So what is Enterprise Mobility Management?
Once upon a time it was just about Mobile Device Management… Remember the old BlackBerry?
BlackBerry invented the BlackBerry Enterprise Server. The Server would connect to your mail system and perform a true push to the connected devices across BlackBerry’s own network. It was costly for a vendor to do that and there were a number of copies such as Good Technology etc. You could implement policies on the devices to prevent users from performing certain actions and from a user point of view they could be quite restrictive.. (more of that later)
Eventually Microsoft delivered Active-sync and a number of the catchup vendors such as Apple and Google settled on this protocol with a number of caveats.
So we now come to today. Enterprise Mobility Management has come a long way from when it began, from simple device management to managing application polices and securing all devices including Windows and Mac OS, allowing corporations to manage devices connecting to their infrastructure whether it be BYOD, COPE, COBO or BYOL.
So where are we now? I come from a BlackBerry background and last used their UEM product which as an MDM platform was the most mature, but I am now looking at 4 main contenders in the industry. BlackBerry UEM, VMWARE Airwatch Workspace ONE, Mobile Iron and Microsoft Intune. And will include the main mobile contenders. There are others like IBM Maas and Citrix Xen but I don’t have any experience of them.
BlackBerry UEM has evolved since the takeover of Good Technology to integrate the Dynamics Platform to provide the best BlackBerry provided as an MDM platform and what Good Provided as an Application platform. They can also manage Bring your own Laptop, securing corporate data from personal databases and are probably the most mature of vendors.
Microsoft Intune. If you are running the Office 365 suite and want to control data, then Intune is a must because it provides Microsoft Application Management policies alongside Conditional Access. This will secure Microsoft data, but Intune is not the most mature MDM platform, but thankfully you do not have to use Intune as an MDM platform since the other vendors are able to plug into it and use their MDM and EMM capabilities along with Intune providing Microsoft policies.
If you want to evaluate an EMM solution, VMWARE Airwatch Workspace ONE is probably the quickest to set up. In 10 minutes I had the cloud tenant provisioned , Apple APNS certificate installed and connected to Intune. BlackBerry UEM took a little longer to do the same, but for me Mobile Iron was a little less intuitive, but that is just a personal opinion. Note intune needs to be provisioned first.
Each have their own flaws and merits but each can probably do what you need them to do. For me, I’d now probably pick Airwatch with Intune because it seems to just edge ahead of BlackBerry for complete integration. But for the Application and if you are not concerned so much with the MAM policy and conditional access I’d pick BlackBerry.
A note about Smartphone Vendors. I have typed this on an iPhone X and also have a Pixel 3. I also adored my BlackBerry 10 phones and I have no doubt one day someone is going to come along with something better. But for now if you are happy with what you have, go with it.