Johannesburg, 16 Nov 2017
For some it is manna from heaven, to others a curse from the bowels of the earth. Bring Your Own Device (BYOD) has been a huge boon for employees and companies, but a nightmare for technology administrators. As devices become more popular, fracture along more versions and brands, and grow as the main bridge between the personal and professional lives of employees, they have become both irreplaceable and difficult to administer.
This has driven a wave of Mobile Device Management (MDM) suites, application layers that handle such devices. Though the market has seen many attempts at a 'one-stop' management approach of devices, this has not been effective. Instead the rise of specialised MDM systems or Enterprise Mobility Suites (EMS) such as Jamf, Intune and Knox have been setting the standard, says Clayton Campbell, Director at Onsite Group:
"One EMS system to manage them all is a unicorn approach to management, each eco-system be it Apple, Microsoft, and Google are fundamentally different at the core, it would then be a mistake to think that a universal approach to managing these diverse systems would provide you with the best tools. Instead it's important that the EMS you have can integrate into key systems. For example, a lot of organisations use Microsoft SCCM to manage their Windows environments and inventories, it's important for EMS solutions to integrate with those services and provide data that can be used for decision-making."
Deploying, enrolling and managing different mobile devices on a company network is the challenge, which is why integration of specialised layers is key. A good MDM approach will focus on specific devices and enforce the policies of the greater infrastructure. So a well-integrated MDM is not the security application, but it can liaise with that application and enforce the right actions. If a device arrives without the right software or perhaps contaminated with malware, it can be immediately isolated or pushed to make updates before being allowed into the company's domain.
This sounds fantastic and you'd expect the leaders of this approach to be one of the renowned business technology vendors. Yet the tip of this spear is a different company, though one whose presence has become very universal in corporate offices.
The iconic bitten fruit of the Apple logo is immediately recognisable. It is seen as a mark of quality and assurance, of reliability and power. Indeed, companies are increasingly favouring Apple products in the office for their value proposition, says Campbell:
"It's becoming a lot cheaper to own an Apple device than traditional corporate devices, because the device lasts so long and has a very good resale value. That's driving a lot of Mac deployments. IBM recently released a study and proved that the TCO on Apple is between $260 and $520 cheaper over a three-year period."
And, he adds, management is a lot easier. Really? Managing an Apple device in what is likely a Windows environment is easier? Absolutely.
There are several reasons for this, such as the recent integration between Jamf and Microsoft's InTune. But the impact is perhaps best encapsulated in this case study from Onsite: the South African company recently deployed hundreds of iPads for a top UK airline. Each iPad was to be locked to very specific applications, a situation that normally meant a lot of manual work loading them. But Onsite never even left the country. They ordered the iPads in the UK, then used the Jamf MDM suite to format and deploy the correct specifications remotely to all the iPads.
The company also recently used Jamf to take over Apple device management at a major local bank. Here's the kicker: all employees had to do to enrol was to enter their Active Directory login credentials. Once identified, Jamf could load the devices right down to the specific necessity of the employee. If you ever wasted hours prepping different machines for different departments, this style of auto-deployment is a game changer.
In both cases, Jamf worked in collaboration with the Apple Device Enrolment Programme, which verifies the serials and then liaises with the MDM to proceed. The MDM in turn integrates with the company systems, be they for inventory, security, data management or whatever IT aims to provide. Yet MDMs don't dig into data or processes:
"MDM is the device face. We don't touch the user data at all. We don't pull or hold any information, we don't intercept traffic. All we do is make sure that whatever is on the device and how the device is set up, is in compliance."
Even the nuisance of isolated profiles on devices - a common employee complaint - are a thing of the past. Modern MDM suites such as Jamf are far more nuanced, giving users the best of both their personal and professional worlds.
Not all MDM suites are as capable, nor are all device brands able of delivering on such promises. Apple has been leading the MDM market through ease, innovation and automation, setting the bar alongside suits such as Jamf. Those operational BYOD headaches can be a thing of the past, at least for enterprises who adopt Apple devices.
Share