Microsoft gets strategic with its Enterprise Mobility Suite

It can't win every battle in the BYOD world, but it can pick the right fights

Although Apple isn't the sole focus of Microsoft's Enterprise Mobility Suite (EMS) or of Satya Nadella's new "mobile-first cloud-first" vision for the company, its iOS devices dominate enterprise mobility, meaning that Apple will play a major role in Microsoft's mobility strategy. In pursuing this strategy, Microsoft is, in a way, copying Apple's approach to business and enterprise iOS customers, albeit from a different perspective.


Microsoft began adding the ability to manage iOS and Android devices to its cloud-based Intune management suite last year. Although initial support for iOS device management was very basic, the company updated Microsoft Intune's iOS capabilities in January. While Microsoft has a ways to go before it catches up to the feature sets of the major mobile device management and enterprise mobility management vendors, the company looks committed to advancing its mobile management tools quickly.

The details on EMS

Announced last week alongside the introduction of Office for the iPad, Microsoft's EMS builds on the multi-platform management of Intune by integrating the company's Azure Active Directory Premium service, which extends existing Active Directory credentials and infrastructure to mobile devices. That delivers features like mobile single sign-on, multi-factor authentication, a range of deep reporting capabilities and self-service functionality for password resets and managing group membership.

The suite also incorporates Azure Rights Management, which can be used to secure corporate data that's accessed or stored on mobile devices while also providing secure mobile access to on-premises data resources like SharePoint sites. Microsoft's big pitch for EMS touts both the capabilities it offers as well as a shallow learning curve or deployment process for experienced Windows administrators.

What's most interesting about the announcement (and about the launch of Office for iPad) is Microsoft's change in posture and the way it is now demonstrating that it understands a mobile and post-PC world will likely be far less dominated by Windows than the desktop PC era of the 1980s, '90s, and early 2000s. (That change was underscored on Wednesday, when Microsoft announced that Windows and Windows Phone would be free to device makers building smartphones or tablets with screens smaller than 9-in. )

So what does this have to do with Apple?

Although Apple has been building support for Active Directory into Macs for more than a decade, the company also spent several years producing its own line of enterprise solutions, including servers, storage system, and a server OS that relied on an Apple-designed directory service for user identity and Mac system management. In many ways, Apple pushed its own enterprise products as an alternative to Windows Server, Active Directory and Exchange.

That strategy worked for organizations that were predominantly Apple-based or that had large numbers of Mac users. But it did little for large enterprises with only a handful of Macs because Windows IT managers didn't want to commit to building an Apple-focused infrastructure when they already had one built around Windows.

A different Apple strategy

Today, Apple's enterprise strategy is very different. The company no longer competes in the enterprise server hardware market and its server OS is aimed largely ar the small business market. Instead of competing in the enterprise hardware or server OS space with Microsoft, Apple designs consumer-oriented devices that incorporate support for Microsoft's enterprise solutions. Macs fit into Active Directory environments much better now. The Mail, Calendar and Contacts apps in OS X integrate with Exchange with no additional software required. (Organizations can use Outlook for Mac, as well.) iOS devices support Exchange ActiveSync as well as multi-platform enterprise mobility management solutions.

Although it sells more to end users in an organization than to IT procurement officers, Apple provides security, management and deployment mechanisms that IT can use to integrate its products securely and efficiently.

Apple demonstrated its commitment to IT's needs in February when it launched its Device Enrollment Program, which allows for zero-touch configuration and management of iOS devices purchased and deployed by an organization. At the same time, Apple released enterprise IT guides for iOS security and mass deployment. iOS 7, which arrived last fall and was updated last month, includes a range of native security and management capabilities, including the ability to volume license apps from its public App Store in a way that allows administrators to deploy them to user devices and then revoke them if the user leaves the company or no longer needs them.

The major theme here is that Apple recognized that it couldn't compete with Microsoft on Microsoft's own turf inside the data center and it stopped trying. That allowed the company to build on its strengths in the areas where it could compete -- producing premium products that people want to use for work as well personal tasks.

Microsoft gets smart

Microsoft's support for iOS devices as part of its EMS and the release of Office for iPad point to the company having made a similar conclusion. After three and a half years on the market, Windows Phone is still a distant third behind Android and iOS in the consumer and enterprise markets. The Surface and other Windows 8.x tablets are beginning to gain some traction, but far less and far slower than Microsoft must expected or hoped.

Microsoft simply isn't able to effectively compete in the consumer or BYOD-dominated mobility arenas, but it can play to its own strengths -- enterprise infrastructure -- and deliver effective business and enterprise products and services to both end users (Office for iPad) and IT shops (EMS). In doing so, it deepens its relationships with enterprise IT organizations while empowering them to use a familiar set of tools to manage the iPhones, iPads and Android devices that are now part of virtually every workplace. That builds a lot of value for the company and for its core enterprise customers.

In both cases, each company recognized where its strengths are and opted to build on them. In the process, they're delivering products that drive real value to their customers.

This doesn't mean that Apple will completely abandon its server platform, particularly since the release of the current Mac Pro. It also doesn't mean that Microsoft is walking away from its own mobility ambitions. It does, however, mean that both companies are focusing on what they do well and what their business and enterprise customers need. It also means that they are, in some ways, working in concert on different parts of the enterprise mobility spectrum.

On one side of the coin, Apple is making products that are Microsoft/enterprise friendly. On the other, Microsoft is making enterprise solutions that more easily, efficiently and effectively integrate Apple's iOS devices, as well as Android devices, including those sporting Samsung's KNOX security platform. That's a winning combination of effforts for businesses smart enough to take advantage of both.

Ryan Faas is a freelance writer and technology consultant specializing in Mac and multiplatform network issues. He has been a Computerworld columnist since 2003 and is a frequent contributor to Faas is also the author of iPhone for Work (Apress, 2009). You can find out more about him at and follow him on Twitter ( @ryanfaas).

Read more about mobile device management in Computerworld's Mobile Device Management Topic Center.

Copyright © 2014 IDG Communications, Inc.

7 inconvenient truths about the hybrid work trend
Shop Tech Products at Amazon