August 7, 2019

Pros and cons of moving mobility management to the cloud

Joel Snyder

With mobile devices firmly bolted into the technology ecosystems of companies of all sizes, IT managers need to add one more management system to an overflowing toolbox of products: something to manage mobile devices. The acronym changes depending on whom you talk to, but generally these are called Mobile Device Management (MDM) or Enterprise Mobility Management (EMM) systems.

Why MDM or EMM tools? It’s a question of closing the loop on management and security. At home, people are accustomed to “managing” their own home computer. But IT managers know that this isn’t a good approach for enterprises, where downtime costs money and security breaches can bring a company to a standstill. Thus, companies of almost every size have some sort of desktop or laptop management tool to help configure basic settings, schedule patching, assist in software installation, provide inventory information and control security options.

That same argument extends to mobile devices, for exactly the same reasons. Employees could manage their smartphones by themselves, and are probably already doing it, especially if there’s a BYOD program in place. But people are busy, less than expert in operating systems or security and don’t necessarily value lost time the same way. So IT managers should be using MDM/EMM tools to provide the same set of services for mobile devices they do for desktops and laptops: option configuration, patch management, security controls, software and hardware inventory and so on.

Why don’t we see those tools everywhere already? Many IT managers are hesitant given the difficulty they experience getting desktop/laptop management up and running. It wouldn’t be fair to say that all desktop management systems are a nightmare to install, onerous to configure and positively frightening to debug and manage. But enough of them are that IT managers have looked at MDM/EMM tools and sometimes said, “Hmmm, maybe I can do without.” We all know the expression “no pain, no gain,” but sometimes the pain is a little overwhelming and discourages folks from taking the necessary steps toward digital security.


Heading to the cloud

Fortunately, there’s an option to help avoid all that pain: cloud-based mobile security tools. With cloud-based tools, the hard part of MDM/EMM deployment is off your plate. The tools are there, ready to go — you don’t have to worry about availability, scalability, security updates, firewalls or almost anything. Instead, IT managers get a simple web-based GUI, relatively easy to understand, that lets them define and push policy to a broad spectrum of mobile devices.

Part of the reason cloud-based MDM/EMM is readily available is that some of the worst parts of end-user computing management in Windows just don’t exist in a typical smartphone deployment. In the world of Windows, with thousands of group policy settings, even a small company could have a dozen or more group policy objects (GPOs) to create, manage, consolidate and correlate. Smartphones aren’t as complicated as Windows: a few screens to handle collaboration tools (such as email), security and network settings (such as Wi-Fi and VPN), some application management and you’ve covered a huge percentage of what there is to manage in smartphones. Helping IT managers control those few smartphone settings with cloud-based MDM/EMM tools is a much easier task than managing Windows desktops and laptops.


Deeper advantages

Another advantage of cloud-based MDM/EMM is integration with the operating system, without necessarily needing a big agent or client to be installed on each device. They’re also usually cross-platform: Samsung’s cloud-based EMM tool, Knox Manage will manage not only Samsung devices, but other Android devices and those running other operating systems. Of course, you get better integration with Samsung Knox security features if you pair Knox Manage cloud-based EMM with Samsung mobile devices, but that’s just icing on the cake if you’ve adopted the Samsung Knox ecosystem.

Of course, cloud-based isn’t the only way to get mobile security functionality into the network. On-premises solutions are available for IT managers who prefer them or who aren’t comfortable with device management in a shared-tenant cloud environment. These solutions offer the same capabilities as cloud-based ones, only with the added burden of installation and configuration, software management, scaling and performance checking and add-on high availability.

IT managers who haven’t taken control of mobile devices through MDM/EMM tools have myriad options. The important first step is to dive in and start controlling those mobile devices: managing security, patching, software versions and basic settings for everyone in the company.

Learn more about Samsung’s cloud-based mobile security solutions and why they benefit your device fleet with our free white paper.