BYOD, which stands for “Bring Your Own Device,” started to become a notable trend in the mid-2000s. As the adoption of devices into the work environment increased, so did the number of acronyms describing the solutions for managing them. This article seeks to clarify all the terms you may come across when preparing your BYOD solution.
What is an MDM?
In response to the adoption of the corporate-owned mobile device, first were Mobile Device Management (MDM) technologies, which solely drove at controlling devices.
- Device enrollment – Register the type of device and owner of the device
- Remote control – Ability to remotely access the device
- Device lockdown – Ability to remotely shut down the device
- Location tracking – Ability to know where the device is
What is an EMM?
From that starting point, Enterprise Mobility Management (EMM) evolved, which incorporated MDM features and added capabilities.
- Bring Your Own Device (BYOD) – Separate business and personal use of the device
- Mobile Application Management (MAM) – Allow for the precision control of only corporate applications and documents
What is a UEM?
As devices multiplied and diversified, the need to manage them from a central console led to the rise of Universal Endpoint Management (UEM) solutions.
- Mobile Threat Management (MTM) – technologies to prevent viruses and unauthorized use
- Identity and Access Management (IAM) – technologies such as single sign on, Multifactor Authentication, and biometric sign on
- Containerization – put work apps and data within a walled garden, separating it off from personal applications and data on the device
- Management for endpoints such as smartphones, tablets, desktops, printers, scanners, and Internet of Things (IoT)
Considerations when choosing a UEM
For smaller organizations that aren’t monitoring many different types of devices, the capabilities of MDM or EMM may do. MDM manages users’ devices through policies and compliance rules, and that’s all. This limited functionality can have some pitfalls when it comes to BYOD policies that we’ll dive into later on. EMM corrects for these but can result in high costs from the necessity of multiple vendors, contracts, and infrastructures, and staff and training requirements. Furthermore, all of these different infrastructures can introduce security risks, as they provide multiple lines of attack, and compliance risks, as they complicate management.
Core UEM features
There are many available UEMs out there, each tailoring themselves for a particular business use case. Most organizations want from a UEM that:
- Allows employees to choose their devices
- Separates corporate and personal data
- Secures and administrates mobile apps and business communication
- Protects data and intellectual property
- Gathers data that benefits their organization
- Keeps employees happy and productive on their device
The objective is to ensure employees aren’t jumping through too many security hoops to work while making sure the enterprise is protected from security and other threats.
Factors in choosing a UEM
- Types of business apps users commonly work with
- Security and regulatory compliance requirements
- Network and service management features needed
- Mobile operating systems in use
- Reporting capabilities needed
- Application and content management needs
- Ownership model of devices (corporate-issued, COPE, BYOD, etc)
- Whether users frequently travel overseas
UEM benefits both IT and users. For IT, UEM grants a central console they can use to remotely provision, control, and secure all devices, including cell phones, tablets, laptops, desktops, and Internet of Things (IoT) devices. This helps IT easily secure hardware, perform analysis, and protect data. For users, UEM often offers automated enrollment, pre-configuration, and retirement for any device. The robust functionality UEM offers make it the solution for the forward-thinking global, highly regulated, enterprises that want to go mobile.
When your organization launches a UEM, you’ll need applications that are compatible. That’s where MultiLine comes in because we provide a UEM-ready calling and texting solution. MultiLine can be deployed with any EMM or UEM so that it is compatible with the management needs of your business. However, we offer deeper integrations with two leading UEM providers— Microsoft Intune and BlackBerry UEM.
MAM vs MDM
The convenience of using your own mobile device for work is something many would consider, until they learn their company could, and might, wipe all their data in cases such as losing their device or leaving the company. Far fewer people are going to be willing to sign away the rights to their personal data, which could halt the adoption of BYOD in its tracks.
“We’ve started to see civil cases take shape,” Chris Silva, a Gartner research director said. “New York State is an example that comes to mind. Someone was a contractor; they signed away their rights on the dotted line. They ended their contract and left. The device got wiped and the last photos of a dead relative were destroyed. It found its way into a courtroom. That’s had a chilling effect on this.”
88% of employees are using their own mobile phones instead of corporate-issued ones, according to a Gartner study. With MAM your employees can have a little more peace of mind when they opt into BYOD because IT only controls the applications and business data. So if an employee loses their device or leaves the company, IT can remove the business data and access to applications and business data from the smartphone, tablet or laptop, without wiping the entire device. MAM also allows applications to be remotely updated with new features and patches, making it easier to address new security threats quickly.
The Intune and BlackBerry UEMs both can be configured for either your MAM or MDM needs and the MultiLine app will then be manageable under the policy as all your other work apps. These UEMs, as well as the MultiLine application, can be deployed to all devices entirely over the Internet.
UEMs usually provide features that help make it easier for the user to prove their identity without disrupting the workflow. The three most common of these are Single Sign-On, Multi-Factor Authentication, and Biometric Authentication. MultiLine integrates with the UEM authentication framework for BlackBerry and Intune. Depending on your setup, you can enable these features to secure the MultiLine application.
- When users have many different apps that they work with, it would be a pain to sign in to every app individually. Single Sign on reduces the number of logins required by providing a method to securely authenticate users across all of your organizations’ cloud applications with a single login.
- Multi-Factor authentication is a method that allows additional factors other than just a password to grant access to corporate applications and devices. Many are familiar with two-factor authentication, which usually involves entering the password, and then entering a code sent to the user by a text message to a trusted device. Multi-factor authentication can involve many factors, active, such as the text message example, or passive, such as geofencing (restricts by location) and timefencing (restricts by time of day).
- Biometric authentication is using some part of the person to authenticate. Two common biometric authentication methods are thumbprint (using a hardware sensor to detect the user’s thumbprint) and facial recognition (using the front-facing camera to detect the user’s face). Biometric authentication methods are easy to use and hard to spoof, making them a popular choice.
MultiLine brings calling and messaging to your BYOD solution
With MultiLine, all your employees, regardless of global location, get a secure business number through our application. The app provides a dialer, contact list, caller ID, voicemail, SMS and call logs, do not disturb, and business hours scheduler. Because it is a real number that works over a carrier, it’s usable over cellular voice, mobile data, and Wi-Fi networks so employees can take care of business on-the-go.
We’re experts at providing compliant voice and text—providing many options for streaming captured communications to your archival solutions, and configurable announcements to alert parties that their communications will be recorded. We also offer add-on products such as SMS Opt-In, for organizations that need to capture consent to text with customers or clients, SMS Redaction, for organizations that need a Lexicon Policy to block illegal sharing of personal information or other undesirable messages.
Whether you’re using one of the UEMs we specifically integrate with, or another UEM/EMM solution, or no EMM at all, MultiLine can integrate with your tools to make sure that you can track, analyze, and audit all of your mobile calls and texts. MultiLine also integrates with CRMs, such as Salesforce Lightning. To find out more about how we can integrate with your business tools, get in touch with our customer success team.