Enterprise mobility management (in its current incarnation) is still a relatively new space, and as such it comes with a wide array of new technologies, terms, and concepts. All of this can get pretty confusing—especially when we’re talking about devices that contain both corporate apps and data and users’ personal apps and data.
For example, here’s a quick list off the top of my head. We have:
- Mobile app management
- App wrapping and SDKs
- About 14 different types of containerization
- Mobile device virtualization, virtual mobile infrastructure (yes, it’s a thing) and remote Windows desktops
- Secure email clients
- Special “enterprise” versions of many other apps
- Dual personas, work personas, corporate personas... personas everywhere!
- BYOD, COPE, BYOApps, BYOEverything!
- Native versus third-party and Google and Apple versus EMM vendors
Some of these are technical terms, but most of them are more conceptual and marketing terms that get used in a lot of different ways to describe different technologies.
So how do you make sense of all of this? I strongly believe that the enterprise mobility management space is a lot easier to understand when you boil it down to just a few main concepts.
Concept 1: Most of these technologies and terms are all have the same goal: protect and manage corporate apps and data differently than users’ personal apps and data.
We usually want to make sure corporate resources are protected by encryption and passwords, that users are properly identified and authenticated, and that resources are only accessed from secure networks or via secure connections. But now with modern mobile devices, users are combining personal apps and data on the same device as corporate apps and data. Users don’t want those corporate policies to affect the usability of their personal apps, and they’re also concerned about privacy. Therefore, we have two different constituencies to satisfy. (For now I’m not talking tablets and smartphones that function as kiosks, embedded devices, or other situations where there’s no expectation of personalization.)
There are many different technologies to accomplish this goal—mobile app management, mobile device virtualization, iOS 7, Samsung Knox, virtual mobile infrastructure, remote desktops. And there different logical ways to present work and personal on the same device—two separate home screens, separate apps within a single environment, or apps that can handle both types of data. But no matter the technology or what the user experience is like, they all have the same goal: to accommodate the needs of two different constituencies.
Concept 2: All of the different technologies for dealing with work and personal fall in just two categories.
One way to deal with corporate and personal needs is to build appropriate management and security features into mobile apps. This has the advantage that you don’t need to manage the device or be too worried about the particular device model or OS version. However it does mean that you need a specially built or modified apps. (There’s only one exception that I know of.) Examples include app wrapping, MAM SDKs, secure 3rd-party email apps, and other specialized enterprise apps.
The other route is to use a device that has corporate and personal frameworks incorporated into the OS. Since the OS is taking care of all the management, security, and separation, you don’t need special apps—any app will work. But in this case you generally have to manage the entire device with MDM. All iOS devices have some of these features built in, but only some Android devices (like Samsung Knox-enabled devices) have these features.
Both of these concepts have inherent pros and cons, and for that reason there will always be use cases for both.
Go at it!
This article is a bit theoretical and a long way from talking about practical, real-world use cases for EMM technology. However, these concepts can really help to understand new solutions, cut through vendor marketing-speak, and illustrate the differences between various approaches to the same problems.