This article is your guide to everything you need to know about enterprise mobility management and related topics. If you’re new to EMM, you can learn the basics. If you’re already familiar, bookmark this to find key resources. And if you want to know our world-view on anything, we’ve got that, too.
This article gets updated every few months, most recently in February 2019. For daily EMM news and opinions, head to the BrianMadden.com homepage, our RSS feed, my Twitter account, or our Friday Notebook series.
For community support and commiseration, check out the Mobile Pros Slack group.
What is MDM, MAM, EMM and BYOD?
In 2018, we don’t need to convince anybody that enterprise mobility management, mobile device management, mobile app management, and BYOD are a real thing—they’re all here, established, and mature. I wrote a book on this all the way back in 2013. I don’t have plans to write a new one at this time, so instead, here are articles that describe our current worldview:
- What is MDM, MAM, EMM, and UEM, and what’s the difference?
- Infographic: When to use MDM, MAM, and other EMM techniques.
- It’s 2018—Every company already ‘does mobility,’ no matter what
- Even basics like email and Wi-Fi can make doing MDM worth it
- PSA: Every IT shop should be testing the iOS 12 beta
- Are we too focused on typical office workers? The rise of the extended enterprise.
- Sometimes it’s okay to say no to BYOD and have two phones (for users or IT!)
- The complete guide to mobile application management: Why exactly is MAM so challenging? Part 2: Understanding different MAM techniques. Part 3: How to pick MAM for different use cases.
If EMM applies to the mobile half of the current “mobile/cloud era,” identity and access management is how EUC pros deal with the cloud part:
- Conditional access (zero trust) is the most important EUC movement since mobile and cloud
- An introduction to identity
- Why you need identity and access management as a service
Mobile security and mobile threat defense
Mobile devices have a completely different threat model than desktop operating systems. See:
- Mobile Threat Defense is finding its groove - Part 1 - The landscape; Part 2: The technology Part 3: The market
- Apple’s iOS 12.1 security white paper (PDF)
- Official Android security overview and Google’s Android 2017 Security Year in Review (Blog post | complete PDF) The 2018 review should be coming out soon.
- Mobile threat defense vendors are taking on phishing, a rising concern on mobile devices
- Real-world notes on deploying mobile threat defense
- How to plan your mobile threat defense deployment
Apple and iOS MDM resources
Most of Apple’s official iOS and macOS MDM documentation is pretty easy to find these days:
- iOS Deployment Reference, macOS Deployment Reference, Apple TV management overview, and Mobile device management settings for IT
- Apple device configuration profile key reference (PDF)
- Over-the-air profile delivery and configuration
- Mobile device management protocol reference (PDF) This is newly-public, it used to be vendor-only! And here’s a Github project that tracks changes.
- Device Enrollment Program, Volume Purchase Program, Apple School Manager, and Apple Business Manager
- Apple Configurator (Free in the Mac App Store.)
- iOS MDM needs to get better at BYOD, but Apple might make it harder (December 2018 update)
- Enterprise-signed iOS apps on unmanaged devices is a pain. How should we proceed?
- Apple WWDC 2018: Here are the new iOS 12 MDM features
- Ground Control is a completely unique third-party product that’s useful for dealing with large numbers of DEP-enrolled and supervised devices.
Google and Android MDM resources
We all know the Android MDM story: Originally, Android didn’t have great MDM capabilities, so OEMs like Samsung added their own. Then in 2014 and 2015, Android for Work came along, and now it’s just called Android Enterprise (and as of 2018, the E in Enterprise is capitalized).
- Android Enterprise homepage: Includes directory of Android Enterprise Recommended products
- Android Enterprise blog: Official blog from Google
- Android Enterprise demo
- Android Enterprise help page and Glossary
- Managed Google Play help page
- Google Developer site for Android Enterprise and Android Developer site for Android Enterprise: dig down into features and implementation.
- Google Play API for EMM (EMMs use this to deploy apps from Managed Google Play.)
- Test device policy controller: Essentially a generic freestanding EMM agent you can play with.
- Features by version: Android 5 Lollipop; Android 6 Marshmallow; Android 7 Nougat; Android 8 Oreo; and Android 9 Pie.
- Android Management API: A Google service that can act as middleware between a management platform and Android devices. Here’s the client Device Policy Controller app.
- You can also check out Android Enterprise guides (plus other guides and blog posts) from Jason Bayton. Jason also write for us! Check out The state of Android Enterprise in 2018 and BYOD & privacy: Don’t settle for less than Android Enterprise in 2018
Samsung Knox provides EMM features that can be used on top of (and underneath) Android Enterprise. See:
- Our overview of Samsung Knox MDM.
- After Knox, what’s Samsung’s next big hit in the enterprise?
- Check out Samsung Knox 3.0, Knox 3.1, and the new DeX dock
- SamsungKnox.com homepage and blog. (Not update often, but sometimes has posts about new versions of the Knox API.)
- Knox SDK and developer tools, support, feature list, and partner program.
Windows 10 MDM and Unified Endpoint Management
Windows 10 brought Modern Management and support for MDM, and now a new trend (and confusing acronym): Unified Endpoint Management. Here are some recent blog posts:
- Adopting Windows 10 modern management is a spectrum, not a binary move to MDM
- How Windows 10 co-management works with SCCM and Intune/MDM, and how third parties can use it, too
- Put your Windows 10 deployments on AutoPilot
And here are shortcuts to Microsoft’s documentation:
IoT and other platforms
- IoT and IT/OT convergence.
- EMM-managed IoT versus 3-tier IoT.
- Brian Madden (yes, Brian!) popped back up in the industry and gave a great session on IoT and how it relates to EUC at IGEL Disrupt—here’s a video.
- Chrome Enterprise: Google’s service for managing Chromebooks. It integrates with third-party EMM
- Alexa for Business management coming to Citrix within 90 days: Alexa has MDM APIs, and they include features for BYOD Amazon Echos (so have fun with that!). Citrix was the first EMM to offer support.