BYOD, MDM, and EMM Explained

October 02, 2015 | Posted in:

Cybersecurity, Network Security, IT Solutions & Support, Cloud Security

Mobile Device SecurityIt’s no revelation that the age of Bring-Your-Own-Device (BYOD) computing is here and has been for some time. Whether it's with a smart phone, tablet, or smart watch, BYOD is a convenient way for today's workforce to stay connected. Recent surveys show that BYOD adoption, as a business tool, presents a company as more attractive and a "must-have" for millennial-generation job applicants.  

With intellectual property, personnel records, and data retrieval systems now living on mobile devices, it is natural to worry about the security of this information. Simply put, it’s a BYOD world; every user is unique as is every device. With access to “anywhere technologies," the need to corral, inventory, and have some sense of control in the business environment is a natural progression.

Corporate entities, more and more, are coming to grips with the reality that traditional network security policies and design are not enough to deal with the fast-paced demand of the mobile needs while keeping systems Integrity and security concerns at bay.

Today’s IT support staff needs to not only have visibility of the comings and goings of BYOD devices within their network, but they also need tracking, statistics, tiered access, mobile application policies, and proactive mitigation of problem devices. That sounds like a lot, doesn't it?

Let’s take a step back and look at some technologies that address these concerns, namely MDM, and EMM.

Mobile Device Management (MDM)

MDM consists of configuration and policy management tools that unify BYOD devices with business computer policies. As devices join a network, they are either asked to enroll or they are dynamically enrolled (if access is not denied). Once enrollment occurs, the device can be managed. Typical functionality of an MDM software includes: 

  • Hardware and application inventory
  • Physical tracking and geo-fencing
  • Configuration of security policies such as password policy, device encryption, WiFi settings, detection of jail broken devices, etc.
  • Execution of actions such as partial or remote device wipe, remote lock, device location mapping, and pass code clearing
  • Access to self-service portals to enable users to protect personal and enterprise data

Now, let's learn about EMM, or Enterprise Mobile Management.

EMM consists of the following capabilities:

  • Mobile device management
  • Mobile application management
  • Mobile content management

Mobile content management products provide a secure container that enables enterprise data to be secured while preserving the mobile experience on the mobile device, whether it’s supplied by a corporation, or employee-owned. Users can access their email, contacts, calendars, apps, documents and web browsing from within the secure container installed on their mobile device.

Putting it all together.

As you can see, EMM is basically the umbrella concept above MDM, even though it was developed afterwards. Early MDM grew out of the simple need to gain control of email data, toggle enable, and wipe ability to ensure data procurement once a device was lost or an employee left their company. As other needs such as inventory, security policies, application development, and content control became a necessity within the enterprise environment, it made logical sense to re-shuffle and silo needs beneath the EMM. 

In summary, in the past it has been a proposition of “IT dictates progress or Progress Dictates IT." If approached correctly, it can be a partnership of both. The IT landscape is shifting and progressing at such a rate today that IT adoption policies born on day one may not be as relevant on day 365 or even 180, in some cases. BYOD devices have evolved to not only be devices that need to be managed, but sensors that expand the continuum of business efficiency and potential.

To learn more about BYOD, MDM, or EMM for your business, email info@syseng.com, or fill out a Contact Us form.