confusing acronym): Unified Endpoint Management. Here are some recent blog posts:
- Adopting Windows 10 modern management is a spectrum, not a binary move to MDM
- How Windows 10 co-management works with SCCM and Intune/MDM, and how third parties can use it, too
- Put your Windows 10 deployments on AutoPilot
- This article about Workspace ONE for Microsoft Endpoint Manager covers more recent changes to co-management.
And here are shortcuts to Microsoft’s documentation:
EMM and EUC vendor resources
Most of the vendors have opened up their documents so that you don’t need to be a customer to read them. Check out:
IoT and other platforms
- IoT and IT/OT convergence.
- EMM-managed IoT versus 3-tier IoT.
- Brian Madden’s (the person) presentation on IoT.
- A rundown of Chrome Enterprise and Chromebook Enterprise.
- Alexa for Business management coming to Citrix within 90 days: Alexa has MDM APIs, and they include features for BYOD Amazon Echos (so have fun with that!). Citrix was the first EMM to offer support.