For many in the healthcare industry, the distinction between mobile device management (MDM) and enterprise mobility management (EMM) is unclear. When choosing the best solution provider, especially in terms of healthcare security, it’s important to understand the history and difference between the two practices.
A Blended History
Mobile device use isn’t new to healthcare — nurses, patients, doctors and everyone in-between are actively using mobile devices and solutions to address the challenges of the industry. According to HIT Infrastructure, until recently, MDM was a broad term, referring to both the segmented and general use of mobile devices.
That changed three years ago when Gartner proclaimed that MDM had evolved into EMM, a term that encompassed larger mobility management solutions that also included mobile content management (MCM), mobile application management (MAM) and identity and access management (IAM).
This structure means that every EMM solution includes an MDM component, but also that an MDM solution does not offer everything an EMM solution does.
Why MDM Isn’t Enough in an App-centered World
When the mobile environment was more simple, MDM solutions met the needs of most solutions providers. Today though, with every month bringing increased complexity to mobility, it’s becoming more apparent that EMM solutions will need to be a serious consideration for most facilities and organizations.
Many of MDM’s shortcomings were exposed by BYOD policies. As IT admins began integrating MDM into their BYOD strategies, they began to run across functionality limitations and bumps in user experience. These issues are most obvious in situations where employee-owned devices are used for work purposes. For example, since MDM functions at the device level, if a situation arises where an admin needs to destroy data in an application that’s used both privately and professionally, all the information needs to be wiped, regardless of classification.
In contrast, EMM offers a level of flexibility around applications where MDM does not. More specifically, EMM solutions allow IT departments to establish policies on both an application and information level.
This flexibility has become essential in managing the lifecycles of applications in terms of deployment, management and support. CIOs have adopted EMM solutions to stay on top of ever-changing apps and take advantage of the potential to build mobile apps that are both user-friendly and enterprise-ready.
Those last two elements are non-negotiable in healthcare security environments where security depends on adoption and proper user behavior. EMM solutions offer IT departments the option of enabling privacy policies at multiple levels, including implementing single sign-on options where applicable.
Communicating With Vendors
When working with vendors and solution providers on building secure application environments, it will be essential to clearly understand the terminology they’re using.
The formal, 2016 Gartner definition of EMM is a broad solution that “enables organizations to integrate and manage mobile devices in their IT infrastructures.” Where things get tricky is that some vendors still use MDM to refer to EMM solutions, so it’s essential when working with vendors to understand organizational needs, where confusion can potentially take place, and ask questions to fully understand what’s being discussed and how terminology is used.
Here are four points to consider when working with a vendor to identify an EMM solution:
Support: Troubleshooting and support options in EMM offerings include inventory, analytics and remote actions.
Provisioning: Unlike MDM solutions, EMM solutions will configure applications and devices for enterprise deployment, as well as manage updates and assist with device upgrade and retirement.
Auditing, tracking and reporting: If a solution can’t track device inventory usage and settings to verify compliance with enterprise policies, it’s likely an MDM solution.
Enterprise data protection: EMM solutions offer mitigation against theft, employee termination, data loss and other incidents. They do this by adding controls for data access rights, data encryption, device lockdown and shared devices, as well as application wrapping and containment.
Ultimately, making the choice between MDM and EMM solutions will depend on your organization’s particular needs, as well as the path it takes in terms of application use, security and vulnerability. Regardless of choice, make sure to work with a vendor who understands the challenges around all those components as well as the particular challenges of healthcare security.
Are unpatched security vulnerabilities worth the risk? A recent report shows just how much known vulnerabilities can cost your business.