The number of mobile devices in use in companies has grown rapidly and continues to grow every year. Mobile devices such as phones, tablets and laptops have become essential tools in the modern workplace. Mobile devices help increase flexibility and productivity. However, if their use is not systematic, they can cause various inconveniences. Lack of control and visibility of mobile endpoints and non-standard ways of managing and using these devices can hinder productivity and cause security risks.
Mobile device management (MDM) is a great tool for creating secure enterprise mobility. In this article, you will find all the basic facts you need to know about MDM:
What is MDM?
How does it work?
Most important features
Managing different devices
What is the best MDM software?
What is mobile device management?
MDM refers to the management of mobile endpoints such as smartphones, tablets and laptops as part of the broader scope of Enterprise Mobility Management (EMM). It’s the process of managing the entire lifecycle of mobile devices used in the workplace.
MDM, EMM or UEM?
All 3 terms are used within mobile device management today. Therefore, it can be difficult to grasp the terminology.
The boom in the use of mobile devices within companies started in 2000. However, it took about 10 years before the first mobile device management solutions came to market and MDM became a commonly used term. Over the years, management capabilities continued to improve, and companies were gradually able to manage the entire device lifecycle with a single solution that could handle device inventory, manage configurations and delete remotely.
However, companies have begun to place increasingly complex demands on mobility and device management. Enterprise Mobility Management (EMM) has therefore become a new industry term. It encompasses a full suite of mobility management solutions including application, content and identity management. In contrast, MDM deals exclusively with mobile devices and their security.
Because EMM was explicitly designed to manage applications and content on devices, it was not suitable for Windows and Mac management. So, after a while, Unified Endpoint Management (UEM) was born, combining EMM and PC management into one solution.
Today, all three concepts are used in mobile device management. However, MDM is the most widely used among users, which is why we mostly use this acronym.
How do MDM solutions work?
Mobile device management software typically runs either on-premise or in the cloud. IT administrators, or the company providing the MDM solution as a service, work with an MDM management console to remotely configure and manage devices. All devices must first register in the software. They do this via manufacturer-specific registration programs (Apple, Google, Samsung, Microsoft, etc.) or manually add the device via a token, QR code, NFC, email or SMS.
Administrators of the console send configurations and applications to mobile devices wirelessly (OTA). Technically, the MDM server (software) sends a series of commands that reach the device via programming interfaces (APIs) built into the operating system.
The MDM software sends a set of commands that are applied to the device through application programming interfaces (APIs) built into the operating system.
Some vendors offer MDM in both cloud-based software-as-a-service (SaaS) as well as on-premise models. Implementations of SaaS solutions are typically faster and more cost-effective because they do not require additional hardware. In addition, on-premises solutions require the management, monitoring, maintenance and updates that tend to be included in SaaS solutions.
Benefits of using MDM software
While mobile devices help increase efficiency and flexibility, the large number of devices and their use outside the office can cause some problems for the IT team, especially when employees are using different operating systems and device models.
Regardless of the size of your company, MDM provides undeniable benefits. It reduces support costs, increases employee productivity and strengthens data security.
As a result, many organizations rely on MDM tools to bring flexibility to both the IT department and end users. With MDM, IT administrators can securely manage all devices from a single portal, while employees can choose the devices they prefer to use.
Here are a few reasons why investing in MDM pays off:
1. Control over all corporate mobile devices
When a wide variety of devices and operating systems are in use, it can be difficult to keep track of them and implement consistent processes to manage them. With MDM, organisations have better visibility of their devices as the software extracts valuable data from managed devices. IT teams know which devices are in use and what their security levels are and can then more easily manage any security risks.
MDM also provides full control over device usage and its entire lifecycle. IT administrators can remotely configure devices and handle updates and device replacements in a timely manner. And when an employee leaves the company, all information can be easily wiped from the device and it can be reassigned to a new person.
2. Data and device security
Unmanaged mobile devices pose various security risks. While PCs and laptops usually have malware protection pre-installed, tablets and mobile phones are more vulnerable to cyber-attacks. MDM offers an effective way to protect devices and data, as well as comply with applicable protection regulations such as GDPR, HIPAA, ELD or CJIS.
Data and device security can be ensured through multiple configuration profiles and restriction options. The use of certain device or application features can be disabled, and strong passcodes can also be enforced on devices. If the same device is used for work and leisure, secure containers can be used to separate the user’s personal data from work data. With these encrypted containers, companies secure data from leaks to third parties.
3. Increased productivity and lower costs
With MDM, organizations efficiently manage every point in equipment lifecycles. Their registration and configuration are automated from a single platform. This helps save time and, ultimately, money.
Automation can provide valuable benefits, especially if you are managing multiple devices. Human error is reduced, and devices can be set up up to 30 minutes faster. For small and medium-sized organizations, MDM provides a great solution without a large investment or the need to hire an in-house IT specialist. MDM also makes it easy to enable BYOD/CYOD policies.
Additionally, MDM helps increase employee productivity because they don’t have to spend time setting up the device itself or visiting the IT department. Instead, they get pre-configured devices and access to the data and applications they need from the first moment.
The most important features of MDM
The features and supported operating systems vary widely between MDM tools. Typically, you can view device inventory, secure devices and data, manage applications and configurations, enforce standardized policies, and remotely update software. Some solutions even provide identity, access and cost management.
When choosing MDM software, it’s a good idea to compare different options to make sure you find the right one for your organization’s needs. Here’s an overview of the seven most common MDM features:
The MDM software collects various pieces of information about the hardware and software on devices. This helps to keep track of company-owned and BYOD devices. For example, you can view ownership information, installed configurations and applications, warranty and security status, or the current location, among other features.
Restrictions and configurations
One of the most significant benefits of MDM is the ability to remotely configure devices. With a variety of configuration and restriction options, you can easily ensure security and compliance as well as provide employees with the tools they need. MDM allows you to install all the necessary settings (e.g. VPN, Wi-Fi) and set restrictions on usage (e.g. Single-App Kiosk mode).
Manage apps and content
To be productive, employees need easy access to the right applications and files. With MDM, companies can centrally manage all mobile content and keep apps up-to-date. Apps can also be added to or removed from a device’s allowed/disallowed list.
Device and data security
Various security actions can be taken to secure devices and sensitive data. For example, MDM allows you to enforce disk encryption, use strong passcodes, and create secure containers that separate company data from personal data. If a device is lost, it can be traced and wiped remotely.
Enforcement of principles
Unified policies for all facilities help standardize their management, ultimately increasing efficiency and making it easier to comply with applicable regulations. With different policies, it is possible to predetermine which configurations, restrictions and applications are to be installed and thus implement the policies at once.
If you manage multiple devices, automation comes in handy. Most MDM solutions support automated enrolment through Apple Business Manager / Apple School Manager, Android Zero-Touch Enrolment, or Samsung Knox Mobile Enrolment. When these programs are connected to your mobile device management software, you can also automatically deploy any necessary settings and apps.
With MDM, the equipment can be updated and serviced remotely. This means, among other things, that employees do not have to visit the IT department in person. This saves a significant amount of time. All updates and configurations, diagnostics and troubleshooting are performed wirelessly.
Manage different devices with MDM
Mobile device management solutions primarily support the management of smartphones and tablets. However, you can also find ones that allow you to manage laptops, desktops and more, such as printers and POS devices, on the same portal.
Supported operating systems vary between MDM solutions. Some vendors specialize in Apple or Android devices, while others support a more diverse mix of devices and operating systems, including Windows, Chromebook, and Linux.
Solutions that offer support for multiple platforms are often referred to as EMM or UEM. They are a great option if you want to centrally manage all of your devices without working on multiple systems.
Mobile device manufacturers typically have their own special programs to register and manage them. You can usually add them to your MDM software.
Here’s an overview of the programs offered by Apple, Android and Windows:
iPhone, iPad and Mac device management
Whether you’re managing iOS, iPadOS, or macOS devices, you’ll probably come across Apple Business Manager and Apple School Manager. These include Device Enrolment (formerly known as DEP) and Volume Purchase Program (VPP). These are Apple’s web portals where IT administrators can enrol their Apple devices and manage applications and licenses through VPP.
Android Device Management
To automate the enrolment of Android smartphones and tablets, you can use Android Zero Touch and Samsung Knox Mobile Enrolment (for Samsung devices), which are integrated device management platforms. Organizations can use the managed Google Play store to manage software licenses and install apps.
Windows Device Management
Azure Active Directory is Microsoft’s identity and access management platform that organizations can use to give their employees seamless access to all the applications they need. It’s also useful for automating Windows device enrolments by connecting Azure AD to MDM software and adding Azure AD workstations to managed device accounts.
MDM use cases
The use of mobile devices in an office environment is just one example of their diverse applications. Today, mobile devices are often used as POS terminals and information screens. They have also become invaluable tools in telemedicine, logistics and education. Here are some examples of the benefits mobile device management brings to various industries.
Healthcare and telemedicine
The rise of home health aides and remote patient monitoring has created a need for reliable and secure mobile device management. Since mobile devices are often used to store and handle highly sensitive patient data, MDM helps healthcare organizations secure their devices and data as well as comply with industry regulations such as HIPAA. MDM also makes it easier to commission devices and configure them according to company policies.
Transportation and Logistics
Smartphones and tablets help with a variety of supply chain tasks. Specifically, to access custom apps, scan barcodes, locate deliveries, send notifications or perform quality control. With MDM, transport and logistics companies can register devices in minutes and ensure that they always work correctly. And when functions need to be limited, devices can be switched to Single App Kiosk mode. MDM also helps achieve regulatory compliance.
Schools and other educational institutions are gradually adopting tablet and laptop-based teaching methods. This is because they facilitate teaching and learning, and not only in the sense of enabling distance learning. However, before using them, everything needs to be configured correctly and all the basic applications need to be installed. With mobile device management, an IT administrator can remotely configure an entire fleet of devices and set restrictions on their use (for example, adding malicious apps to a blacklist or blocking access to specific websites). Some MDM vendors also offer flexible licensing, making these solutions suitable for every budget.
Retail and service industry
Mobile devices are also widely used in the retail and service industries. They serve as POS terminals, information screens and self-service checkouts. Tablets can be used in restaurants to order food or view seating charts. If the devices have multiple users, they can be made safe to use by switching to Single-App Kiosk mode or setting additional restrictions. Devices can also be customized with wallpapers, achieving a consistent brand experience.
Governments must adhere to even stricter security standards than large corporations. Security of equipment and sensitive data is paramount. MDM helps public sector organizations comply with regulations and increase operational efficiency with automation tools.
MDM for small businesses
Cloud-based MDM tools are an excellent choice for small and medium-sized businesses (SMBs). They help them monitor and manage their fleet of devices remotely, without the need to hire an in-house IT specialist. The ability to manage devices through a single portal increases efficiency and makes it easier to manage security risks.
Various IT service providers
Mobile device management helps service providers create automated, secure and legally compliant processes that enable seamless IT services. In one centralized MDM portal, IT service providers can view all their customers’ devices and proactively manage them. For customers, this means, among other things, faster device setup and less time spent on the phone with IT.
What is the best MDM software for you?
The number of devices and how they are used determines the requirements for device management software. Although some MDM tools have gained popularity, there is no one solution that perfectly suits every organisation. To help you choose the right software for your company, we’ve created the checklist below, allowing you to compare different platforms:
1. Supported operating systems
The most important thing when choosing MDM software is to ensure that it supports the devices and operating systems used in your organization. Some solutions only support a specific operating system, while others allow you to manage multiple. By incorporating multiple platforms, businesses can manage all their devices using the same software and employees can more freely choose the devices they want to use.
2. Functional requirements
Companies looking for their first MDM software usually want a simple inventory of devices to track them. In addition, they consider basic configuration options and restrictions such as email account and Wi-Fi/VPN settings, password enforcement, and disk encryption to be essential. Automated device registration and remote software updates are also usually necessary as the number of manageable devices grows. Therefore, compare different vendors and supported features for each operating system. This is the only way to find the right one for your needs.
3. On-premise or cloud
Most MDM solutions are cloud-based. You can get started seamlessly without investing in additional hardware. Cloud-based solutions also provide scalability, which means you can sign up more devices and upgrade your plan with additional features as your business grows. However, if your company prefers to run the MDM system in its own data centre, which sometimes happens in highly regulated industries, on-premise and hybrid solutions are available.
In most cases, cloud-based MDM is an excellent choice because on-premise solutions require a dedicated person to handle implementation, monitoring, maintenance and updates. The solution also doesn’t even need to be as scalable as SaaS.
If you are new to device management, choosing a solution with a user-friendly interface will make it easier to implement. There may be more features you don’t need, so a complicated solution can be confusing and negatively impact usability. Don’t hesitate to look for reviews online to help in making the decision. Different MDM tools tend to be rated differently.
Finances are usually one of the biggest factors when choosing MDM software. Fortunately, you can find vendors that offer great features at an affordable price. They also have different plan options, allowing you to scale up or down if needed. The most expensive option may not be the best for your organization’s needs. However, with highly specific functionality requirements, betting on the big players tends to be desirable.
Some of the better known MDM solutions:
- Addigy (Apple only)
- Citrix Endpoint Management
- Cisco Meraki
- IBM MaaS360
- Jamf Pro (Apple only)
- Microsoft Intune
- Quest KACE
- Scalefusion (formerly known as MobiLock)
- SimpleMDM (Apple only)
- Sophos Mobile
- SOTI MobiControl
- VMware Workspace ONE (formerly AirWatch)
How can DATASYS and Miradore help?
Miradore is a cloud-based MDM/UEM software that makes it easy to manage a diverse mix of Android, Windows, iOS and macOS devices. Its functionality is also appreciated by those who are new to mobile device management. We’ll create a web-based control interface in a day and you can start managing your devices in no time, or we can offer the entire solution as a simple service. The lengthy purchasing process or the need to install software on servers is eliminated.
Since Miradore is our favourite, here are some examples of what it can be used for:
Device and data security
Miradore’s features make it easy to secure devices and data. You can enforce the use of passcodes, encrypt devices and even create a secure container for work data. In the event that a device is lost, you can lock and wipe it remotely.
Device settings and limitations
Managing device settings and restrictions is easy with configuration profiles that you can save and deploy. For example, you can set up Wi-Fi, data roaming or email, or restrict the use of specific apps, content, services and features.
Managing apps puts the right software in the hands of users. You can deploy, remove and add to a blacklist or list of allowed apps and manage software licenses.
Dashboard and reports
You can easily view device-related data through the Miradore dashboard and reports. The dashboard provides a quick overview of all managed devices, but also allows you to create custom reports that provide deeper insight into specific data.
Automate manual tasks
By automating various manual tasks such as device registration and configuration, you save time.
We are happy to demonstrate all supported features. We also offer a free trial version. Alternatively, we offer the entire mobile device management solution as a service, so that you can just focus on your business.