Over the last few weeks, I’ve been talking a lot about how enterprise mobility management (EMM) and identity and access management (IAM) fit into end user computing today and in the future. (Brian and I recorded two podcasts about these topics, I wrote about EMM and Windows 10, and I did a session about identity at BriForum.) Today I want to bring all of these conversations together into a coherent summary.
Distilling everything down into one sentence, we end up with something like this:
In the currently-emerging EUC world of ubiquitous mobility and cloud/SaaS services (or to put it in simple terms, the mobile / cloud world), EMM and IAM are important because they’re the primary way to do EUC management.
It’s pretty straightforward: With mobility, EMM is the tool that we have for managing apps, devices, and data. With cloud and SaaS apps, IAM is the tool we have to provide users with secure access to the applications and data they need.
This does mean that the definition of EMM is expanding. In the beginning, EMM was just MDM. (Well, actually the term EMM wasn’t really in use yet.) But EMM soon became mobile app management (in various forms), basic mobile productivity apps, secure email clients, file sync and share, and apps from ISVs that integrate with EMM platforms. And now it’s becoming even more things, like laptop management and identity management.
You could argue whether this is still truly just EMM, or if EMM vendors are “grasping.” I always find it amusing when people criticize the EMM space by saying “Since MDM is a commodity, EMM vendors are expanding into all sorts of other areas.” When I hear people say that, I think “Yes! Exactly! That’s the future of enterprise end user computing! EMM is much more than just MDM!”
So sure, EMM encompasses a lot more now than it used to, and maybe we should even just start calling it something else. (Maybe “modern EUC management” or something similar, though I don’t want to try to coin a term for it). But no matter what you call it, this is the natural evolution, it’s a good thing, and it’s necessary.
To look at things another way, consider this new world to be everything that’s not traditional Windows apps. That also means that when I say “mobile,” I’m not just talking iPhone apps, really I’m talking any apps that again aren’t legacy desktop apps or web apps that have crazy browser and plugin requirements.
One thing that I should point out is that for this conversation is I’m concentrating specifically on management frameworks only. The question itself of mobilizing apps and adopting SaaS is a separate issue. Of course having said that, this future style of EMM and IAM management is definitely predicated on making at least some sort of progress on mobile and cloud. But it’s 2015, so every single company is doing this already (to varying degrees).
So when does this world arrive? Of course some people are doing EMM already, and some people are doing IAM already, but the interesting thing is that they’re both tools that—at least some period of time—can be ignored. Look at all the companies that are just letting mobile devices connect to email or use find mobile clients for enterprise software in an ad hoc way. The same goes for SaaS and IAM
But of course at some point you realize that EMM and IAM would be convenient, and at another point (likely at a larger scale) they become all but essential. And finally in a future world where all of your EUC efforts are mobile / cloud (i.e. you don’t have any more locally-installed legacy apps) then what other choice is there?
Another interesting thing to think about is what EMM, IAM, and new-world EUC management tools will look like in 3 or 5 or 10 years. It may be quite a bit different than they do now, but again, our current EMM and IAM tools are showing us the way forward.
Remember that Windows 10 can be part of this new way of doing things, too, assuming that your traditional Windows applications are taken care of in some way or another (VDI/RDSH, app refactoring, Project Centennial, or just replaced by other apps). (There are some doubts about this, though. For more, see this article and the comments on this article.)
Finally, for this new mobile / cloud world and new EUC management, we’re still assuming that you have on-premises resources, such as Active Directory, a network you want to protect, traditional desktop management for your traditional Windows applications (which may be abstracted with VDI, RDSH, SBC, DaaS, etc.) and so on. (If you don’t have any of those things at all then good for you; and them EMM and IAM are that much more important. What else would you do?)
Anyway, this is why I’m dedicated to EMM and IAM (or whatever all this morphs into). It’s not just a simple tool to get email onto somebody's personal iPhone or one or two apps, it’s is the way we manage end user computing in the cloud / mobile world.