In the tech industry, “enterprise” is often equated to large businesses, but when it comes to enterprise mobility management (EMM), we should expand our definition. Why? Small and mid-size businesses (typically firms with 100-999 workers) today need the same mobile device, app and content management capabilities as the big guys.

Many of these smaller firms face the same security, management and overall mobile worker enablement challenges as big organizations, but have fewer resources. They also often think they have fewer products to choose from to address their needs.

How Do Small and Medium-Sized Businesses Use Mobile Tech?

Small and medium-sized businesses (SMBs) use mobile technology at just about the same rate as enterprises. According to IDC’s 2019 Enterprise and SMB Mobility survey, 62 percent of employees at SMBs use smartphones for work purposes, just slightly behind enterprises at 64 percent.

Many SMBs are now run entirely on mobile devices, especially in industries such as retail (shop owners or small franchises) and services (plumbers, contractors, etc.), where smartphones are the primary computing devices that employees use for scheduling work, taking payments and communicating with customers. Shipments of mobile devices into the SMB sector are growing fast, according to IDC data, as these smaller organizations take on many of the same mobile-first and mobile-oriented digital transformation efforts as enterprises.

However, among SMBs using mobile devices extensively, fewer than 30 percent of these firms have any kind of mobility management solution in place. While adding management capabilities is on the near-term road map for over a quarter of SMBs, this leaves a large number of devices unprotected and unmanaged. This challenge is compounded by the fact that many devices used among SMB workers are of the bring-your-own-device (BYOD) variety. (On average, 45 percent of devices used in SMBs are personal smartphones used for work.)

Key Considerations for EMM and UEM Solutions

With BYOD making up a large percentage of devices in SMBs, critical capabilities for a unified endpoint management (UEM) solution include the ability to not just manage devices but also to manage apps and data used on devices. Mobile application management allows SMB IT staff — often a single person, and in the case of very small businesses, often the principal or owner of the business — to set policies and controls around apps, such as email, messaging and other business tools, without requiring full management of the endpoint. These undermanned SMB staffers and owners face a historical challenge: Users not wanting their personal devices managed by their workplace IT staff is the top barrier to enrollment of BYOD devices.

The requirements for SMBs around EMM and UEM solutions also tie into the overall needs and preferences for IT solutions in the market. Tight integration — and more importantly, bundled pricing, with other utilized technologies (from networking to security and overall business software) — is a key consideration. The availability of managed services and ease of deployment and support are also important. This makes the role of mobile carriers critical in terms of reaching SMBs as most small businesses will source mobile devices from their network carriers. Integrators and channel partners who focus on SMB needs also play a key role.

Scalability and Use Case Customization Are Critical

Given the unpredictability of managing a small business, user-based, software-as-a-service (SaaS)-delivered management is also essential. This allows a small business to scale up or down on management seats as needed. Seasonal businesses, or SMBs that have fluctuating staff levels, require this most of all. SMBs require the ability to both take on mobile worker use cases and new and specialized deployment scenarios for mobile technology, especially as smaller firms become more sophisticated around technology deployments.

An example of this is Credico, a firm with approximately 500 employees that provides outsourced direct sales services to businesses. The company provides over 1,000 managed tablets to its network of independent seller clients. The devices are used for salesforce enablement as well as marketing purposes. Since the cellular-connected devices are single-purpose, strong controls are needed to ensure the devices are used only for their intended use case (i.e., personal use and non-approved apps are prohibited on the tablets). This was a challenge for the firm to manage with its initial rollout of the devices, as end users would often jailbreak the devices, install personal apps on them and subsequently rack up overage charges on the device data plans.

Credico chose IBM Security MaaS360, a UEM solution, for its device fleet management. The SaaS-based solution allowed for quick deployment with strong endpoint controls around app and data usage restrictions. Beyond the improved controls over the devices from the company’s previous MDM solution, MaaS360 with Watson AI capabilities allowed the company to gain more insight into how sellers use the tablets and analyze potential areas of security risk. The solution also provided self-service provisioning and help portal capabilities, which are critical for a decentralized, mobile contractor-based workforce.

As evident from the Credico example, SMBs are deploying mobile technology in diverse ways with new use cases beyond traditional mobile computing, which require high levels of security, manageability and support. SMBs require enterprise-class solutions around mobility and endpoint management, but delivered in the way smaller firms acquire, deploy and manage IT management systems.

More from Endpoint

The Needs of a Modernized SOC for Hybrid Cloud

5 min read - Cybersecurity has made a lot of progress over the last ten years. Improved standards (e.g., MITRE), threat intelligence, processes and technology have significantly helped improve visibility, automate information gathering (SOAR) and many manual tasks. Additionally, new analytics (UEBA/SIEM) and endpoint (EDR) technologies can detect and often stop entire classes of threats. Now we are seeing the emergence of technologies such as attack surface management (ASM), which are starting to help organisations get more proactive and focus their efforts for maximum…

5 min read

X-Force Identifies Vulnerability in IoT Platform

4 min read - The last decade has seen an explosion of IoT devices across a multitude of industries. With that rise has come the need for centralized systems to perform data collection and device management, commonly called IoT Platforms. One such platform, ThingsBoard, was the recent subject of research by IBM Security X-Force. While there has been a lot of discussion around the security of IoT devices themselves, there is far less conversation around the security of the platforms these devices connect with.…

4 min read

X-Force Prevents Zero Day from Going Anywhere

8 min read - This blog was made possible through contributions from Fred Chidsey and Joseph Lozowski. The 2023 X-Force Threat Intelligence Index shows that vulnerability discovery has rapidly increased year-over-year and according to X-Force’s cumulative vulnerability and exploit database, only 3% of vulnerabilities are associated with a zero day. X-Force often observes zero-day exploitation on Internet-facing systems as a vector for initial access however, X-Force has also observed zero-day attacks leveraged by attackers to accomplish their goals and objectives after initial access was…

8 min read

Patch Tuesday -> Exploit Wednesday: Pwning Windows Ancillary Function Driver for WinSock (afd.sys) in 24 Hours

12 min read - ‘Patch Tuesday, Exploit Wednesday’ is an old hacker adage that refers to the weaponization of vulnerabilities the day after monthly security patches become publicly available. As security improves and exploit mitigations become more sophisticated, the amount of research and development required to craft a weaponized exploit has increased. This is especially relevant for memory corruption vulnerabilities.Figure 1 — Exploitation timelineHowever, with the addition of new features (and memory-unsafe C code) in the Windows 11 kernel, ripe new attack surfaces can…

12 min read