BACKGROUND IMAGE: iSTOCK/GETTY IMAGES
The process to adopt and implement enterprise mobility management tools doesn't stop after identifying a company's...
needs and requirements. More often, EMM is not a single product but a suite that consists of mobile device management (MDM), mobile application management (MAM), mobile identity management and mobile content management.
There are key platforms that administrators should look for among the EMM providers in the market, including the following:
- iOS device management;
- Android management -- using Google's Android for Work or Samsung's Knox; and
- Windows support.
There is plenty of available support for services in the EMM market. Areas to focus on when reviewing each vendor should be scalability, quality of service and tool selection. Organizations must also consider whether to host an on-premises EMM tool or deploy in the cloud.
To find the most suitable software, buyers should focus on characteristics that are common across the EMM market to drive down licensing costs. Most of these EMM providers overlap in their capabilities and functions, so no one vendor can truly say they are unique from another. It is up to the buyers to discern the pricing, licensing and special features of each vendor.
Here's a rundown of EMM providers that offer varying capabilities. IT admins can compare them and see which one is the most suited option for their organization.
Apple recognizes that the next stage of growth for its devices is through support in the enterprise. Though businesses were traditionally strongholds for Windows devices, iOS devices -- specifically iPhones -- are now solidly supported.
For this reason, Apple is providing increased support for MDM and EMM services in iOS . The iOS platform now supports three key technologies:
- The Device Enrollment Program automatically enrolls devices in a company's network. The Apple Configurator 2 provides EMM enrollment without physically touching the device, which provides huge cost savings.
- Apple's Volume Purchase Program enables corporations to buy large volumes of licensed apps and make them available to employees.
- The Apple Developer Program allows for custom app creation and deployment on internal enterprise app stores.
Schools have additional options starting with iOS 9.3, which allows devices to manage multiple profiles, enabling several students to share one device. The capabilities tailored for schools expand with each major release of iOS.
These are programs that can be extended to MDM and EMM providers through APIs in the iOS software. There are a few key areas though, where Apple still hasn't simplified processes for companies, including these two examples:
- The App Store: Apple does not prevent a managed device from downloading an app on the iTunes App Store. Any iOS device can run any of the 2 million apps available from Apple. The potential risk in allowing all these app installations comes when IT runs an audit on the software and apps that run the business. This process, often referred to as app rationalization, cannot be controlled with iOS-powered devices in the same way it can be for Windows.
- iOS updates: Apple does not allow companies to restrict upgrading to the latest version of iOS, allowing Apple to migrate millions of active iOS devices to the latest release within days; therefore, all custom enterprise apps must support the current version of iOS.
Apple, probably recognizing its shortcomings in the aforementioned areas, is constantly releasing the tools necessary to manage large numbers of iOS devices. It is also clear that Apple takes working with enterprises seriously, as shown by recent strategic partnerships with Cisco, IBM and SAP.
BlackBerry acquired WatchDox and Good Technology's Good Dynamics platform to become a comprehensive EMM suite. The full suite of tools now comprises BlackBerry Enterprise Server 12, Good Technology collaboration apps, Good Dynamics and WatchDox by BlackBerry.
Organizations can host BlackBerry's EMM tools on premises or in the cloud. The cloud support is in Canada and the Netherlands. Local data protection laws may prevent data from leaving the country and will, in turn, cause problems with the cloud-hosting model that BlackBerry offers.
Neither BlackBerry Enterprise Server nor Good Dynamics are top-class products by themselves, but together, the package is a strong offering in the EMM market. As is expected with the BlackBerry brand, support is very strong for these products. Potential buyers should not see BlackBerry and its two acquisitions as three separate companies, but as one suite of tools.
The best type of customer for BlackBerry is a government agency or a large-scale corporation that places security as the top priority.
Citrix has long been a vendor in the desktop virtualization and server environments, led by its XenMobile product line. The Citrix tools that make up its XenMobile EMM suite include NetScaler, ShareFile and XenMobile.
The strength of XenMobile is its ability to provide access to Windows-based software on a mobile device. This is beneficial for highly mobile workforces such as sales teams. The downside is that user experience is poor, particularly on a mobile phone. Older Windows 7 apps do not translate well to a touch environment. Citrix is doing a lot of work to counter the problems of earlier XenMobile deployments with a touch-friendly software developer's kit that users can add to desktop apps and that provides easier access on a mobile platform.
The biggest challenge for companies utilizing Citrix tools is scalability. Small and midsize companies should be fine, but larger companies will have problems if they fail to correctly configure their SaaS environment.
Many of these EMM providers offer services that have expanded through acquisitions. IBM has a strong selection of security tools -- Trusteer, QRadar and BigFix -- and the acquisition of MaaS360 completes the support model. MaaS360 is a cloud-based environment that supports device management for iOS, Android and Windows phone devices. MaaS360 also manages Windows and Mac OSes to provide a comprehensive, one-stop product for all enterprise endpoint devices.
MaaS360 is a compelling, reasonably priced tool with fast deployment. Each service in MaaS360 is also available as an API, providing an opportunity for developers to extend the security of mobile apps through centralized EMM software.
MaaS360 is a good turnkey product for companies that want to quickly implement a comprehensive EMM environment. Companies of any size can use MaaS360.
LANDesk's EMM tools are still maturing. The strength of LANDesk is in its universal endpoint management offering that includes support for mobile and PC devices. Organizations will find excellent product information management functionality and reporting tools through its Xtraction tool.
LANDesk's EMM product is for companies managing very few mobile devices that require only basic controls.
Microsoft's doctrine is now "mobile first, cloud first" for software. This is the case for the Office365 suite of tools that users can access from Windows PCs, MacOS, iOS and Android devices. Device management and security are not new areas for Microsoft. The current suite of tools to manage devices is the Microsoft Enterprise Mobility Suite. It comprises Microsoft Intune, Azure Active Directory Premium, Advanced Threat Analytics and Azure Rights Management. Intune, by itself, contains a selection of core tools that provide MDM, MAM and configuration management and has a specific focus for Office 365 mobile app management.
Intune is a cloud-only product and is maturing rapidly to compete with other products on the market. There is now also support for Android Enterprise available.
Microsoft's EMM tools are good for companies that are heavily dependent on Office 365 and other Microsoft Cloud services.
MobileIron is one of the few EMM providers on the market that is a stand-alone product. MobileIron has one of the strongest EMM tool sets and has a proven record of stability, scalability and adopting emerging technologies, such as Android for Work.
The company started as an on-premises provider and launched cloud software in 2012. Companies such as Verizon and AT&T partner with MobileIron.
Areas of weakness for MobileIron often center on its enterprise app store -- Apps@Work -- which isn't visually on par with competitors' app stores and is limited. With that said, MobileIron is a solid choice for companies that are starting their BYOD program. The tool is simple to use and deploy. It does provide excellent management of devices.
SAP has a broad range of mobile tools that fit in the company's aggressive move into more effective user experiences. Mobile tools include Fiori and Build.me. In addition, SAP has an MDM tool called Afaria. The current version, Afaria 7, was released in 2012 and has received annual support updates. Afaria is very much an MDM product for Android and iOS devices. Do not expect Afaria to support the same set of features you will find in other EMM providers.
Sophos is an ideal product for small and midsize companies. Admins can deploy the core EMM products either on premises or through the cloud, and they come with endpoint protection, unified threat management, a virtual private network and Android antivirus protection.
The key strength for Sophos is that it is easy to deploy and administer and has great support. While Sophos targets small to midsize companies, its own set of products can scale to 50,000 active accounts.
Sophos is a solid product for companies that have an enhanced parallel port and want to consolidate to a single EMM system.
SOTI could prove beneficial to companies that have large Android deployments. Using this platform, businesses can deploy Android-powered phones and tablets at a low cost of entry per device. This is especially advantageous for emerging markets, such as Latin America and the Asia-Pacific region, where an Android device can be as much as 10% of the cost of an iOS-powered phone.
SOTI's core focus is on rugged devices as well as Android devices; however, the central tool in SOTI's EMM suite, MobiControl, also supports iOS and Windows platforms.
SOTI supports a number of industry protocols and its own APIs to manage Android devices in an increasingly highly fragmented market. For instance, SOTI has strong support for Samsung Knox 2, Google's Android for Work, Sony's API support and SOTI's own Android Plus technology.
SOTI is ideal for companies that have invested heavily in Android. This includes many industries, such as transportation, hospitality, retail, field service, manufacturing and healthcare.
As with MobileIron, SOTI is a stand-alone EMM provider. It can be difficult to negotiate rates if customers can't bundle services together.
VMware acquired AirWatch in 2014 and then followed up with the acquisition of Boxer in late 2015. The combination of tools places VMware among the top choices for EMM.
AirWatch's core EMM tools are hosted in the cloud and can connect to on-premises corporate authentication services such as Microsoft Active Directory Federation Services. AirWatch has proven to scale quickly from a small number of accounts to very large international accounts.
Users can secure access to email through Boxer. It now includes support for Android as well.
VMware is deploying management tools for internet of things devices, such as wearables and custom-built tools.
There are industry concerns that VMWare's EMM services may not get the level of support they need due to the EMC merger with Dell. EMC is the parent company to VMware, and its EMM services are small compared to the rest of the company and may not receive the attention they need.
Compare the top EMM software suites
Learn what features to look for when purchasing EMM tools
Find out why an EMM platform is so essential for modern networks