Enterprise mobility management (EMM) is a comprehensive mechanism for securing mobile devices such as smartphones and tablets. EMM typically involves some combination of mobile device management (MDM), mobile application management (MAM), and mobile information management (MIM). MDM locks down mobile devices, MAM controls which users can access which applications, and MIM allows only approved applications to access corporate data or transmit it.

Figure 1 - An example of an EMM system managing hardware, software and network security aspects of mobile devices.

According to established bring your own device (BYOD) security requirements and policy, a security framework and EMM system is used to monitor, control, and protect the mobile devices and their applications, data, and network connections, as shown in Figure 1.

A secure container mechanism is sometimes used to provide a dedicated section on mobile devices, solely for business applications. Data accessed by these applications cannot pass outside the secure container, nor can personal applications or data enter the container. Containerization provides a clean break between business and personal applications and data, creating an additional layer of security while posing application compatibility challenges.

Related Patterns: