There are many things that characterize good security hygiene. One obvious aspect is clearly defined trust boundaries and secure connectivity requirements. Allowing an unmanaged and untrusted device to be directly plugged into a trusted network would significantly violate one of the core tenets of the Zero Trust principle.
The truth is, enabling secure connectivity on mobile devices cannot be done in an ad-hoc manner, it must follow a best practice approach in order to be successful. While many internet security and remote access solutions offer a self-service workflow (e.g., go to the App/Play Store, download the client, authenticate, and connect), this can lead to potential risks. Sensitive data could end up on an untrusted and unmanaged device, which could get lost, stolen, or be used for unauthorized access and data exfiltration. This poses a real risk for both internal and SAAS applications, and it raises doubts about the effectiveness of the data protection perimeter.
To address these challenges, the recommended best practice approach is to use a centralized management system for mobile management. There are many different specialized solutions on the market. The most commonly used platform types include:
- MDM (Mobile Device Management): Historically focused on corporate-owned mobile assets.
- EMM (Enterprise Mobility Management): Addresses all enterprise mobile use cases, including company-owned and personal devices.
- UEM (Unified Enterprise Management): Comprehensive platforms that manage both desktop and mobile devices.
- MAM (Mobile Application Management): Targets app management on both managed and unmanaged devices.
Among these, MDM has been in the market for the longest time and can serve as the primary term, although some may use EMM and UEM for more specific contexts.

The market is divided between major UEM players lik