These days there’s no shortage of rhetoric declaring that your company needs some sort of “strategy” for mobility, the cloud, big data, or consumerization.
But what do these really mean? While a stock photo of a group of executives along with the words “Enable” “Strategy” “Mobility” and “Security” may make impressive marketing materials, we’re still not really sure what an “enterprise mobility management strategy” is.
So today I’m presenting a list of 10 enterprise mobility issues. My thinking is that once you address these, you’ll be in pretty good shape—regardless of whether or not you have an “EMM strategy” (and regardless of what “EMM strategy” even means).
You don’t have to have a definite answer for all of these items, and you especially don’t have to be doing all of these today, but they’re good areas to start thinking about.
How does your company rate on this list? have you thought about a few of these things? None of them? Most of them? And if there’s anything you would add to the list, share it in the comments.
(One final note—if you're new to this whole EMM thing, check out this article How to explain the current state of the EMM industry to non-EMM people.)
- Your mobile email is probably already enabled by default through Exchange ActiveSync. Do you want to use EAS to set device-level management policies or access rules, or do you want to go beyond that with MDM or MAM?
- Do you want to to be able to remote wipe email without wiping the device? Using MDM or a sandboxed email app?
- Do you need to control data sharing from the email account?
- What are you going to do with MDM? Configure email, wifi, and VPNs? Push apps? Keep work and personal data separate? Provision devices? Track corporate assets?
3. Enterprise file sync and share
- You pretty much have to do this. The question is just who’s going to provide it. (Or if you don’t provide it, are you okay with all your users getting Dropbox on their own?)
- Do you want complex network access control policies? Or do you just to have all the mobile devices on guest wifi, separated from enterprise resources? (You know that mobile devices are going to be accessing stuff from outside the network no matter what—why have two different ways of doing things?)
- How do mobile devices connect to network, both for browsing and native apps? Device-level VPN? VPN built into apps? Configure per-app and per-domain using MDM?
- What apps do users and departments want to have on their mobile devices?
Existing mobile apps:
- What apps are out there in use among your users?
- What client apps could you enable for software and services that the company is using?
- What apps does your EMM vendor provide that you might want to use? Do you want any of these apps to plug into the MAM capabilities of your EMM solution, so you can enable SSO and other security and management features?
Legacy app transformation:
- Do you have any web apps that need to be available on mobile devices? How about doing some Capriza-type transformations to them?
- What about Windows apps? Is there any VDI or RDS in your environment that you want to take advantage of? How about transforming them to make them mobile-friendly using Reddo, Powwow, or Citrix HDX mobile?
- What about building your own apps? Will you use any mobile app development platforms? There are a ton of options here.
6. Device support
- You’ll support iOS and modern versions of Android, right?
- Do any of the management features you want require Samsung SAFE or Knox or other special versions of Android?
- What devices do you provide for employees? Is this going to change at all, or is that something for HR to worry about?
- What about mission critical or embedded devices? Could you use the iOS Supervised mode or the Device Enrollment Program?
7. Work/personal separation
- Do need tools to ensure that corporate data stays out of personal apps? Or are you fine with things as they are? Does your policy cover this?
- How will you do this? Using frameworks built into iOS? The upcoming Android Work? Using special enterprise versions of apps?
- Will you let any device access email and other resources, or will it be limited?
- Will you use MDM on personal devices? Or just MAM and sandboxed apps?
- Do you have to figure out a stipend program or anything like that? How about updating policies?
9. Jailbreaking/rooting/malware/other security stuff
- Do you want to use mobile anti-malware? Or have jailbreak detection as part of your MDM? Or are you just going to wait and see?
- Do you need to go to any more advanced mobile security solutions? How about dynamic access policies based on app or device risk? Do you need to do this? For all user or just some?
10. Vendor choice
- Who’s going to provide all this stuff? One of your existing software vendors? Someone new? Which other systems do you want your EMM to integrate with? Desktop virtualization? Network? Laptop management?
- What devices, platforms, and OS versions do you have to support?
- Does the EMM vendor provide other apps you need? (Email clients, enterprise app store, browser, enterprise file sync and share?)
- How about MAM? (App wrapping, MAM SDK, partner ecosystem of MAM-enabled apps?)
- Is the EMM vendor flexible enough to support all your use cases?