In the tech industry, “enterprise” is often equated to large businesses, but when it comes to enterprise mobility management (EMM), we should expand our definition. Why? Small and mid-size businesses (typically firms with 100-999 workers) today need the same mobile device, app and content management capabilities as the big guys.

Many of these smaller firms face the same security, management and overall mobile worker enablement challenges as big organizations, but have fewer resources. They also often think they have fewer products to choose from to address their needs.

How Do Small and Medium-Sized Businesses Use Mobile Tech?

Small and medium-sized businesses (SMBs) use mobile technology at just about the same rate as enterprises. According to IDC’s 2019 Enterprise and SMB Mobility survey, 62 percent of employees at SMBs use smartphones for work purposes, just slightly behind enterprises at 64 percent.

Many SMBs are now run entirely on mobile devices, especially in industries such as retail (shop owners or small franchises) and services (plumbers, contractors, etc.), where smartphones are the primary computing devices that employees use for scheduling work, taking payments and communicating with customers. Shipments of mobile devices into the SMB sector are growing fast, according to IDC data, as these smaller organizations take on many of the same mobile-first and mobile-oriented digital transformation efforts as enterprises.

However, among SMBs using mobile devices extensively, fewer than 30 percent of these firms have any kind of mobility management solution in place. While adding management capabilities is on the near-term road map for over a quarter of SMBs, this leaves a large number of devices unprotected and unmanaged. This challenge is compounded by the fact that many devices used among SMB workers are of the bring-your-own-device (BYOD) variety. (On average, 45 percent of devices used in SMBs are personal smartphones used for work.)

Key Considerations for EMM and UEM Solutions

With BYOD making up a large percentage of devices in SMBs, critical capabilities for a unified endpoint management (UEM) solution include the ability to not just manage devices but also to manage apps and data used on devices. Mobile application management allows SMB IT staff — often a single person, and in the case of very small businesses, often the principal or owner of the business — to set policies and controls around apps, such as email, messaging and other business tools, without requiring full management of the endpoint. These undermanned SMB staffers and owners face a historical challenge: Users not wanting their personal devices managed by their workplace IT staff is the top barrier to enrollment of BYOD devices.

The requirements for SMBs around EMM and UEM solutions also tie into the overall needs and preferences for IT solutions in the market. Tight integration — and more importantly, bundled pricing, with other utilized technologies (from networking to security and overall business software) — is a key consideration. The availability of managed services and ease of deployment and support are also important. This makes the role of mobile carriers critical in terms of reaching SMBs as most small businesses will source mobile devices from their network carriers. Integrators and channel partners who focus on SMB needs also play a key role.

Scalability and Use Case Customization Are Critical

Given the unpredictability of managing a small business, user-based, software-as-a-service (SaaS)-delivered management is also essential. This allows a small business to scale up or down on management seats as needed. Seasonal businesses, or SMBs that have fluctuating staff levels, require this most of all. SMBs require the ability to both take on mobile worker use cases and new and specialized deployment scenarios for mobile technology, especially as smaller firms become more sophisticated around technology deployments.

An example of this is Credico, a firm with approximately 500 employees that provides outsourced direct sales services to businesses. The company provides over 1,000 managed tablets to its network of independent seller clients. The devices are used for salesforce enablement as well as marketing purposes. Since the cellular-connected devices are single-purpose, strong controls are needed to ensure the devices are used only for their intended use case (i.e., personal use and non-approved apps are prohibited on the tablets). This was a challenge for the firm to manage with its initial rollout of the devices, as end users would often jailbreak the devices, install personal apps on them and subsequently rack up overage charges on the device data plans.

Credico chose IBM Security MaaS360, a UEM solution, for its device fleet management. The SaaS-based solution allowed for quick deployment with strong endpoint controls around app and data usage restrictions. Beyond the improved controls over the devices from the company’s previous MDM solution, MaaS360 with Watson AI capabilities allowed the company to gain more insight into how sellers use the tablets and analyze potential areas of security risk. The solution also provided self-service provisioning and help portal capabilities, which are critical for a decentralized, mobile contractor-based workforce.

As evident from the Credico example, SMBs are deploying mobile technology in diverse ways with new use cases beyond traditional mobile computing, which require high levels of security, manageability and support. SMBs require enterprise-class solutions around mobility and endpoint management, but delivered in the way smaller firms acquire, deploy and manage IT management systems.

More from Endpoint

The Evolution of Antivirus Software to Face Modern Threats

Over the years, endpoint security has evolved from primitive antivirus software to more sophisticated next-generation platforms employing advanced technology and better endpoint detection and response.  Because of the increased threat that modern cyberattacks pose, experts are exploring more elegant ways of keeping data safe from threats.Signature-Based Antivirus SoftwareSignature-based detection is the use of footprints to identify malware. All programs, applications, software and files have a digital footprint. Buried within their code, these digital footprints or signatures are unique to the respective…

Contain Breaches and Gain Visibility With Microsegmentation

Organizations must grapple with challenges from various market forces. Digital transformation, cloud adoption, hybrid work environments and geopolitical and economic challenges all have a part to play. These forces have especially manifested in more significant security threats to expanding IT attack surfaces. Breach containment is essential, and zero trust security principles can be applied to curtail attacks across IT environments, minimizing business disruption proactively. Microsegmentation has emerged as a viable solution through its continuous visualization of workload and device communications…

Self-Checkout This Discord C2

This post was made possible through the contributions of James Kainth, Joseph Lozowski, and Philip Pedersen. In November 2022, during an incident investigation involving a self-checkout point-of-sale (POS) system in Europe, IBM Security X-Force identified a novel technique employed by an attacker to introduce a command and control (C2) channel built upon Discord channel messages. Discord is a chat, voice, and video service enabling users to join and create communities associated with their interests. While Discord and its related software…

3 Reasons to Make EDR Part of Your Incident Response Plan

As threat actors grow in number, the frequency of attacks witnessed globally will continue to rise exponentially. The numerous cases headlining the news today demonstrate that no organization is immune from the risks of a breach. What is an Incident Response Plan? Incident response (IR) refers to an organization’s approach, processes and technologies to detect and respond to cyber breaches. An IR plan specifies how cyberattacks should be identified, contained and remediated. It enables organizations to act quickly and effectively…