Enterprise mobility management (EMM) is the set of people, processes and technology focused on managing mobile devices, wireless networks, and other mobile computing services in a business context. As more workers have bought smartphone and tablet computing devices and have sought support for using these devices in the workplace, EMM has become increasingly significant.
The goal of EMM is to determine if and how available mobile IT should be integrated with work processes and objectives, and how to support workers when they are using these devices in the workplace.[1]
A 2012 study showed that about two-thirds of smartphone owners used their personal devices for enterprise-related activities.[2] Supporting a wide variety of device types and operating systems can introduce security risks and added costs for businesses.[3] [4]
A 2011 survey showed that three quarters of U.K. and U.S. CIOs surveyed considered mobile technology to be a significant security problem, although consumers were generally less concerned.[5]
Because mobile devices are easily lost or stolen, data on those devices is vulnerable. Enterprise mobility management is a set of systems intended to prevent unauthorized access to enterprise applications and/or corporate data on mobile devices. These can include password protection, encryption and/or remote wipe technology, which allows an administrator to delete all data from a misplaced device. With many systems, security policies can be centrally managed and enforced. Such device management systems are programmed to support and cooperate with the application programming interfaces (APIs) from various device makers to increase security compliance.[6]
The data transfer between mobile device and the enterprise should always be encrypted, for example through a VPN tunnel[7] or over HTTPS.[8]
Mobile devices in companies with "bring your own device" (BYOD) policies are often used both personally and professionally. In these cases, corporate IT has less control over whether malware is on the device and what damage may be caused to corporate data. Apart from careful user behavior - data storage on the mobile device should be limited and centrally organized.
The diversity of Android devices appeals to consumer buyers, but is a source of anxiety for IT security experts. OpenSignal, a UK-based mobile company, recently published a survey of almost 700,000 devices and reported approximately 12,000 distinct Android devices using eight different versions of the Google operating system. For many IT organizations charting out their BYOD strategy, this translates into security risks that are tough to monitor and control.[9]