UEM, EMM, and MDM Solutions: What’s the Difference?

Do your employees use company-owned or personal mobile devices on-site or remotely? You need answers before you choose a solution.

Mobile Device Management

When discussing mobile management, Jeramy Kopacko, Senior Territory Solutions Engineer at Sophos, points out that breaking down the acronyms is important. The big three are MDM (mobile device management), EMM (enterprise mobility management), and UEM (unified endpoint management):

  • MDM solutions cover tablets and smartphones, predominantly driven by iOS and Android operating systems, and allow for full device management, security controls, and application management. MDM can be used with corporate-owned, single-use devices such as a self-service kiosk, single app mode device, or point of sale device. Or, in the modern office, MDM solutions can be a solution for deploying corporate-owned tablets or cell phones for employee use.

EMM expands MDM’s capabilities by also allowing for bring your own device (BYOD). EMM gives employees the opportunity to enroll their own devices into corporate IT resources. EMM provides the organization with encrypted, policy-controlled, and unique containers on the employee’s device to provide specific apps, email, data, and content. This allows the organization to provide resources and respond if the device violates compliance policies. With EMM there is also an option for device control from the manufacturer; if a company purchases a specific volume of devices, the manufacturer will give the user the capability to limit the reactivation of lost or stolen devices.

  • UEM encompasses both MDM and EMM while solving even more challenges associated with mobile devices, desktops, and Internet of Things (IoT) devices. UEM can manage devices cross-platform to lockdown hardware, software, data, and management in a single console.

Kopacko says, “The right strategy provides organizations with peace of mind, allowing for seamless deployment of VPN profiles, certificates, applications, enforcing device compliance, and more. Organizations gain visibility and control of their devices anywhere their employees are asked to work.”

The Benefits of Company-Owned vs. Personal Devices for Remote Work

Businesses and organizations may need your guidance when establishing mobile device and remote work policies for their employees or team members. They may turn to you for advice on whether they should allow personal devices to connect to their networks.

Kopacko explains, “Larger enterprises often have some sort of remote access strategy for employees to work away from the office with laptops or tablets. VPN tunnels have been the standard for so many to get connected, but this has impacted bandwidth for just about everyone. Company-owned mobile devices, which come with predetermined security hardening and management, still offer more benefit for the organization than personal devices.”

He adds, however, that when employees use company-owned devices remotely to maintain the organization’s workflow, it can lead to security vulnerabilities. “MDM solutions can bridge many gaps, including patch management from the hardware manufacturers or operating system — often the first step in preventing any breach. MDM can also ensure your devices have a managed security policy and reports on its overall integrity,” Kopacko says.

“In certain situations, however, employees may want to utilize personal devices for business, necessitating an EMM or UEM solution,” he comments. “Speaking from experience, it’s easier to enroll your cell phone with IT to access company email and data than to carry a second dedicated phone. Most employees would agree this is an optimal way of staying connected.”

“Unfortunately, certain users will try to find ways to circumvent the security systems in place. This can be as simple as sending an email with data to a personal account. Organizations should be looking at data management to address these gaps and concerns,” Kopacko says.

Advice for Selling MDM Solutions

Kopacko stresses that it’s important for managed services providers (MSPs) and value-added resellers (VARs) to begin the sales process by understanding the client’s digital strategy and where their data is stored and accessed. “Each client presents its own challenges and demands for mobile devices,” he says. “Certain industries, such as manufacturing or healthcare, rely on fleets of mobile devices to ensure their processes run smooth and efficient. An effective mobile device strategy should help these devices remain patched and managed as well as minimize downtime.”

“For industries with compliance demands, a strong mobile device strategy can give your clients the confidence that data is controlled on the devices that access it,” he adds. “It will also provide them with visibility into how it is stored when an authorized user is interacting with it — while limiting the chance of unauthorized access.”

A recent Ivanti survey found that nearly 9 out of 10 (87%) respondents don’t want to work from the office full-time. Additionally, nearly half (45 percent) would be happy to never step foot in an office again, while 42 percent indicated they prefer a hybrid model that splits time between home and office.

Kopacko says there will likely be greater demand for UEM offerings. Vendors are now positioning themselves to become leaders in this emerging space that offers security, compliance, and management solutions in a single console.

In many cases, it will fall to you to advise your clients whether UEM, EMM, or MDM solutions are the best fit and which will result in the greatest productivity and ROI for their organizations.