Be the first to hear the mobile news. Enter your email to join.

Workspace ONE

The Next Frontiers for EMM: Identity, Windows Apps & the Digital Workspace

  • Hemant Sahani By

Enterprise mobility management (EMM) has traditionally been about securing, deploying and managing devices, apps and content to enable mobile employee productivity. However, the industry is quickly shifting based on emerging industry trends, including:

  • The increasing number of business apps;
  • User-centric contextual workflows powered by big data and analytics;
  • The shift to cloud or hybrid deployments;
  • Aggregation of the right data from multiple business systems; and
  • The blurred lines for how to manage the growing heterogeneous device ecosystem.

These market influences have resulted in the addition of identity and Windows apps as the next EMM frontiers to help enterprises deliver the new digital workspace to drive enterprise productivity. In my opinion, these new frontiers will result in a broader space—let’s call it enterprise workspace management, which will encompass the traditional EMM.

digital workspace diagram

Identity and VDI are the next frontiers of the digital workspace.

The recent VMware Workspace ONE and AirWatch 8.3 technology announcements make it possible for IT leaders to enable anywhere, anytime, any device access to apps—with an amazing one-touch single sign-on (SSO) experience. Integrating identity and access management (IAM) with the AirWatch EMM platform has the following major advantages:

1. One-Touch Mobile SSO

Users can log into cloud, mobile and Windows apps with a true one-touch mobile single sign-on experience. The patent-pending Secure App Token Systems (SATS) technology is an industry-first access management system that uses certificates to establish trust between the user, device, enterprise and cloud. 

2. Deployment Flexibility for Corporate-Owned and BYOD Use Cases

Workspace ONE provides IT unprecedented flexibility to successfully deploy apps and content at scale for all use cases, while balancing security, privacy and usability. IT can push the right apps to users based on a combination of device ownership (corporate-owned or employee-owned), division, device platform, model, OS version, user groups and custom Active Directory attributes. IT can also configure adaptive management policies. For instance, without requiring a mobile device management (MDM) profile, a user can access containerized apps (Inbox, Content Locker, Browser, etc.) or native apps that do not contain sensitive content. But when a user tries to access a native app with sensitive content, the Workspace app will automatically prompt the user to install a lightweight MDM profile to configure a strong device passcode to enforce strong encryption and offer a seamless onboarding experience.

3. Conditional Access to Apps & Content

As companies move towards enabling a digital workspace, integration of identity into the EMM stack enables innovation in the area of risk-based analysis and adaptive access based on context. For instance, a user can seamlessly log into apps from approved devices while connected via approved networks. But insecure networks, such as public Wi-Fi hotspots, can require two-factor authentication for the same app. Access can be revoked automatically if compliance policies are violated (device is rooted or jailbroken) or manually if a user leaves the company. The IT helpdesk and operations processes can be automated via the AirWatch policy engine to reduce helpdesk tickets, thereby reducing the total cost of ownership (TCO) of the overall Workspace ONE solution. With the VMware NSX Intelligent networking integration, IT can also micro-segment access to corporate services to limit accidental malware damage to devices.

The digital revolution is creating modern ways of communication and engagement between employees, customers and business partners. To learn more about how you can enable the digital workspace for your company, please visit

Hemant Sahani

Hemant Sahani

Hemant is a director of product marketing at VMware.

Leave a Reply

Your email address will not be published. Required fields are marked *


Blog By Region

Blog By Category: