Enterprise Mobility Management: Concepts in Endpoint Management

Roberto Casetta, FrontRangeEmpowering a mobile workforce is essential in any modern enterprise to meet business goals and remain competitive. Mobility increases end user productivity, agility and job satisfaction, resulting in improved business performance. Although workforce mobility is most often associated with the adoption of portable devices (i.e. smartphones and tablets), the topic is actually more applicable to the portability of IT services. The core goal of mobility is to enable users to access business resources – including applications, data and other services (such as email, messaging and databases) – from any device at any location at any time.

Ironically, most end users have already embraced mobility concepts and incorporated them into their regular work experience. In fact, according to research by industry analyst firm Enterprise Management Associates (EMA), roughly 58% of mobile device users and 29% of laptop users actually purchased the devices themselves and brought them into their workplace.

No longer content with being chained to an office environment, workers are demanding unprecedented mobile access to business IT resources. In many cases, IT managers have been caught unprepared to support the influx of new requirements for supporting mobility. Introducing enterprise mobility is therefore primarily a challenge for IT operations to accept changes to its processes that will foster improved workforce productivity.

However, introducing process changes to support mobility is not a trivial matter. IT administrators are already exceptionally busy meeting existing server and desktop support requirements and service level agreements, while meeting security and compliance objectives. Typically, IT administrators spend the bulk of their time on reactionary “firefighting,” often requiring an inordinate amount of out-of-hours support. This leaves little time to implement new procedures for extending support to an additional set of mobile devices and operating systems.

Further resistance to supporting enterprise mobility comes from the fact that IT administrators are used to having complete control of the endpoints they support and are often reluctant to allow end users the freedom to select and use devices without restrictions.

To be effective in supporting workforce mobility, IT administrators must focus on the secure delivery of services, rather than maintaining control over the endpoints. Devices also still need to be managed, but just to ensure they are optimally configured to perform business tasks, rather than fully governed by IT operations. This can be a difficult concept for IT administrators to accept as they must let end users take some or all responsibility for their own devices.

Enterprise mobility management processes shift the role of IT administrators to focus primarily on the secure and reliable delivery of business IT resources in order to empower end users with the flexibility to perform business tasks on any device with which they will be most effective.

Transitioning IT Operations to Support Workforce Mobility

In order for IT administrators to successfully enable enterprise mobility, management processes must be adopted that effectively reduce administrative efforts and costs while enabling broad but secure end user access to business IT resources. Methods for achieving this can be logically segmented into three key areas.

Consolidate Management Processes and Resources

All user devices used to perform business tasks – including smartphones, tablets, laptops and desktop – should be monitored and managed from a single unified console. Begin by discovering configuration and status details on all devices and recording them in a consolidated asset data repository. This enables a holistic view across the support stack to facilitate a rapid identification of issues and provides administrators with the strategic information necessary to make informed decisions on optimal configurations and proactive improvements.

Business applications, data, and services should also be consolidated onto enterprise servers (rather than distributed on endpoints) and then delivered to remote devices as a services. This creates a single point of management for business resources, greatly simplifying tasks such as patching, updating, and configuring. By shifting the primary management focus towards securing and delivering IT resources (rather than physical devices) administrators are able to address business-facing challenges while reducing support efforts. Additionally, delivering business resources as services allows end users to provision them on any device they wish.

Isolate Business Resources from Users’ Personal Resources

To ensure users have the freedom to employ their devices (whether employee or business-owned) in any capacity they choose, only the business resources that are served to the endpoints should be subject to enterprise restrictions. To enable this, business resources must be isolated from personal applications and data. The most common processes for achieving this include ‘containerisation’, virtualisation, and application wrapping. Regardless of which method is employed, the ability to move between business and personal resources should be simple and intuitive to the end users to ensure they remain productive. In this way IT administrators can enforce business requirements on the isolated resources without impacting or diminishing the users’ ability to perform personal tasks on the devices.

Enable End User Self-Service

End users should have the ability to provision their own devices with little or no interaction with IT operations. This can be accomplished with a consolidated application delivery system, such as a mobile AppStore, that provides a “one stop shopping” experience for accessing all business applications, including static applications, virtual applications, and web applications. Similarly, data can be stored and distributed via a secure share or other centralised and commonly accessed repository. All provisioning procedures should include approval and authentication processes to ensure resources are only accessed by authorised personnel.

In Summary

At the core of enterprise mobility management is the need to enable a secure, user-focused delivery of IT resources and services. However, this cannot be effectively implemented unless it also includes processes for minimising administrative efforts. By not trying to “drink the ocean” in supporting everything installed on every device employed by every user, and instead focusing on the secure delivery of business IT resources as a service, administrator time is used more efficiently – the number of user requests are greatly reduced, management complexities are minimised, and the need for out-of-hours support becomes a rare event. In reducing requirements, administrators are freed up to implement new and enhanced business-facing IT services and transform the delivery of endpoint management services into being proactive, rather than reactive.


Article originally appeared in ITSM Review on March 11, 2014