With more and people using their mobile devices for both work and play, how does IT meet the demand for flexibility and protect corporate assets?
Microsoft Windows 8 support for touchscreens in laptops and convertibles make PCs increasingly attractive as mobile devices for work and play. Thanks to Windows 8.1, for the first time, you can manage devices running Windows by using enterprise mobile management software. While some scenarios lend themselves to the mobile device management (MDM) approach, others favor a traditional approach. How do you decide between these two options?
This post will help you make the decision. For more in-depth guidance, read our white paper, New Choices in Windows Device Management.
The traditional PC management approach gives IT full control of devices, from procurement to retirement. For example, IT installs, updates, secures, and maintains custom images. Typically, you would do this by joining the devices to an Active Directory Domain Services (AD DS) domain and applying Group Policy Objects.
But the traditional management approach is highly invasive and can be intrusive, especially with BYOD. Many users do not want to grant IT full access to (and control over) their personal devices. Plus, having to connect over VPN can be a resource-intensive hassle on mobile devices.
A mobile device management (MDM) approach gives workers some control of their devices while retaining some control for IT. For example, after purchase, the devices go to users, who enroll them over the air to a management service. Users decide when to patch their devices or upgrade to a new OS. They install most of their own apps, too. But IT can wipe corporate data from the device if it gets lost or stolen, and IT can keep mobile devices from accessing various corporate assets if they do not comply with policies (such as having full-device encryption or sufficiently strong passwords).
Why choose traditional management?
The traditional approach offers IT a high degree of control, stability, and security. The following factors might steer you toward the traditional approach:
- Your company owns the device.
- The device will usually be connected to your corporate network.
- More than one worker will use the device.
- They need broad access to corporate resources from the device.
- The device is the primary user’s main PC.
- IT needs to deploy desktop applications to the device.
- Users need to access resources, like printers without near field communication (NFC), on company premises.
Why choose mobile management?
The traditional management approach can be resource-intensive. It can also be challenging to manage highly mobile devices because they seldom connect to the corporate network.
The MDM approach offers workers the flexibility they want, while still maintaining policy-based control. Workers can use personal, consumer devices to check corporate email, calendars, and contacts, without compromising corporate assets.
The following factors might steer you toward the mobile approach:
- The user owns the device running Windows, or it is corporate-owned but personally enabled (COPE).
- The device will not usually be connected—or requires only light, infrequent connectivity—to the corporate network.
- No other employees use the device.
- The user can live with limited access to corporate resources.
- The user will take the device to remote locations or satellite offices without a VPN server nearby (or without reliable corporate connectivity).
- The device is not the user’s primary device.
- IT does not need to deploy large updates to the device.
- IT is not responsible for the image loaded on the device.
- User experience, such as battery-life drain due to extensive VPN usage, might be adversely affected by the traditional approach.
Windows 8.1 introduces features that provide IT departments with greater flexibility for managing mobile devices. Before you decide which approach to take, read our white paper, New Choices in Windows Device Management, on Intel.com. And look for more Thought Lab posts on the mobile management features of Windows 8.1 and Windows Server 2012 R2.