Three options for fitting Mobile Device Management
You only need to look at the growing list of acronyms – BYOD, CYOD, COBO, COPE, COSU – to know that the diversity of using mobile smartphones and tablets on corporate networks has increased.
But no matter how form factors, operating systems and uses evolve, the key to secure and effective mobile device management (MDM) is to take the approach that best addresses the specific needs of each type of application and the capabilities of the device operating system, i.e. Google Android or Apple iOS management options.
Three primary MDM methods have emerged
- Company Owned Business Only (COBO): These are devices provided to employees and pre-configured for work-related purposes. Private use is prohibited and only company-authorized configurations, apps and data are permitted. Android offers the Fully Managed Device Profile and iOS/iPadOS offers Device Enrollment. Both enable full provisioning and management of the entire device.
- Company Owned Personally Enabled (COPE) and Bring Your Own Device (BYOD) : Many companies allow employees to use either company- or employee-owned devices for work and personal purposes. COPE also includes Choose Your Own Device (CYOD) programs where employees have a choice of company-owned devices for work and personal use. COPE/CYOD and BYOD devices contain both company and private user apps and data that remain strictly separated within their own configuration profiles. Users maintain the privacy of their own apps, data and settings but can’t use them with corporate apps and data. Likewise, IT managers can see and manage only company apps, data and settings. Android enables this via Work Profile, while Apple does it via User Enrollment.
- Company Owned Single Use (COSU) : COSU devices serve a specific, limited business purpose and may be used by different employees. Examples include barcode scanners in logistics or warehouse operations, or devices used for field sales demos, as product configurators in retail or automotive settings, or for order-entry in food service and other applications. IT managers typically install only the apps needed to support the intended use, and users have no ability to modify device settings. This is done using the Dedicated Device Profile on Android and the Single App Mode on iOS/iPadOS systems.
Modern UEM solutions support simultaneous use of all three options via a single, consistent management console. Of course, only one option can be assigned to a device at a time. But for different devices and environments, different options can be applied in parallel. In other words, IT managers do not have to obtain, use or launch separate, specialized management utilities to manage all mobile device types. They can also apply company policies, settings and even UX look and feel consistently and automate routine or repetitive tasks.
From the wild consumer device to the professionally managed business device
Do you remember the beginnings of the consumerization of IT? Not even 10 years ago, smart devices were designed primarily for consumers and were almost unmanageable for corporate IT purposes. For a long time, data separation for BYOD was also difficult to manage, as evidenced by the fact that employees often carried two mobile phones, one for business and one for personal use. IT admins otherwise had to turn to proprietary and awkward-to-use container apps to create a protected area for enterprise applications.
Now all mobile devices can be managed in a structured and consistent manner. That not only helps IT admins maintain the management control they need efficiently, it also supports improved end-user experiences and greater productivity.