Why should you care about EMM and IAM? Because in the mobile / cloud world, that’s how you do EUC!

Over the last few weeks, I've been talking a lot about how enterprise mobility management (EMM) and identity and access management (IAM) fit into end user computing today and in the future. (Brian and I recorded two podcasts about these topics, I wrote about EMM and Windows 10, and I did a session about identity at BriForum.

Over the last few weeks, I’ve been talking a lot about how enterprise mobility management (EMM) and identity and access management (IAM) fit into end user computing today and in the future. (Brian and I recorded two podcasts about these topics, I wrote about EMM and Windows 10, and I did a session about identity at BriForum.) Today I want to bring all of these conversations together into a coherent summary.

Distilling everything down into one sentence, we end up with something like this:

In the currently-emerging EUC world of ubiquitous mobility and cloud/SaaS services (or to put it in simple terms, the mobile / cloud world), EMM and IAM are important because they’re the primary way to do EUC management.

It’s pretty straightforward: With mobility, EMM is the tool that we have for managing apps, devices, and data. With cloud and SaaS apps, IAM is the tool we have to provide users with secure access to the applications and data they need.

This does mean that the definition of EMM is expanding. In the beginning, EMM was just MDM. (Well, actually the term EMM wasn’t really in use yet.) But EMM soon became mobile app management (in various forms), basic mobile productivity apps, secure email clients, file sync and share, and apps from ISVs that integrate with EMM platforms. And now it’s becoming even more things, like laptop management and identity management.

You could argue whether this is still truly just EMM, or if EMM vendors are “grasping.” I always find it amusing when people criticize the EMM space by saying “Since MDM is a commodity, EMM vendors are expanding into all sorts of other areas.” When I hear people say that, I think “Yes! Exactly! That’s the future of enterprise end user computing! EMM is much more than just MDM!”

So sure, EMM encompasses a lot more now than it used to, and maybe we should even just start calling it something else. (Maybe “modern EUC management” or something similar, though I don’t want to try to coin a term for it). But no matter what you call it, this is the natural evolution, it’s a good thing, and it’s necessary.

To look at things another way, consider this new world to be everything that’s not traditional Windows apps. That also means that when I say “mobile,” I’m not just talking iPhone apps, really I’m talking any apps that again aren’t legacy desktop apps or web apps that have crazy browser and plugin requirements.

One thing that I should point out is that for this conversation is I’m concentrating specifically on management frameworks only. The question itself of mobilizing apps and adopting SaaS is a separate issue. Of course having said that, this future style of EMM and IAM management is definitely predicated on making at least some sort of progress on mobile and cloud. But it’s 2015, so every single company is doing this already (to varying degrees).

So when does this world arrive? Of course some people are doing EMM already, and some people are doing IAM already, but the interesting thing is that they’re both tools that—at least some period of time—can be ignored. Look at all the companies that are just letting mobile devices connect to email or use find mobile clients for enterprise software in an ad hoc way. The same goes for SaaS and IAM

But of course at some point you realize that EMM and IAM would be convenient, and at another point (likely at a larger scale) they become all but essential. And finally in a future world where all of your EUC efforts are mobile / cloud (i.e. you don’t have any more locally-installed legacy apps) then what other choice is there?

Another interesting thing to think about is what EMM, IAM, and new-world EUC management tools will look like in 3 or 5 or 10 years. It may be quite a bit different than they do now, but again, our current EMM and IAM tools are showing us the way forward.

Remember that Windows 10 can be part of this new way of doing things, too, assuming that your traditional Windows applications are taken care of in some way or another (VDI/RDSH, app refactoring, Project Centennial, or just replaced by other apps). (There are some doubts about this, though. For more, see this article and the comments on this article.)

Finally, for this new mobile / cloud world and new EUC management, we’re still assuming that you have on-premises resources, such as Active Directory, a network you want to protect, traditional desktop management for your traditional Windows applications (which may be abstracted with VDI, RDSH, SBC, DaaS, etc.) and so on. (If you don’t have any of those things at all then good for you; and them EMM and IAM are that much more important. What else would you do?)

Anyway, this is why I’m dedicated to EMM and IAM (or whatever all this morphs into). It’s not just a simple tool to get email onto somebody's personal iPhone or one or two apps, it’s is the way we manage end user computing in the cloud / mobile world.

Join the conversation


Send me notifications when other members comment.

Please create a username to comment.


#Meh, but to be fair we’ve already had the discussion here: www.brianmadden.com/.../all-my-thoughts-on-mobility-from-briforum-2015-denver-including-app-transformation-vmi-identity-and-a-new-definition-of-emm-euc.aspx

This is also playing into the hands of the shameless vendor FUD that is being put out there. Just see this; finance.yahoo.com/.../vmware-business-mobility-solutions-empower-120000686.html

One of the best examples of clueless marketing hype from VMware on EMM, i.e. Airwatch is a silver bullet, pushing the world to device centric thinking, which is exactly opposite to where we need to go to reduce costs.

Airwatch is going to solve world hunger with Windows 10 management! Exactly what problem is Airwatch going to solve with management as per my comments on your previous post? More importantly who’s going to use Airwatch to replace what they do today anytime soon for Windows Management? There is nothing Airwatch or other MDM/EMM vendors can do for management that others can’t do, as it’s all based on like 30 Microsoft MDM APIs. I.E. It’s worth about $0.50 per user… Come on people, ignore the hype, back to reality…

Sure there may be net new stuff or MAM like capabilities that make things better, but to claim Windows 10 management for enterprise customers is a freaking joke and underlines how clueless people are about the differences in the two worlds. Windows people are from Mars and MDM vendors are from the device management ghetto.

This is nothing more than a desperate attempt by vendors to overreach on EMM by trying to make it more than what it is. You can just see it at VMware HQ. We just bought this Airwatch crap that has terrible quality for $1.5 BILLION dollars. MobileIron is almost dead, nobody uses Citrix XenMobile and this leaves us to just weenie whack with Microsoft because they are using Office365, InTune and SCCM to kill EMM to drive Azure (brilliant monopoly move). F! What are we going to do? We better market something really big, since soon we will be Airwatch by EMC fortune.com/.../emc-tighten-grip-on-vmware and we need Joe T to love us and justify why the F we spent so much on something that doesn’t have growth unless we attach to every device on the planet.

So @Jack. I still contend, that all this EMM talk is bull crap. It’s vendor hype that is taking us down a device centric view of the world. I know you are trying to have a broader conversation, but I believe it’s in vain, as vendors will twist that to confuse people to buy device management routed in MDM thinking mindsets to make money. We need to have a different conversation, thankfully Citrix haven’t fallen into this trap despite their woes. This feels like a VM is a solution for everything mindset, when it reality a more sophisticated approach is required. This is why I agree with the Citrix vision of Software Defined Workspace (despite the fact they do little to achieve it). I agree with Mark T’s contention that others don’t get this.

It’s also why I argue the Workspace of The Future (WTF) name to get all these IT sheep to think harder about the EMM BS marketing that they are being fed. Consider it as my service to the community. I only care about enterprise reality and implementation success!

And don't even get me started on identity...


It get's even worse www.youtube.com/watch

Endpoint data manager, use the Windows store for your 32 bit apps,  Are you F'ing kidding me... Ha ha ha ha. Let Infosec sign off in the next 3 years on that and then tell me how that goes across OSs. Double your management complexity in the enterprise and manage more devices at cost with a half ass management solution that runs 30 MDM apis and replacing nothing you have to do today for Windows. Yeah the future is EMM!


@appdetective We at Workspot also believe in the workspace vision. It's all about how end users can consume any app on any device (Web/Windows/CIFS/Native on PC/Mac/iOS/Android). The device could be either managed or un-managed. It shouldn't matter.

Until last year, IT was definitely focused on mobile (iOS and Android) and device-centric solutions. But in  the last six months, there has been a noticeable change in what customers want. They are less sold on device management approaches, and are more receptive to a workspace approach. And this is true across small, medium, and large customers.

As for Windows 10, IT just moved on to Windows 7 after 10+ years on Windows XP. Since they don't have to migrate for another 5-7 years,  does Windows 10 even  matter for enterprise customers?

Windows 10 may be a bigger use case for workspace - un-managed personal devices.


Also Mark Bowker at ESG has been writing a bunch of articles on the workspace concept. Really good reading: www.esg-global.com/liquefying-it


EMM has much more scope than MDM , having said that, we cannot deny the fact that MDM is done and dusted. MDM is also part of the system reason why am saying accessing is a major criteria.