Many organizations rely on mobile device management (MDM) solutions to manage and monitor their company-issued smartphones, tablets, and other devices.
An original equipment manufacturer (OEM) application is a solution created by the manufacturer to integrate the MDM more deeply into the device’s hardware and firmware.
With OEM applications, businesses can set more granular permissions, settings, and policies. The business benefits from the OEM application in the form of greater control, security, and privacy, which are competitive advantages in any industry.
Part I. The Key Features & Benefits of OEM Applications
OEM applications provide businesses with numerous advantages. These are the most notable.
Deep-Level Customization
An MDM can control apps, security policies, network configuration, location tracking, and device enrollment and provisioning.
While that may sound comprehensive, these controls only represent a small portion of what is possible to accomplish on a device.
With an OEM app, businesses can then customize everything from boot screens to key functions.
These customizations are tailored to the OEM’s device: For example, if the manufacturer offers a device with multiple cameras, businesses can use its app to configure which to enable or disable. A business in a sensitive industry, such as healthcare, may want to disable all cameras so healthcare professionals cannot take photos of patients.
Enhanced Security & Control
MDMs have the ability to set various security features, including whitelists and blacklists, geofencing, and even remote wipe in the event the device is lost or stolen.
Some businesses may demand an even higher level of security. For them, an OEM app may be a better option.
Devices often have ports, which can serve as a vector for data leakage. Rogue employees or bad actors can connect to them and exfiltrate data through their own hardware. An OEM app can block the use of such connections.
If the device has advanced security settings, the enterprise can utilize them via the OEM app to further strengthen its security posture.
Advanced Device Control (Hardware & Software)
An OEM app has stronger controls over software than a typical MDM.
For example, OEM apps can control deep settings, such as blocking certain user behaviors (e.g., taking screenshots), controlling how users interact with connected devices, and enforcing security frameworks, including a secure container.
Devices with custom hardware can also be managed. The business may configure the use of sensors, scanners, radios, and other modes and attachments.
Part II. OEM Application vs. Standard MDM Solution
A standard MDM is restricted to what the base operating system, such as Android Enterprise, allows.
Most businesses that rely solely on an MDM are thus limited to operating system-level settings and APIs. While any solution that provides more security is a step in the right direction, MDMs still have significant exposure.
Businesses with company-issued devices that offer an OEM app should generally utilize it. These apps will provide them with extended features.
The business simply needs to configure its preferred permissions on the OEM app, which also gives them the advantage of speed.
Enterprises have generally had to wait for an MDM to support different features of a new OEM device.
With an OEM app, there is no such delay. Because the OEM operates its own app, clients do not have to waste precious time waiting for support on its latest features.
They can maximize them from the get-go. It’s precisely for this reason that businesses should always opt for an OEM app when available: security, privacy, and transparency should never be compromised.
| Comparison Aspect | Standard MDM Solution | OEM Application |
|---|---|---|
| Scope of Control | Limited to what the base operating system | Provides extended features and deeper device control beyond the standard OS-level settings. |
| Feature Support for New Devices | Enterprises must wait for the MDM provider to add support for new OEM device features, leading to delays. | Support is immediate. Because the OEM operates its own app, clients can use new features without delay. |
| Deployment & Speed | Subject to delays while waiting for feature support, which can be inefficient. | Offers a major advantage of speed. |
Part III. Implementing OEM Application with MDM Platform
Although there are many OEM applications, they are all implemented in a similar manner thanks to standardization via Android Enterprise. Every OEM follows this protocol by which they map their device-specific features onto the schema of OEMConfig. IT admins thus get a convenient interface through which to manage all their different hardware.
Implementing an OEM app with an MDM is simple and no different in principle from deploying another app. Let’s use Samsung KSP as an example.
- Step 1.Log into MDM
- The IT admin must log into their MDM and proceed to their Managed Google Play Store.
- Step 2.Search OEM App on Google Play Store
- After choosing Add App, the IT admin must search for and then select Samsung Knox OEM.
- Step 3.Release App
- As with other apps, IT admins can choose between a test release and a formal release.
- Step 4.Configurations
- From there, the IT admin can then configure custom settings for Samsung devices, such as higher level apps or NFC policies.
- Step 5.Apply
- After configuring settings, the IT admin can decide to roll them out company-wide or to specific groups in the Managed Google Play Store.
Part IV. Case Studies
OEM apps can transform various industries.
Zebra OEM App
Zebra is an OEM that manufactures mobile computers, tablets, and scanners. Zebra’s OEM app is Zebra OEMConfig.
A leading lifestyle retailer in Indonesia, Gramedia, used Zebra’s kiosks to improve the checkout experience. These kiosks had RFID scanners, which were exactly the type of custom hardware that OEMConfig can exert control over. Through this deployment, Zebra was able to increase inventory count speed and accuracy by 50%.
As seen in this example, OEM apps are particularly useful where businesses have unique hardware that cannot be monitored and managed by an MDM alone. With an OEM app, the business can exert full operational control over one of the most important customer touchpoints: payments.
Samsung OEM App
Although Samsung may be best known for its phones and tablets, the manufacturer also produces notable rugged devices —durable electronics designed for the field. Samsung’s OEM for its rugged devices is the Knox Service Plugin.
With this OEM app, businesses can better protect devices in the most challenging of field environments. One example is agriculture. With an MDM, agricultural workers can have their rugged devices remotely fixed by an off-site colleague, ensuring no downtime.
The OEM app can also protect the device from malware that could affect its uptime. The IT manager would simply need to configure the advanced settings enabled by the Knox Service Plugin, related to advanced network settings, connection restrictions, and other parameters, to their most conservative settings.
This combination reflects how an MDM is strong, but will always be even stronger in tandem with an OEM app.
Part V. FAQs
Leave a Reply.