Device Policies, Mobile Management Policies, Distinctions and Applications

Written by Alex Locatelli, Chief Technology Officer

Ever wondered how other businesses approach device usage and ownership? Or how they manage mobile applications? 

Each and every business we work with has a slightly different take on this, which is riven by their by their financial constraints, their human resources policies, their work type and style, and many more factors. 

It’s not for us to comment on which is correct or better, but it won't be a surprise that we evaluate our clients’ preferences as it relates to data integrity and cybersecurity. In the interests of increasing knowledge, here is a CAL (comprehensive acronym list)...

Device Policies, Acronyms, and What They Mean

1. BYOD (Bring Your Own Device) Definition: Employees use their personal devices (e.g., smartphones, tablets, laptops) for work purposes. The company allows employees to access corporate resources and applications from these devices. Typically, BYOD policies include guidelines on security measures, acceptable use, and data protection to safeguard both the personal and business information.
   
   
2. CYOD (Choose Your Own Device) Definition: Employees select from a list of pre-approved devices provided by the company. Unlike BYOD, where employees use their own devices, CYOD ensures that all devices used for work meet company security standards. The company typically manages and maintains these devices, balancing user preference with control over security and compliance.
   
   
3. COPE (Corporate-Owned, Personally Enabled) Definition: The company provides devices to employees, but employees are permitted to use them for personal activities as well. These devices are owned and controlled by the company, allowing for greater management and security, but they also offer some level of personal use flexibility. The company handles device maintenance, updates, and security.
   
   
4. COBO (Corporate-Owned, Business-Only) Definition: The company provides devices that are used exclusively for business purposes. Employees are not allowed to use these devices for personal activities. COBO ensures that all device usage is focused on work-related tasks, enhancing security and control over data and applications. The company is responsible for all aspects of device management and security.
   
   
5. COSU (Corporate-Owned, Single-Use) Definition: The company provides devices that are dedicated to a single, specific purpose or application. COSU is often used for specialized tasks or in scenarios where devices are dedicated to a particular function, such as kiosks, point-of-sale systems, or company-specific applications. These devices are fully controlled by the company and are not used for personal activities.
   
   

Each of these policies addresses different needs and priorities in device management, from flexibility and user preference to security and control. Choosing the right policy depends on a company's specific requirements, including security, cost, employee productivity and retention, and more. 

Mobile Device Management, Acronyms and Definitions

Following the selection and implementation of an organisations device policy, comes the options to manage those devices. Again, this area is prone to acronyms, so below is our list as well as the definitions of each to help debunk this commonly confusing topic. 

1. MDM (Mobile Device Management)
   Definition: MDM refers to a set of tools and processes used to manage, monitor, and secure mobile devices within an organisation. This includes smartphones, tablets, and laptops. MDM solutions typically offer features such as device enrollment, configuration management, remote wipe, security policy enforcement, and monitoring of device usage and compliance. MDM focuses on managing the device itself.
   
   
2. MAM (Mobile Application Management)
   Definition: MAM focuses on managing and securing the applications installed on mobile devices rather than the devices themselves. MAM solutions provide tools for app distribution, configuration, and control, including the ability to enforce app-specific policies, manage app updates, and remotely wipe application data. This approach allows for greater control over corporate apps and data without necessarily managing the entire device.
   
   
3. MEM (Mobile Endpoint Management)
   Definition: MEM encompasses the management of all types of endpoints, including mobile devices (smartphones, tablets), laptops, desktops, and other connected devices. MEM solutions integrate MDM and MAM functionalities with broader endpoint management capabilities, providing a unified approach to securing and managing all endpoints across an organisation. This approach typically includes managing device configurations, application settings, and security policies.
   
   
4. MCM (Mobile Content Management)
   Definition: MCM focuses on managing and securing the content accessed and stored on mobile devices. This includes ensuring that corporate documents, files, and data are protected and properly controlled. MCM solutions often provide features like secure document access, file sharing, content encryption, and content collaboration tools. The goal of MCM is to protect sensitive information and ensure proper handling of corporate content on mobile devices.
   
   
5. EMM (Enterprise Mobility Management)
   Definition: EMM is a comprehensive framework that combines MDM, MAM, MCM, and other related technologies to provide a unified approach to managing and securing mobile and endpoint environments within an organization. EMM solutions offer integrated tools for device management, application management, content management, and policy enforcement. The goal of EMM is to streamline the management of all aspects of mobile and endpoint use, ensuring security, compliance, and productivity.

Each of these management frameworks addresses different aspects of security and control within an organisation's IT environment, helping businesses to effectively manage and secure their mobile and endpoint infrastructure.

Do you need help? This is a complex area and working with a professional can assist.