An Introduction to Enterprise Mobility Management

The days of employee’s needing to sit at a desk Monday to Friday from 9-5 to perform their job are long gone, technology continues to advance at a pace driven by our increasing desire to be able to do what we need to do wherever we are and on a schedule that fits with our increasingly busy lives. Modern smart phones now allow us to keep in touch with those closest to us via social media, our work colleagues via email and/or productivity apps amongst many other things. Consequently our lives flow more fluidly - we no longer have to be in a certain place at a certain time to do a certain task, we can do it wherever we are, quite possibly whilst doing something completely different, if we are doing this in our day-to-day personal lives it stands to reason that we are going to want to realise the same benefits in our working lives.

Enterprise Mobility Management (EMM) has evolved over the past few years from a single solution (ActiveSync) allowing us to view email on our mobile devices together with providing some basic mobile device control functionality such as the ability to remote-wipe devices and the ability to allow or block devices based upon the Device ID.

To begin this was fine but once serious data security questions started being asked the solution quickly fell down - nothing was encrypted so any corporate data saved on the device could be recovered without too much trouble by anyone; filtering devices via a white-list also means that even if the device had something malicious installed there would be no attempt to prevent it connecting. These are just two examples, there are many more meaning that ActiveSync quickly became inadequate for the task at hand. Adding fuel to the fire devices also quickly started to become more complex, they were no longer just phones you could view email on but camera’s, internet browsers, social media, etc., the list goes on as do the challenges associated with effectively managing such devices.

So, administrators quickly found themselves in the position of having users that want to use the corporate or personal mobile devices to view corporate information but without a solid and secure mobile device solution to control what those devices are doing, in some cases with admins being told that the business NEEDS the capability – essentially enforcing a complex requirement on an IT dept that wasn’t prepared. Many organisations implemented Mobile Device Management (as EMM used to be known) only to find that the solutions didn’t work very well once the devices were out in the wild and often, the administrators would not really have confidence that the solutions were working since they had very little positive feedback from the devices. The next question was around how much of the device to secure, the whole device or just part of the device – whole device control of personal mobile devices is often viewed as draconian and can be off-putting to users meaning they do not adopt the solutions and fail to realise the many benefits business mobility offers them and the business.

Add to the mix that each device has differing baked-into-the-OS EMM functionality available; different App Stores exist on each mobile OS to download mobile apps and it’s safe to say that providing a basic EMM solution for a corporate environment is complex without factoring in the likes of controlling web browsing on the device, controlling how corporate information is accessed and/or handled on the device or installing internally-developed applications that require secure encrypted communications back to your data centre.

Having identified the requirement the next challenge was finding a suitable EMM solution; as most businesses don’t actually understand why they need EMM then the business requirements were often non-existent and had to be driven by the Administrators coaxing the business to decide upon a set of requirements for the EMM solution. Identifying requirements shouldn’t be as much of an issue now since the Information Commissioners Office have released information for UK businesses to help them understand what elements of mobile devices and data they should be concerned about protecting. https://ico.org.uk/for-organisations/

 Hopefully you now have an appreciation of why EMM is necessary and that some means of control is necessary to protect your corporate environment.

AirWatch

AirWatch from VMware addresses all of the concerns above and so many more. Administrators can use AirWatch with corporate or personal devices to offer containerised or whole device EMM together with policies that can be enforced on many different criteria to allow solid reliable compliance enforcement on each device being connected to the corporate infrastructure. AirWatch also allows Administrators to create Terms of Service that users must read, agree to and accept before they can use the solution to ensure that users are clear on how their device will be affected by enrolling it.                                                 

The upshot of all this is that the administrators have the peace of mind that only devices satisfying their compliance requirements will connect to the corporate infrastructure and that the users utilising the solution are fully aware of what data is and isn’t being managed on their devices so they understand the limitations of use – i.e. if they store personal pictures on the device the pictures may be subject to deletion if a remote wipe is initiated.

In a nutshell AirWatch gives you the administrator control over and peace of mind that the mobile devices being used with your infrastructure are secure and being used in the manner you intended - be they corporate or personal devices.

The next blog post will go into more detail around the functions offered by the AirWatch solution and subsequent posts will go into each of those features in more detail.


AirWatch from VMware addresses all of the concerns above and so many more, that I do not believe there is currently an EMM use-case that AirWatch could not satisfy. Administrators can use AirWatch with corporate or personal devices to offer containerised or whole device EMM together with policies that can be enforced on many different criteria to allow solid reliable compliance enforcement on each device being connected to the corporate infrastructure. AirWatch also allows Administrators to create Terms of Service that users must read, agree to and accept before they can use the solution to ensure that users are clear on how their device will be affected by enrolling it.                                                 

The upshot of all this is that the administrators have the peace of mind that only devices satisfying their compliance requirements will connect to the corporate infrastructure and that the users utilising the solution are fully aware of what data is and isn’t being managed on their devices so they understand the limitations of use – i.e. if they store personal pictures on the device the pictures may be subject to deletion if a remote wipe is initiated.

In a nutshell AirWatch gives you the administrator control over and peace of mind that the mobile devices being used with your infrastructure are secure and being used in the manner you intended - be they corporate or personal devices.

The next blog post will go into more detail around the functions offered by the AirWatch solution and subsequent posts will go into each of those features in more detail.