Enterprise mobility 2024: Welcome, genAI

Generative artificial intelligence (genAI) has become a focal point for many organizations over the past year, so it should come as no surprise that the technology is moving into the enterprise mobility space, including unified endpoint management (UEM).

“Generative AI is the latest trend to impact the UEM space,” says Andrew Hewitt, principal analyst, Forrester. “This has been the main topic of interest in the last year. We see generative AI having impacts in multiple areas, such as script creation, knowledge-based article creation, NLP [natural language processing]-based querying of endpoint data, and help desk chatbots. All of these are considerations for inclusion within the UEM stack.”

There is “tremendous potential” for genAI to augment digital workplace operations, but there’s been limited adoption within UEM tool vendors so far, says Tom Cipolla, senior director analyst at research firm Gartner.

“We expect this [to] rapidly change as vendors realize the additional revenue opportunity associated with genAI-augmented tools and customers fully embrace genAI as a force multiplier,” Cipolla says.

[ Free download: UEM vendor comparison chart 2024 ]

GenAI makes its UEM debut

In December 2023, VMware announced it was making genAI-powered scripting capabilities available in its Workspace ONE UEM platform for US customers on a tech preview (pre-beta) basis. This is the first feature enabled by genAI for the platform.

The new feature allows users to generate scripts automatically based on a prompt provided by the product’s administrator. The scripts use best practices, but the admin has the opportunity to review and modify the output, according to VMware.

The genAI engine supports multiple scripting languages such as PowerShell, Bash, and Python, supporting users who switch between different languages within Workspace ONE for both Windows and macOS platforms.

Microsoft in November 2023 announced that its Security Copilot, a genAI-assisted cybersecurity tool, can be integrated with its cloud-based UEM offering, Intune. This allows organizations to use endpoint data to inform the health and security of their digital estate, according to the company.

Microsoft, which made the new capability available as a private preview for select customers of the Security Copilot Early Access Program, says it gives security teams “unprecedented visibility” across security data with full device context, real-time guidance when creating policies in Intune, and the ability to discover and remediate the root cause of device issues faster.

Consolidation rules

Over the past year there has been an increasing push toward consolidation in device and user management, Hewitt says, not just in terms of moving management of all operating systems under one roof but also bringing third-party tools such as patch, digital employee experience (DEX), and remote control into the UEM platform stack as well.

“While the convergence of UEM with endpoint security has not materialized, we do see increasing interest in bringing vulnerability management data into the patch management stack,” Hewitt says. “Overall, IT admins are facing significant pressures to reduce cost, and consolidation is one of the key ways to do that.”

For example, analytics tools are emerging as new features in UEM products, says Phil Hochmuth, program vice president, enterprise mobility, at IDC. These include DEX tools that help IT teams figure out how users work with their devices and what areas of frustration can be fixed, he says. They can help teams analyze telemetry data gathered from UEM platforms. “Also, automation and AI-based features around patching anomaly detection and remediation are emerging,” he says.

Another key trend underway is the use of low-code automation with systems. “Low-code is something frequently offered within the UEM platform as a way to orchestrate policy,” Hewitt says. “Ivanti and VMware both support this today.”

State of play

While there have not been major changes in the UEM market over the past year, the industry is watching to see what happens with VMware now that Workspace ONE will be spun out from Broadcom in the wake of Broadcom’s acquisition of VMware, Hewitt says. “This could have a significant impact on the UEM market, helping VMware to double down on the market but also giving other competitors a significant opportunity to gain market share,” he says.

And while there haven’t been any new UEM entrants this year, “we have seen increasing interest in client management tools that focus on Windows, Linux, and macOS primarily, without a focus on mobile,” Hewitt says. “Tanium, NinjaOne, Automox, and Datto are examples of vendors that have come up frequently.”

Organizations remain focused on increasing patch velocity and effectiveness, “which has driven the majority to migrate from on-premises solutions to cloud-hosted UEM platforms over the last three years,” Cipolla says. “New vendor entrants to this market face challenges gaining market share, due to vendor lock-in, the technical and logistic complexity of migration to a new product, and fear of patching process disruption.”

The UEM market “is highly mature, with relatively consistent major feature capabilities displayed among the vendors,” Cipolla says. “Differentiation in the UEM tools market is exhibited primarily within the breadth and depth of the vendor’s [operating system] support, as well as their capabilities to accelerate and automate routine operations such as patching and configuration management.”

Pricing of platforms is on the rise, Cipolla says. “With most vendors, we have seen price increases to keep pace with inflation and rising costs,” he says. “Perpetual licensing continues to be phased out in favor of subscription-based licensing as well.”

Pricing models are still similar to a few years ago, “but we are seeing more bundling of UEM with other products from vendors with larger software portfolios,” says IDC’s Hochmuth. Among the products UEM is being bundled with are cybersecurity, IT service management, and patch management, he says.

Looking ahead

“We will likely see greater convergence between endpoint management and DEX tools this year,” Hewitt says. “The value of data is increasing within the UEM space, as it is an important driver of automation within the toolsets.”

Among the emerging UEM features and trends Cipolla is seeing are integration with threat intelligence services to provide additional context, integration with real-time vulnerability scanning, and third-party application package repositories to provide pre-packaged apps for rapid deployment. 

The future of the market is autonomous endpoint management (AEM), Cipolla says. AEM combines device patching and management capabilities from UEM tools, threat intelligence data to determine priorities for remediation, and endpoint performance and stability data from DEX tools to provide insights and remediation for impacts related to patching.

“Currently, AEM is mainly an approach made possible through using multiple tools,” Cipolla says. “However, some UEM vendors are in the process of adding native features as well as integrations with other tools to complete this vision.”

Over the next two to four years, Gartner anticipates that the inability of enterprise IT leaders and managed service providers to scale staffing levels and skill sets to meet ever-increasing business and cybersecurity demands will rapidly fuel the demand for AEM.

Read next: 

• UEM vendor comparison chart 2024
• How to choose the right UEM platform
• How UEM supports the hybrid workplace 
• 8 key technologies for the future of work

This story was originally published in June 2015 and most recently updated in February 2024. Keep reading to see how mobility management has evolved over the years.

2023: UEM meets DEX

If there was ever any doubt about the future of unified endpoint management (UEM) as a key component of enterprise mobility strategies, the now-permanent shift to hybrid and remote work models has sealed the deal. UEM has become a critical part of enterprise efforts to manage this complex environment.

Forrester Research’s 2022 Business Technographics Infrastructure Hardware Survey shows that 28% of infrastructure hardware technology decision makers will be investing in UEM over the next 12 months. “This is in line with previous years, so we continue to see stable growth in the UEM market,” says Andrew Hewitt, senior analyst at Forrester.

“However, most organizations today have a UEM solution in place,” Hewitt adds. “Most of the deals today are not net-new, but rather replacements of older endpoint management investments.”

Research firm Gartner sees several forces shaping the current UEM market, says Dan Wilson, vice president and research analyst, Digital Workplace Infrastructure and Operations. One is that remote and hybrid work have permanently replaced exclusively in-office work, which has underscored the importance of UEM for managing all endpoint devices used in an organization.

Another force is integration with endpoint analytics and endpoint security tools, to build proactive and resilient defenses against better-skilled adversaries, Wilson says. In addition, there is a greater focus on intelligence and automation to drive operational efficiency and improve digital employee experience (DEX).

Trends in UEM

One of the more notable UEM usage trends has been the adoption of analytics capabilities for endpoint device monitoring, says Phil Hochmuth, program vice president, enterprise mobility at research firm IDC. “This has less to do with finding out what employees are doing in terms of productivity and more to do with automating end-user support,” he says.

Along those lines, DEX tools are making a significant splash in the space, Hewitt says. Also known as end-user experience management (EUEM) or digital employee experience management (DEEM) tools, DEX software measures, analyzes, and evaluates employee satisfaction with workplace technology, providing companies with guidance for improvements.

“Digital employee experience monitoring capabilities are now becoming common across the space,” Hewitt says. “We continue to see vendors investing in telemetry collection on the endpoint to drive visibility, benchmarking and remediation use cases.” This not only helps IT administrators to improve experience on the endpoint, he says, but also reduces costs through automation of experience issues.

Forrester continues to see downward pressure on UEM pricing, due to “commodification in the market as well as pressure from the Microsoft 365 suite, which includes Intune management,” Hewitt says. “Add-ons for digital employee experience at a higher cost point is one of the newer pricing trends.”

Pricing is continuing to shift to a user-based, monthly fee model and away from the device-based pricing that has been traditional in UEM, Hochmuth says. “This is an advantage for enterprises, as most users in organizations are probably using two or more devices in their daily digital workspace,” he says.

The leading vendors in the market have not changed in the past year, Hochmuth adds. It’s still largely concentrated around Microsoft and VMware, with vendors such as Ivanti, BlackBerry, Google, and IBM also in the mix, he says.

Gartner considers UEM to be a mature and stable market, says Wilson. Revenue growth among vendors tends to be driven by expansion within existing customers, he says, and the primary drivers of the market are modernization of endpoint management and patching, as well as automation and improved DEX.

“Although Gartner continues to see increased adoption of UEM and modern [operating system] management in parallel, we still advise clients to be methodical with the transition from traditional approaches,” Wilson says. “This is especially true for those with significant technical debt and complexity, and those with more rigid policies and processes.”

Enterprises should avoid waiting for the “perfect” UEM tool that addresses all requirements, “because this rarely exists,” Wilson says. “Instead, choose a UEM tool that addresses most requirements, then look to fill gaps with complementary tools.”

Looking ahead

The rapid evolution of software-as-a-service-powered capabilities and the emergence of DEX tools offer a glimpse into the next evolution of endpoint management beyond UEM, Wilson says.

“Over the next three to five years, we anticipate that the inability of enterprise IT leaders and managed service providers to scale staffing levels and skill sets to meet ever-increasing business and cybersecurity demands will catalyze the adoption of intelligence and automation,” he says. Gartner calls the next phase autonomous endpoint management (AEM).

There will also be a closer alignment of UEM and enterprise security.

“A major development we’re seeing come together is the integration of endpoint security and endpoint management roles in many large enterprises,” IDC’s Hochmuth says. “Businesses are starting to converge endpoint management security into either a single unit of support staff, or at least having these two previously separate groups interact and collaborate more closely.”

The increased focus on security and compliance as a function of UEM is driving this, as well as heightened awareness around threats such as ransomware and endpoint device compromising via phishing, Hochmuth says.

Another trend is an increased need to develop “self-healing policies” for endpoint devices that can bring them back to a predefined state if they drift, says Forrester’s Hewitt. “Some UEM vendors are investing in making low-code orchestration available natively in the product, to enable this type of workflow,” he says. “If successful, it would enable IT [administrators] to accomplish greater amounts of automation within their platforms.”

DEX will continue to be a priority for vendors. A year ago, not many UEM platforms had embraced DEX capabilities, according to Hewitt. “Now, most of them do,” he says. “More have also made progress on the endpoint security front. We expect endpoint management platforms to pursue those two paths over the next [few] years. In two years, UEM as we know it today will look a lot different. Expect cloud, automation, experience, and compliance to play a much bigger role.”

In the meantime, UEM will remain at the center of post-pandemic enterprise mobility strategies.

2022: UEM adds user experience, AI, automation

The past two years have seen mobility management take on a greater importance than ever in the enterprise. As remote and hybrid work models take hold at many organizations, “mobility management” has expanded its meaning from management of mobile devices to management of all devices used by mobile employees, wherever they happen to be working from.

Unified endpoint management (UEM) has become a strategic technology at the center of companies’ efforts to control this increasingly complex environment. Essentially combining enterprise mobility management (EMM) tools with PC management tools, UEM platforms help companies manage and protect a range of devices including smartphones, tablets, laptops, and desktop computers across multiple operating systems — all from a unified interface.

“With remote and hybrid work here to stay, having a cloud-powered, unified endpoint strategy and toolset is key to staying ahead of updates and security risks,” says Dan Wilson, senior director and analyst at research firm Gartner. “We are also seeing an increase in interest around UEM tools managing macOS and Linux endpoints, as part of continued efforts to consolidate tools, teams, and associated skills.”

What the UEM market looks like

The UEM market is dominated by about a dozen major vendors. It’s not seeing many new players enter the fray, Wilson says. “However, [smaller] vendors offering products and capabilities for specific use cases are gaining attention,” he says.

Such use cases include managing frontline worker devices, sensors and smart devices used in logistics and transportation, kiosk devices, Internet of Things (IoT) endpoints, commercial drones, and wearables, he says. “These are not often available from the mainstream UEM tools,” Wilson says.

The few new entrants into the UEM market tend to be companies focused on small and midsized businesses (SMBs), says Andrew Hewitt, senior analyst at Forrester Research. “We expect that market to fundamentally transform into a new market in the next two to three years,” Hewitt says. “What that looks like is hard to say at this point.”  

Pricing of UEM platforms remains more or less stable, Hewitt says. “I still routinely see anywhere between $1 and $10 per user per month,” he says. “There’s a mix of both per-user and per-device pricing out there, with per-user pricing increasingly common. However, I don’t see major changes when it comes to pricing. One new trend is providing specific pricing for frontline workers, which a few of the UEM providers now have today.”

While list prices for UEM platforms are not changing, some vendors are getting more aggressive with discounts, Wilson says. “New SKUs and bundles are being created to attract smaller or budget-conscious customers,” he says. 

Emerging trends for 2022 

Forrester sees a few major trends emerging for UEM this year, Hewitt says. One is the rise of user experience management within UEM tools. The use of end-user experience monitoring (EUEM) will become more common among organizations, he says. 

This involves collecting telemetry from endpoints for the purposes of benchmarking end-user experience, remediating issues, and collecting employee feedback. “As enterprises continue to try to improve employee experience for hybrid work, these experience management capabilities will become increasingly useful, especially when combined with existing tools in house,” Hewitt says. 

Another trend Hewitt notes is an acceleration of “modern management,” a strategy to manage endpoints in a unified way without compromising the security of the endpoints. “The pandemic forced many IT decision makers to modernize their endpoint management strategies to better serve remote workers,” he says. “We’re now seeing large moves to support modern management, and the UEM vendors are making it increasingly easy to do so with new migration tools.” 

In addition to these developments, Hewitt expects to see a greater focus on remote-first management capabilities with UEM, “specifically when it comes to visibility over at-home endpoints and improved patching via the internet,” he says.  

“I’d also expect to see a greater focus on improving deployment automation, providing a fully automated deployment service that includes areas previously not included, such as BIOS [basic input/output system] configuration, user personalization, and third-party app deployment,” he says. 

Gartner’s Wilson points to many of the same trends. “We anticipate leading UEM tools will continue to try to consolidate workloads and expand features to include experience management, automation, patching, vulnerability and risk management, configuration management, secure remote access, and remote control,” he says. 

Security and endpoint management unite

Another major trend Forrester emphasizes for 2022 is the continued convergence of endpoint management and endpoint security. Some UEM vendors have acquired endpoint detection and response (EDR) providers in recent years, Hewitt notes. “In addition to integrating those tools, we’re seeing more interest among vendors to offer combined management and security capabilities within a single platform,” he says. 

What this means for buyers is more consolidation of tools, fewer agents — software tools that monitor threats and vulnerabilities — on endpoint devices, and a growing need to improve collaboration between IT operations and security teams, Hewitt says. 

Phil Hochmuth, program vice president, enterprise mobility at IDC, highlights the unification trend as well. PC management technology will increasingly look like mobile device management (MDM) as modern endpoint management adopts MDM protocols and architectures for software delivery, he says.  

“Automated unified endpoint patching — especially third-party app patching — will be difficult to achieve,” Hochmuth says. “Endpoint management teams will increasingly take on endpoint security roles as this line blurs. To address these trends, we’re advising enterprises to keep ‘traditional’ endpoint options open for end-user endpoint management, with an eye toward modern management.” 

IDC is emphasizing the importance of a “single pane of glass” functionality across multiple operating systems and device form factors, Hochmuth says. “We’re seeing and encouraging more integration of UEM technology into both end-user computing operations teams and security operations,” he says.

AI, ML, and automation on the rise

Mobility experts expect artificial intelligence (AI), machine learning (ML), and automation to play increasingly important roles in UEM platforms. 

“Analytics is becoming an increasingly popular feature being introduced by UEM vendors,” Hochmuth says. “This is the ability to gather data and telemetry from managed endpoints and putting that data into usable reports and workflows driven by automation and AI.” 

Because AI and ML capabilities are relatively new, “it will take time to prove to IT administrators that the insights and recommendations [made by AI/ML] are complete, accurate, and reliable,” Wilson says. “But the sky is the limit on what can be done to eliminate repeatable, mundane tasks. We also expect to see ML play into better risk and vulnerability assessment to drive better prioritization of and eventual automation of software updates and patching.” 

There is a tremendous need for self-healing of endpoint devices today, “and AI plays a large role in that by bringing the endpoint back into compliance with its initial configuration,” Hewitt says. “We also see an AI play when it comes to proactively improving experience or preventing issues from happening that disrupt employees.” 

This will require significant coordination and historical knowledge of user behavior, Hewitt says, “but it’s something that will improve enterprises’ ability to predict and solve issues before they happen.” 

2021: UEM becomes key to the hybrid workplace

The push toward unified endpoint management (UEM), a technology strategy that emerged a few years ago and became especially vital during the COVID-19 pandemic and shift to remote work, will likely play a major role in the coming months. Many workers have begun returning to their employers’ offices at least part of the time, and a new, hybrid work model is emerging post-pandemic.

UEM, an approach that unifies and centralizes how enterprises manage devices such as smartphones, tablets, PCs, and Internet of Things (IoT) devices, is an extension of mobile management technology that has evolved from enterprise mobility management (EMM) platforms, which in turn grew out of mobile device management (MDM) products. UEM delivers a comprehensive approach to managing all kinds of devices in the enterprise, so is a natural fit for the hybrid workplace.

“Across the world, the way people work has changed significantly,” says Adam Holtby, principal analyst at consulting firm Omdia. “Mobility has been the central theme of this change, with businesses across the globe embracing remote and flexible work styles at an unprecedented speed and scale.”

For many, the shift to remote and fluid work styles will be a permanent one, Holtby says, and businesses must act now to ensure that the right technologies, services, and processes are in place to support the new ways of working.

“Workplace mobility is nothing new, but in 2021 it will rise in priority as enterprises look to invest in capabilities that help secure and enable a more flexible workforce,” Holtby says.

Redefining mobility

The remote work model redefined “mobility management” in the enterprise, expanding its meaning from management of mobile devices to management of all devices used by mobile employees, including those who work from home, says Dan Wilson, senior director and analyst at research firm Gartner.

“This has elevated the importance of UEM and devalued disparate [MDM] tools and use cases,” Wilson says. Critical capabilities to support the “anywhere workforce” include location-agnostic automated device enrollment; software deployment; operating system and app patching; policy management; and integration with identity, remote access, and endpoint security tools for zero trust, he says.

This can only come from UEM, which “has served as a foundational technology to enable an any device, any app, any location experience for the workforce,” says Andrew Hewitt, a senior analyst at Forrester Research. The pandemic proved the importance of UEM, he says, as it allowed organizations to enable people to work from home effectively and easily, all while helping IT organizations ensure they could manage and secure enterprise data as it left the traditional perimeter.

“As we move into a hybrid working world, features such as single sign-on, certificate management, and multi-factor authentication, which all come standard in most UEM solutions today, will ensure employees can easily switch context between the home and the office,” Hewitt says.

Forrester also expects that UEM will play a vital role in distributing applications for the return to work, such as health and safety applications and desk booking tools, Hewitt says. “Increasingly, we’re seeing UEM solutions embed experience analytics to better understand the [technology] experience employees are having,” he says. “This becomes increasingly important in a hybrid scenario, as the surrounding environment is constantly changing, creating issues for the end user.”

An eye on the market

Staying ahead of the curve, EMM vendors have been adding UEM features to their platforms for years. Prices have remained stable over the past year, Hewitt says, ranging from as little as $1 to $2 per user per month to as high as $15 per user per month.

The leading vendors in the mobility mangement market (see chart) are unchanged from a year ago, and there has been no consolidation, with the exception of MobileIron being acquired by Ivanti. “Mostly what we see is UEM vendors acquiring endpoint security functionality,” Hewitt says — for example, the pairing of VMware and Carbon Black, BlackBerry and Cylance, and Ivanti and Pulse Secure.

One noteworthy development in the market is a greater focus on small and midsized businesses (SMBs). “There are definitely more SMB-focused options in the marketplace today, served primarily through the introduction of new vendors such as 42 Gears and Hexnode but also in freemium packages from the larger vendors,” Hewitt says.

Hewitt notes that smaller companies often don’t use the full scope of features offered in EMM/UEM products: “I’ve heard of some customers using as little as 10% of the full capabilities of some products. That leaves a nice opening for SMB-focused players with [a] simpler offering.”

Key trends for 2021

Experts note several key trends in enterprise mobility this year. One is a reemphasis on bring-your-own-device (BYOD) policies and procedures. BYOD “is back with a bang, and businesses must revisit their strategy,” Holtby says.

The speed and scale of the transition to remote working in 2020 presented businesses with a challenge in getting devices to the employees who needed them, Holtby says. “As a result, many people had to undertake work on personally owned devices and across different apps, some of which were not sanctioned by IT,” he says.

Moving forward, organizations need to ensure they have the right technologies and processes to support different device and app management approaches, he says.

“Remote and mobile working is no longer a nice to have; it is a business priority,” Holtby says. “Businesses will move from supporting pockets of remote work to becoming organizations that more fully embrace and support fluid workstyles. This brings a range of different technological, physical workplace, and cultural considerations. Businesses must ensure that employees can easily access work resources and data across different device types when needed, regardless of where they may be located.”

Another trend is a move to converge endpoint management and security, with UEM providers starting to take on more endpoint security capabilities, Hewitt says. “This can be as simple as an enabling a BitLocker enforcement policy or as advanced as doing behavioral anomaly detection on devices,” he says.

Also, the move toward UEM platforms to manage traditional clients using cloud-based MDM application programming interfaces (APIs) is accelerating, as organizations try to support a more mobile workforce, Hewitt says.

New capabilities offered by UEM vendors will go beyond endpoint analytics to enable digital employee experience management (DEX), Wilson says. “In addition to the collection of usage and performance data, DEX applies organizational context to map technology use to roles and business processes, provides a near limitless number of derived insights, and drives automation,” he says.

As endpoint management workloads migrate to the cloud via software-as-a-service (SaaS), the door will open for greater use of machine learning to reduce IT administrative and support overhead and improve employee experience, Wilson says. “This is the next evolution of endpoint management,” he says.

2020: In a pandemic, UEM to the rescue

Enterprise mobility has taken on a whole new meaning during the past several months. Working remotely has become the norm, which means users are relying on a range of devices and apps like never before.

Some key questions for IT leaders to consider: What impact are the changes brought on by the pandemic and resulting economic downturn likely to have on mobile technology going forward? And how can enterprise mobility strategies and tools help organizations, both now and in the long run?

Accelerating UEM

One major mobility trend that will likely continue is the rise of unified endpoint management (UEM), a strategic approach that unifies and centralizes the way organizations manage their deployed devices, including phones, tablets, PCs and even Internet of Things (IoT) devices. It’s a logical extension of mobile management tools that started with mobile device management (MDM), incorporated mobile application management (MAM), and expanded through enterprise mobility management (EMM) platforms. UEM offers a comprehensive approach to managing devices in the enterprise.

Having vastly more stay-at-home workers, combined with curtailed IT budgets, will accelerate the trend toward UEM, says Chris Silva, vice president and analyst at Gartner. The firm has revised its guidance around the importance and timing of UEM from a key program to consider in 2020 to a project that should already be underway.

The older device management tools at many organizations, which rely on centralized imaging and patch management, “present significant challenges as workers remain remote and cannot access physical work locations,” Silva says. “We have already seen more rapid adaptation to supporting remote work in organizations where a UEM tool is in place for PC management.”

Forrester Research is seeing a big acceleration in cloud-based technologies as result of the work-at-home transition. “Some of this is definitely UEM, particularly when it comes to enrolling personally owned laptops into management software to access corporate resources,” says Andrew Hewitt, a researcher at the firm.

“I’ve also been talking to a number of clients that are increasing cloud-based desktop and app virtualization to deal with this transition overall,” Hewitt says. “It’s an alternative approach which can also work for personally owned devices, especially for banks and other regulated industries. Overall, I see increases across the board in different types of EUC [end user computing] technologies, but the common factor is that they’re almost always cloud versions.”

Stepping up remote security

With so many employees working remotely and likely to be doing so for some time, security and user support are high priorities for enterprise mobility.

“It is important that employees have the tools and resources they need to securely work in a more fluid fashion — both in and away from the traditional office environment,” says Adam Holtby, principal analyst at Omdia.

“Mobility management platforms will be an important piece of the remote work puzzle, enabling businesses to secure the use of mobile devices and apps.”

Many businesses had already made effective remote working a reality prior to the pandemic, but typically only for small numbers of people and with slow rollouts, Holtby says. “The sudden huge shift to remote working means businesses have had to act quickly to help employees work from home, but they need to do it in a way that is productive, familiar, and secure,” he says.

Mobility management platforms can help secure against employee behaviors that could put sensitive business data and information at risk, Holtby says.

“For example, if no secure file-sharing options exist, or if they are not well understood, employees may start sending sensitive data over personal email or may save sensitive documents on local device drives,” Holtby says. “Mobility management tools help ensure that only devices compliant with data protection policies can access sensitive work files. Saving work only to a trusted cloud store location is something that can be enforced, using the policy engines many managed mobility solutions offer.”

Some companies are reexamining their authentication strategies and asking if there’s an easier way to establish identity and grant access to work applications than password-centric models, Hewitt says. “Things like digital certificates, biometrics, and 2FA [two-factor authentication] are top of mind for many organizations that didn’t previously have remote work,” he says.

The use of behavioral analytics for security is intriguing in a remote environment, Hewitt says, although there does not seem to be much deployment yet. There is a big opportunity for technology such as artificial intelligence/machine learning to determine where an employee’s house is located and provide more frictionless access to enterprise resources when the user is in that location, he says.

“Some companies have also been talking about using finger swipes to identify people when they are in the application — not biometric, but the actual gestures they make with their fingers while scrolling, clicking, etc.,” Hewitt says. “It’s an intriguing capability in a remote setting, because you’re better able to identify who is really using a device.”

In addition to security, organizations will need to ensure they are effectively supporting mobile users. “IT support practices and processes will need to evolve and ‘mobilize’ in better meeting the needs of a more remote workforce,” Holtby says. “Traditional IT support will need to ensure systems and support mechanisms are accessible and optimized for use by the mobile worker.”

Modernizing mobility strategies for long-term success

Experts say enterprise mobility strategies and tools can help organizations get through the short-term challenges they are facing — including the work-at-home model — as well as thrive in the long run.

“Enterprise mobility helps keep the business afloat,” Hewitt says. “Simply put, without a mobility strategy you’re going to have to keep people in the office. And with so many regulations out there forbidding that, it basically means you’re out of business. The fact is, every organization is going to need to build a mobility strategy going forward for workforce continuity reasons.”

Modernizing endpoint management tools from older systems to UEM, deploying management models for bring-your-own-device (BYOD) programs, and using tools to support any mobile platform will become key components of mobility strategies, Silva says.

“An outgrowth of this is likely the increased mastery of using analytics data to drive continual improvement, [evaluating] actual usage and performance data to drive decisions on what new tools, systems, and applications [should] come into the digital workplace portfolio,” Silva says.

In the long run, mobility offers an opportunity to provide more flexible workstyles that can be used to attract and retain talent, Hewitt says. “Many organizations I’ve talked to feel they haven’t seen a drop in productivity as a result of moving people remote, so now they’re wondering how to formalize their workplace flexibility strategy to drive additional benefits beyond workforce continuity.”

2019: Dawning of the age of UEM

Unified endpoint management (UEM), a strategic approach that unifies and centralizes the way enterprises manage their deployed devices, is finally becoming a reality.

Over the past decade, enterprise mobility platform vendors have been evolving mobility management tools from simple mobile device management (MDM) through mobile application management (MAM) and enterprise mobility management (EMM) into UEM, which encompasses phones, tablets, PCs, and even IoT devices. The market has arrived at the point where companies can use the latest mobility software to manage their mobile environments in perhaps the most comprehensive and effective way ever.

“A few key vendors have made UEM technically possible, with solutions mature enough to support enterprise-level UEM deployments,” says Andrew Hewitt, an analyst at Forrester Research. Those vendors include VMware, Microsoft, IBM, Citrix, and MobileIron, which can all technically manage the main mobile operating systems, Hewitt says. VMware and Microsoft have the most customers using their offerings for full UEM, he adds.

“We’ve even seen some larger companies successfully move to a fully unified model, inclusive of Windows 10 management,” Hewitt says. “It’s no longer just vendor and analyst driven.”

However, “there are still notable gaps in many of the vendors, in particular with macOS and Windows,” Hewitt says. “The vast majority of companies are still using multiple management platforms, with less than 5% actually using UEM.”

Many of the mobile platform providers are partnering with hardware OEMs such as Dell and Lenovo to develop joint solutions leveraging UEM software, Hewitt says. One example is the Dell Unified Workspace, which he says essentially enables IT teams to automate the provisioning of PCs. “That’s been a huge area of interest for our clients,” he says.

Interest in UEM is being driven by a need to embrace a more modern endpoint management approach, says Adam Holtby, a research analyst at Ovum.

Companies want a more streamlined, centralized, consolidated, and better-integrated technology platform for mobility, and this will drive

investment in UEM capabilities, Holtby says. The interest in UEM signals an intention to move away from the traditional management divide of fixed and mobile devices, he says.

“The ability to create and enforce one policy across the enterprise has become critical,” Holtby noted in a November 2018 report on enterprise mobility trends. “The use cases are becoming better understood, but the pathway to a more modern and unified endpoint management approach is one that remains complex.”

True UEM is still years away for most enterprises

Research firm Gartner thinks it will be three to five years before most organizations with enterprise mobile platforms truly accomplish the transition to UEM. That is due to the complexity in updating staff skills and business processes and in preparing existing technology — especially legacy applications or those developed in-house — for deployment in a UEM model, says Chris Silva, research vice president at Gartner.

“The transition to UEM tools, specifically the consolidation of PC and mobile management to a single tool, is still taking shape,” Silva says.

One mobile platform provider, Microsoft, has shifted its messaging in this space over the last year to emphasize a “co-management” approach, in which Microsoft’s traditional client management tool System Center Configuration Manager (SCCM) configures and manages devices, with Microsoft Intune UEM providing some additional management of the same device, Silva says.

Integration with third-party UEM tools, which Microsoft calls “co-existence,” results in SCCM going into a state where it can take no action on a device beyond imaging the device and providing a feed or inventory information to the third-party UEM, he says. That approach might face some challenges going forward due to the need for a Microsoft tool such as Intune to be present to help enable conditional access to Microsoft resources such as Exchange and SharePoint, Silva says. That could slow the migration for companies that are not all-in on Microsoft, he says.

Indeed, many Gartner clients are tapping the brakes on their move to UEM, Silva says. Some of those organizations that had planned to be “all UEM by 2020 are realizing that this approach invites a lot of additional work” such as modernizing applications and changing deployment processes, Silva says.

“It’s not that they’re backing off [UEM] entirely, but they’ve reassessed their approach and timeline. And in many cases [they] have given themselves extra time to get to UEM, realizing that a hard cut-over from traditional and key process steps like imaging a PC are not supported natively in many UEM tools.”

As with any workplace mobility initiative, Ovum’s Holtby says, a UEM initiative benefits from being championed by a centralized steering group or center of excellence that can help businesses realize value. IT needs to involve all major business units as part of this group.

Pricing and new trends

Forrester’s Hewitt says the costs of mobility management platforms has remained relatively stable, with some decline for commodity mobility management features, especially as these platforms continue to embrace Android Enterprise as a standard. At the same time, “vendors have been increasing prices for UEM-like features [such as Windows 10 management] and other items like analytics,” he says.

In terms of expanding mobile platform capabilities, feature additions at this point are largely minor “fit and finish” enhancements to handle specific capabilities or use cases for particular customer groups,” Silva says.

Gartner is seeing renewed interest from the endpoint management vendors on workplace Internet of Things (IoT), adding support for managing Raspberry Pi devices that might do anything from running a lightweight desktop thin client to acting as a DNS server or a smart appliance, Silva says.

Apple’s tvOS has also seen broader support among the platform vendors over the past year, and many might be looking to Amazon Alexa-enabled devices as the next frontier for workplace IoT, Silva says.

One expanding area of focus for mobility management platforms is analytics for functions such as app usage and security, Hewitt says. “Companies are looking for greater analytics to help guide mobility management decisions,” he says.

There’s a big focus on behavioral analytics for security reasons, Hewitt says. “Being able to baseline user behavior and track it for potential anomalies is a big target area,” he says. “Citrix has been doing this. There’s also a focus on end-user experience, usually on application usage and adoption. VMware has been doing this.”

Another area for analytics is coming from third parties such as Nexthink and Lakeside. “They do end-user experience analytics, looking at performance of devices and apps with the goal of quantifying and tracking end-user experience over time,” Hewitt says.

Another trend is toward browser-isolation technologies, which enable unmanaged devices to access software-as-a-service (SaaS) or other enterprise cloud services, Hewitt says. “We’ve also seen companies looking to use MDM-managed phones as a second [authentication] factor for [logging into] PCs and Macs,” he says.

As for what’s coming down the pipeline, “we’re starting to see more integration of dedicated threat detection capabilities for both mobile and desktop,” Hewitt says. “Mobile is farther along, but some vendors are starting to embed this for [desktop] client security too.”

2018: UEM is the next step

Get ready for some significant changes in the way enterprises manage their growing fleets of mobile devices — and in the technologies they use to provide that management.

A number of trends are impacting the market and vendors’ enterprise mobility management (EMM) platforms, according to experts who follow the latest mobile developments.

“Enterprise mobility is at an interesting inflection point,” says Adam Holtby, a research analyst at Ovum. Device management capabilities, specifically those that help organizations secure devices running mobile operating systems, have been the core driver of interest in enterprise mobility products up to this point.

“However, new capabilities are set to further increase the value of enterprise mobility solutions,” Holtby says. “App management and development, next-generation policy management, data and identity protection, security, machine learning, and mobile analytics are all examples of capabilities that are driving interest in enterprise mobility solutions.”

Moving toward UEM

The most compelling advancement is that of unified endpoint management (UEM), a strategic approach that unifies and centralizes how enterprises manage an estate of deployed devices. Experts say EMM is gradually evolving into UEM.

“We are a still a way off from UEM becoming mainstream, but it will certainly have big appeal to organizations,” Holtby says. Mobility is transformative when the data and insight that can be gathered from the mobile workforce are used to optimize the way that people work, improving workflows and helping make tasks more efficient, Holtby says. “The single, unified view of the devices and apps being utilized by a workforce provided by UEM platforms enables organizations to reimagine working practices,” he says.

UEM is most valuable when it’s used not only to provide a unified view into devices and apps, but when cross-functional workflows that extend across different endpoints are improved because of the insights and data the unified environment provides.

It delivers a consolidated and more reliable level of data into the state of devices and apps used by employees, as well as insight into identity and how hardware and apps are being used. “This is in some contrast to the more fragmented approach businesses have been used to that involves different tools and disconnected workflows,” Holtby says.

One of the biggest benefits of UEM is that the added visibility around mobile use leads to better reporting and analytics. Workflows can be enhanced by factoring in this information. “For example, using real-time geolocation information to deliver contextualized services or notifications to employees can have a positive impact on the user experience,” Holtby says.

When evaluating EMM platforms, it’s important to note the ability of the product to support the eventual move to UEM, says Chris Silva, research vice president at Gartner. “There are some products out there that are pure PC or pure mobile and will not scale,” he says.

Many of the market leaders including VMware, BlackBerry, MobileIron, IBM, Microsoft, and Citrix are actively pushing this goal for clients, Silva says. “Anyone using a tool that doesn’t have a roadmap toward UEM at this point is likely going to need to go shopping for a new tool in a couple years,” he says.

Data analytics, security and privacy take center stage

More powerful data analytics and proactive problem remediation are among the biggest recent developments in EMM, Silva says.

Some vendors are building dashboard capabilities that enable administrators to see not only how many devices have not updated to a particular operating system version, but which are susceptible to certain vulnerabilities as a result, Silva says. There’s nothing available yet in terms of automated actions based on these analytical findings, he says, but that’s coming.

An emerging feature is the ability to do risk-based analysis to grant access to applications, says Andrew Hewitt, an analyst at Forrester Research. “Some of the vendors in the space are able to assign risk scores to users and grant them access — or block access — based on certain attributes,” he says. “This risk-based approach has the ability to greatly improve the experience for the user.”

Another key trend is the need for better mobile security and privacy.

“Enterprises are increasingly becoming aware of the necessity of mobility for business success, but still are weighing the compliance and risk factors related to more open access,” Hewitt says.

The emergence of new regulatory requirements such as the European Union’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act of 2018 will help drive the appeal of mobility management platforms. While security has always been a key theme driving adoption of EMM, initiatives such as the GDPR and the CCPA will make this an even greater priority for organizations.

“A lack of data protection and security will place organizations at risk of serious financial penalties and reputational damage,” Holtby says. “At worst, the repercussions of a data breach could see businesses risk their very existence.” EMM can help organizations standardize and audit how they secure and govern mobile devices, apps, and the content and data on them.

While the market is seeing shifts in the focus of EMM technology, product pricing has been fairly steady, Hewitt says. “There’s definitely a decrease in price for commoditized features of EMM, like MDM [mobile device management] and anything else that is now available in an OEM API,” he says. But the influx of new features such as analytics keeps the price about even.

What’s next: AI, ML, AR and more

In the coming months and years, mobile technologies will continue to evolve. New capabilities, such as on-device artificial intelligence (AI) and machine learning (ML), augmented reality, and advanced biometric capabilities, are beginning to deliver new ways for workers to leverage mobile devices and apps.

“It’s hard to have a conversation around enterprise technology without the subject of artificial intelligence being a focal point,” Holtby says. Ovum research shows that 71% of enterprises are either considering or planning to use AI, bots, and machine learning over the next 12 months, and 65% of organizations think AI will have an impact on their workplace over the next three to five years.

“In the realms of enterprise mobility — a vital digital workplace element — AI provides many opportunities and challenges that organizations need to be aware of,” Holtby says. “Increasingly, providers of enterprise mobility solutions are introducing AI capabilities to support organizations in optimizing mobile workflows and in improving mobile reporting and analytics.”

2017: EMM suites go beyond MDM, add sophisticated capabilities

The global workforce is more mobile than ever. And for many organizations that are trying to control the burgeoning mobile device and app environment, deploying enterprise mobility management (EMM) systems has become standard operating procedure.

“Mobility continues to transform how employees undertake work, and EMM technology is an important component in the successful execution of digital transformation initiatives,” says Adam Holtby, research analyst for enterprise mobility and productivity at Ovum.

Originally called mobile device management (MDM) software, EMM products continue to evolve and now offer features that go well beyond device management, Holtby says. “Being able to manage a broad device estate via EMM is a compelling proposition for organizations,” he says. “Next-generation policy-management capabilities and the ability to derive meaningful context about not only the devices being used by an employee base, but also about the employees themselves, can be transformative for organizations.”

As smartphones and tablets did previously, a new wave of connected devices is set to disrupt the enterprise technology landscape with the growth of the internet of things (IoT).

“EMM solutions are well-positioned to support organizations in managing many of these connected things,” Holtby says. “This should help organizations in adopting a more strategic, less chaotic, proactive approach to how [IoT] can be effectively leveraged within the business environment.”

EMM vendors are investing heavily in expanding their products into more functional platforms that can support organizations as they try to manage a more diverse endpoint environment, Holtby says. Supported by increased use cases and improved capabilities, these unified endpoint management (UEM) tools will gain in popularity, he says.

The move toward UEM will not happen overnight, notes Andrew Hewitt, an analyst at Forrester.

“Vendors like AirWatch are pushing for unified endpoint management to allow organizations to manage mobile devices, PCs and even IoT devices,” Hewitt says. “For now, we’re seeing this as a mostly vendor- and analyst-driven movement, though, as the complexity of managing legacy Windows applications and [operating systems] remains a significant challenge.”

New areas of focus: Mobile identity, analytics, Office 365

The expansion of EMM capabilities will come with challenges associated with security. Specifically, there will be a heightened demand for capabilities that can help organizations manage mobile threats along with other endpoint threats, Holtby says.

Indeed, one of the more notable trends in the market is a greater focus on mobile identity.

“Employees today use multiple devices and are always on the go, connecting to company resources from different locations throughout the day,” Hewitt says. “As a result, we’re seeing the EMM vendors provide more contextually relevant identity tools,” to either allow or restrict access to corporate resources based on the network the employee is using.

There is also more sophisticated use of analytics with EMM systems, helped by advances in machine learning and artificial intelligence technologies.

“The data and information that EMM solutions can gather and present provide organizations with an opportunity to realize new workflow efficiencies, react more quickly and relevantly to employee behaviors and demands, and make better business decisions armed with data,” Holtby says.

Another trend in the market involves Microsoft Office 365 (O365). “As O365 becomes more commonplace, many of the users we talk to are struggling to figure out how to best optimize that experience with their current EMM of choice,” Hewitt says.

“Employees want a seamless, native experience with O365, and so far that has been hard to come by in the EMM market,” Hewitt says. “We expect vendors to continue to integrate O365 into their portfolios, expand their ability to manage Windows 10 PCs, and offer better support for Windows Store.”

The outlook for EMM

All of this is happening as prices are rising for EMM products. Prices will continue to go up as the variety of devices increases and becomes more complex and the threat landscape grows larger, Hewitt says. “I don’t see the increase as being price prohibitive, though,” he says. “The risks of not managing your enterprise mobility efforts are too great.”

The rise in prices “is in response to a greater number of organizations embarking on enterprise mobility strategies, and they need technology to support their efforts,” Holtby says. “Demand is strong and the need for capabilities that extend beyond solely device management is increasing. Additionally, EMM solutions are evolving far beyond their modest MDM roots in offering capabilities that can help organizations deliver against broader digital initiatives.”

Just prior to the spate of acquisitions that took place in the market in the 2012-2013 timeframe, prices were in a downward spiral due to intense competition for market share, but prices at that level were not sustainable, says Bryan Taylor, research director at Gartner. “Though prices did rise over the last year and a half to two years, we don’t expect this to continue,” Taylor says. “Already, some leading vendors are restructuring list prices across all of their SKUs, and we’ve seen a slight downward trend for street prices in the last quarter or so,” Taylor says.

Looking ahead over the next few months, Taylor expects to see EMM technology vendors increasingly focus on analytics capabilities, as well as PC/Mac management capabilities and, for some vendors, forays into IoT.

Short term, there will be relatively small changes in what EMM software offers, Hewitt says. These include: Updated dashboards to make them more user-friendly and to offer more dashboarding capabilities; expanded support for Android for Work; and better analytics on device usage.

“Long term, I do think EMM will evolve in a number of ways,” Hewitt says. “First, it will manage an increasing array of devices as the market goes towards [unified endpoint management]. It will be a key ecosystem player for the IoT eventually.”

Second, EMM will become more contextually aware, offering up apps and services to mobile users depending on the location in which they are working, Hewitt says. Finally, EMM will need to contend with the likes of new collaboration methods, such as chat.

“Overall, we expect the market to turn its focus away from simple management and security of devices, apps and data to better enable employees to accomplish their jobs,” Hewitt says.

2016: Mobile management takes on apps, content

Corporate mobile infrastructures continue to grow, with both company-issued and employee-owned devices playing a key role in supporting business processes. Enterprise mobility management (EMM) suites are often the way enterprises manage these increasingly complex environments.

The worldwide market for EMM products is forecast to grow to more than $4.5 billion by the end of 2020, according to technology research firm Radicati Group, versus an estimated $1.8 billion in 2016. That represents an average annual growth rate of 27% in the next four years.

EMM provides companies with ways to secure their mobile infrastructure, as well as to control device policies and manage mobile apps, content, networks and service. The platforms have been around for a while; some might know them as mobile device management (MDM) suites. But those suites have matured and adopted new features, and industry analysts say EMM has now reached the point where it’s the go-to method.

EMM also plays a role in overseeing expenses related to communications services, mobile policies and identity management.

Of these jobs, “content and applications are probably most important in a mobile environment, assuming the identity component is in place across the organization,” says Craig Mathias, principal at Farpoint Group, a research firm that specializes in wireless and mobile technologies and services.

Managing mobile assets becoming more critical

The focus on application management will no doubt continue as companies build, acquire and deploy even more business apps for devices — and as those apps become more critical to the business and not simply add-ons.

“More organizations are focusing on actual business transformation through mobile, rather than simply deploying mobile capabilities and pursuing productivity gains,” says Bryan Taylor, research director at Gartner.

Adding to the demand for mobile app development is the rising use of wearable devices in industries such as oil and gas, utilities, healthcare and transportation. Mobile analytics in particular is a hot area, Taylor says, particularly operational and behavioral analytics.

Naturally, the protection of these mobile apps is a high priority for organizations.

“We’re seeing an increased focus on app and data security, access control and overall management of these aspects of enterprise mobility,” says Phil Hochmuth, program director for enterprise mobility at IDC. “With BYOD and multi-device users, the shift is moving from security on the device to the apps and data. Tying all this back to an identity-based platform for management is another larger trend.”

Where mobile OSes fit in

Within mobile operating systems, “the built-in management capabilities aimed at the enterprise will continue to evolve and will impact everything from app development to operational processes to technology investments,” Taylor says. “This has been a moving target for a while now, but we really saw increased impact in 2015 and we expect this to have a significant effect over the next couple of years.”

Nearly all of the policies set via EMM are actually just accessing management APIs that are part of the mobile operating system on the target device, Taylor explains. Both iOS and Android have expanded the scope of such APIs with each new release. Recent examples include the Android for Work capabilities that came out with Android 5.0 (Lollipop), and iOS 9’s ability to allow IT to manage an already installed app, rather than just apps that have been distributed via the organization’s enterprise app store, he says.

“The major impact to enterprise mobility has been that more and more organizations use the built-in management APIs to manage mobile apps,” he says. This is opposed to a proprietary roll-your-own approach through software development kits, for instance.

Now that mobile is becoming an integral part of business operations, Taylor says, the need for service management — monitoring the availability of important back-end services — will become more important. So, too, will the need for integration between EMM and wireless LAN management systems, and EMM and identity and access management systems. “After years of pie-in-the-sky promise, IoT [Internet of Things] and M2M [machine-to-machine] technologies are really starting to shake things up and we’ve only just begun,” he says.

IoT “represents a growth area with huge potential for EMM vendors,” Taylor says. AirWatch’s software, for example, manages all Coca-Cola Freestyle machines — nearly 38,000. These machines serve up over 150 flavors and types of soft drinks.

“These are internet-connected ‘smart machines’ that can self-inventory and ‘call home’ when they are running out of flavor X, and they can self-diagnose as well,” he says. “EMM is the management framework many such IoT systems will use, from connected cars to appliances to vending machines.”

There are several functions EMM provides to the dispensers, including managing reorders for things like syrup and related supplies. The AirWatch solution provides software and content updates, collects dispenser data, and transports it to various enterprise and external applications. It streamlines the process for content pushes, dispenser management, dispenser enrollment, troubleshooting and feature deployment.

Company-provided vs. employee-owned devices

Experts say the end of the traditional two-year phone contract from Sprint, AT&T and other service providers will not necessarily have an impact on bring-your-own-device (BYOD) programs and mobile management.

“It really doesn’t affect it much at all,” Taylor says. “A growing number of organizations in the U.S. and Canada provide subsidies of one type or another to cover a portion of the monthly carrier fees.”

Best practice has long been to use EMM on all devices, including those that employees bring in themselves, Taylor says. “But there is quite a bit of evidence of increased user resistance to organizations installing EMM on personal devices over the last year or so,” and that’s why many organizations are now trying MAM-only (mobile application management) approaches for BYOD, he says.

But even managing just the apps can be problematic if companies want to deliver apps that come from commercial stores to BYOD devices, Taylor says. For one thing, wrapping public apps is now expressly prohibited in Apple’s license agreement.

App ‘wrapping’ now prohibited

App wrapping is a form of code injection that allows IT to add management capabilities to apps for which they don’t have access to the source code, Taylor says. “It allows them to inject management code into a binary executable so the app can be managed using EMM without enrolling the device,” he says. “Apple has never liked organizations doing that with public apps” — those obtained through the Apple store — but for a long time “made no specific prohibitions against it.” But that changed in the wake of iOS 9, he says, when Apple specifically prohibited companies from wrapping public apps.

“This makes enrolling in EMM and using the native OS app management APIs the only way to manage public apps,” Taylor says. “So if you buy an off-the-shelf SAP front end, the only way to manage it and apply policies to prevent data leakage is to enroll the device in EMM so you can access the built-in OS app controls. You can’t get around this prohibition. You just have to play by Apple’s rules, and that means managing your apps using EMM.”

In the early days of BYOD, “users were so eager to turn in their BlackBerries and be able to use an iPhone that they would sign just about anything you asked them to,” Taylor says. “But since then, the motivation is not as strong as most BlackBerry shops are now iPhone shops, and users have become more aware of the potential threat to privacy EMM presents.” Many users fear that IT can see their pictures, read their personal texts, etc., and fear enrollment because of it, he says.

“The net result is a larger percentage of users not wanting to agree to participate in BYOD if EMM enrollment is a requirement,” Taylor says. So organizations are experimenting with less powerful methods of securing company data on mobile devices, using standalone MAM, for instance.

“But Apple and Google have designed their OSes to be managed by EMM, and limit what IT can do without enrollment in EMM,” he says. So even though organizations are experimenting with ‘lighter’ management approaches, many “find them unsatisfactory. They then decide they do in fact need EMM, and look at other methods such as improved communications to users and clear statements of commitment to user privacy to encourage recalcitrant users to enroll.”

For BYOD to work, Taylor says, due to such potential privacy concerns, “you must make BYOD opt-in as opposed to mandatory, and you need to provide an organizationally owned/issued device as an alternative for those users who qualify if they choose not to allow the organization to enroll their personal device.”

The all-important mobile policy

Organizations should have policies in place regarding what devices and device operating systems are acceptable, how often devices may be upgraded and what percentage of both the device cost and monthly service plans are reimbursed, Farpoint Group’s Mathias says.

“It may be that none of the device cost is reimbursed — since everyone is going to buy a device regardless — in which case the frequency of upgrade is irrelevant.” Another thing organizations need to spell out is who is responsible for updating the operating system and all the apps on the device.

If companies are managing only employee-owned devices and not those owned by the business, they will likely not require different EMM features or functions, Mathias says.

“The same policies would apply in both cases,” Mathias says. “The only difference is that the management capabilities applied to [an employee-owned] device need to be clearly spelled out in the BYOD agreement signed by all participants,” he says.

Most organizations enforce only a handful of common policies on mobile devices with EMM, and historically haven’t treated user-owned devices differently in this regard, Taylor says. But the growth of user privacy concerns has prompted some organizations to re-evaluate this to determine if a less restrictive set of policies on user-owned phones can adequately balance the need for security and compliance against the user’s desire for autonomy and privacy.

As for working out the networking/data costs with mobile devices, “in general, we recommend either a fixed amount, or in some cases, a fixed percentage,” Mathias says. “It’s possible to apply more complex schemes [such as] variable percentage, actual costs, etc. But the cost of implementing these can be high. It’s best to keep it simple. Trying to control usage is usually somewhere between futile and irritating to both parties.”

Looking ahead to future developments with EMM, there will be a “continued evolution to apps and data as the focal point of security and management,” IDC’s Hochmuth says.

“We’re also anticipating rapid growth of home-grown enterprise mobility apps,” Hochmuth says. “As enterprise app development programs mature, solutions such as mobile back-end as a service and mobile app development platforms [will] supplant traditional app development efforts in the enterprise.”

2015: Mobile device management broadens

Mobile device management (MDM) products continue to evolve as mobility takes on an increasingly important role in the enterprise, and as vendor consolidation continues.

Research firm Gartner Inc. describes MDM as one of “three pillars” that make up an enterprise mobility management (EMM) suite. The others are mobile asset management and mobile content management (the latter includes enterprise file synchronization and sharing).

“Organizations are looking beyond the need for MDM to a more holistic suite of EMM capabilities” that includes the management of mobile apps, mobile content and how devices and services are actually being used, says Philippe Winthrop, global mobility evangelist at Computer Sciences Corp., who follows the mobility industry as an analyst.

While many companies are still rationalizing their bring-your-own-device (BYOD) approaches, others are also considering, or have already adopted, a corporate-owned, personally enabled (COPE) scheme “that can mitigate some of the more common challenges around developing a BYOD policy,” Winthrop says.

With COPE, an organization provides devices and resources such as laptops, tablets, smartphones and software to employees, which they use and manage. It’s the opposite of BYOD, in which workers use their own devices for work.

What’s helping to drive the need for more comprehensive mobility management is the expanding use of mobile devices in the workplace. (Here’s a detailed chart of features and functions in 10 different products.)

“Organizations are rapidly moving from using mobile devices simply as communication tools — email, voice — to using them as general-purpose computing tools,” says Bryan Taylor, research director at Gartner. “In the process, they are deploying greater numbers of apps for both productivity and business enablement, and facilitating access to content securely.”

The app management and content management components of EMM are increasing in significance accordingly, Taylor says.

“In addition, there’s an increasing need to accommodate use cases where an MDM profile on the target device isn’t practical, such as with contractors or with employees like certain healthcare professionals, who may work for several providers in a given week,” Taylor says.

For those cases, mobile app and content management deployments are becoming more common, Taylor says. In other words, instead of securing the device itself, enterprises are securing the applications and content on the devices.

“In parallel, as mobile app deployments increase, organizations are expressing a higher level of interest in capabilities like operational analytics,” which will allow companies to have a more granular view of how apps are being used, he says.

A big challenge for MDM providers is that the technology today is “a tiny part of enterprise mobility management overall, and it’s probably not the most important anymore,” says Craig Mathias, principal at Farpoint Group, a research firm that specializes in wireless and mobile technologies.

“MDM is really about configuration management and verification, and services like backup in some cases,” Mathias says. “But mobile content management and mobile application management are far more important. MDM should be viewed as necessary but not sufficient, and you’ll note that most of the vendors [are now including] functionality well beyond MDM.”

Expense management is another important component of a mobility strategy, as is policy management for security and usage guidelines, Mathias adds.

The biggest development over the coming months and years “will be the ‘demise’ of MDM/EMM,” Winthrop says. “What I mean by this is that mobile technologies will have become so pervasive that they will become the primary modality for end-user computing… This is not to suggest that the core capabilities of EMM will no longer be necessary. But rather they will be integrated into larger [and] broader management suites.”

The rollup of EMM “into higher-order enterprise management systems is going to become very popular over the next few years, along with cloud-based solutions,” Mathias says. These cloud services could lead to benefits such as improved scalability and a reduction in operating expenses, he says.

“In terms of technology, I expect to see mobile [operating systems] vendors include more of this functionality where it belongs: In the OS,” Mathias says. “Standards could be important here, but good mobility management needs to be safely inside the OS, not bolted on top and acting like a rootkit. Check out what Apple has done here with iOS. Crude, not entirely effective, but an obvious strategic direction.”

Apple has built an MDM framework into iOS designed to be scalable enough to fully configure and manage all the iOS devices within an organization. It provides features such as granular control over corporate managed accounts, apps, documents and data, as well as password enforcement and remote lock or wipe of lost or stolen devices.

Vendor and product consolidation will continue apace, experts predict. “I see more organizations acquiring pure plays of MDM, which are being swallowed up into larger systems,” Winthrop says.

Indeed, pure-play MDM companies will have difficulty surviving on their own, Winthrop says. “Who’s to say when the next wave of pickups will occur?” he says. “But it will happen. It’s a matter of when, not if.”

Taylor expects to see a growing number of vertically oriented MDM solutions, aimed at specific industries such as healthcare and education. “BYOD is still growing in adoption, and solutions for managing the billing aspects, such as split-billing, are starting to appear,” he says. Split billing is the division of bills for services into two or more parts, such as between employers and workers.

This and other features will become offered by an increasing number of vendors in the coming months, he says.

What remains to be seen, however, is what impact trends such as the growth of wearable devices and the emergence of the Internet of Things (IoT) will have on the management of mobile devices.

“That’s a big question,” Winthrop says. “Wearables in the enterprise makes a ton of sense, for applications such as patient monitoring and making it much easier to do remote diagnostics. That’s a huge opportunity. But it’s also an unanswered question in terms of the overall security and governance model for wearables in the IoT context. It’s all up for grabs right now.”