Traditionally Client Management Tools (CMT) like Microsoft System Center or BMC Altiris have been used to manage enterprise owned PCs. Most organizations that deploy CMT have complete control over the PC. Often end users are not allowed to install any new software, even to the extent of preventing end users from installing browser plugins. This was also the model applied to Blackberry. These were corporate owned devices and IT used the Blackberry Enterprise Server (BES) to control what end users were allowed to do.
The advent of iPhones, Android devices, and then iPad changed the ownership model of the majority of devices in the world. There are roughly 2 billion smart phones, 1 billion PCs, and 3/4 billion tablets in the world. The vast majority of these devices, upwards of 75%, are owned by the end user.
The change in the ownership model changes the management model for IT. If IT doesn't own the device, can it manage those devices to the same extent as they managed IT owned PCs and Blackberries? The answer is a resounding no. End users want to be able to access personal applications like Facebook, Twitter, Snapchat and Dropbox on their personal devices. They do not want IT to lock down their ability to use their own personal devices?
Does this mean that IT cannot "secure" the device? No. There are good reasons why IT should lightly manage the device. What does lightly manage mean? IT should be able to do the following:
(1) Force end users to use a passcode or biometric to unlock the device
(2) Force a device posture check to make sure that the device isn't jail-broken or rooted
(3) Push company settings for WLAN or Email
There are two different sets of tools IT uses today to manage devices:
(1) Client Management Tools (Microsoft System Center, BMC Altiris) to manage PCs
(2) Mobile Device Management Tools (Air-watch, MobileIron, MaaS360) to manage phones and tablets
In the future, these tools are going to converge. Brad Anderson, Corporate Vice President at Microsoft, has laid out how Microsoft System Center has already integrated the management tools for PCs and phones.
In summary, even though IT can no longer fully manage a personally owned smart phone or tablet, they should consider lightly managing a device to establish a level of trust for business applications.