In early 2000, the use of mobile devices started to increase in businesses. Since then, it has been steadily growing, and mobile devices have become essential tools in today’s modern workplaces.
Mobile devices help increase flexibility and productivity, but when unmanaged, they can pose various challenges to organizations. The lack of control and visibility over mobile endpoints and non-standardized ways of managing these devices can cause inefficiencies and security risks.
Mobile Device Management (MDM) is a great way to create the foundation for secure enterprise mobility, and in this article, we cover all the essential things you need to know about MDM:
What is MDM?
MDM is an abbreviation of Mobile Device Management and refers to the administration of mobile endpoints, such as smartphones, tablets, and laptops, as part of the broader scope of Enterprise Mobility Management (EMM). It is the process of managing the entire lifecycle of mobile devices used in the workplace.
Mobile Device Management is implemented through MDM software with suitable management features for one or more operating systems. With MDM software, companies can monitor, manage, and secure their mobile devices to ensure device performance and the safe use of devices.
MDM, EMM, or UEM?
Today, all three terms, MDM, EMM, and UEM, are used when talking about mobile device management. Thus, getting the hang of the terminology can be difficult.
In early 2000, the use of mobile devices for corporate use started to boom. However, it took about ten years before the first mobile device management solutions were launched and Mobile Device Management (MDM) became a commonly used term. Over the years, the management capabilities improved, and companies could manage the entire device lifecycle with a single solution, including device inventory, configuration management, and remote wipe.
Gradually, companies began to have more complex mobility and device management requirements and Enterprise Mobility Management (EMM) emerged as a new industry term. EMM covers the entire suite of mobility management solutions, including application, content, and identity management, whereas MDM focuses solely on mobile devices and their security.
As EMM was explicitly designed for managing the apps and content on mobile devices, it was not suitable for Windows and Mac management. After a while, Unified Endpoint Management (UEM), which combines EMM and PC management into one solution, was born.
Today, all three terms, MDM, EMM, and UEM, are used when talking about mobile device management. Thus, getting the hang of the terminology can be difficult. However, among end-users, MDM is still the most used, even when talking about EMM or UEM solutions, and therefore, we chose to use the term “MDM” in this blog post as well.
How do MDM solutions work?
Mobile Device Management software typically runs either on-premise or in the cloud. Through MDM’s management console, IT admins can remotely configure and manage devices. But before that, devices need to be enrolled in the MDM software, or in other words, the MDM server. This can be done through vendor-specific enrollment programs that Apple, Google, Samsung, and Microsoft offer, or by adding devices manually with a token, QR code, or NFC, or via email/SMS.
IT admins can use the management console to push configurations and applications to mobile devices over the air (OTA). Technically speaking, the MDM server (software) sends out a set of commands that are applied to devices through application programming interfaces (APIs) built in the operating system.
MDM software sends out a set of commands that are applied to devices through application programming interfaces (APIs) built in the operating system.
Some MDM vendors offer both cloud-based Software-as-a-Service (SaaS) and on-premise models. However, SaaS solutions are typically quicker and more cost-efficient to implement as they don’t require additional hardware. Furthermore, on-premise solutions require management, monitoring, maintenance, and updates, which all come included in SaaS solutions.
Benefits of using MDM software
While mobile devices help increase efficiency and flexibility, a large number of devices and their use outside the office can sometimes cause challenges for the IT team — especially when employees are using various operating systems and device models.
No matter what size of the company you have, MDM provides indisputable benefits, including reduced support costs, increased employee productivity, and data security.
Therefore, many organizations rely on MDM tools that bring flexibility to both the IT department and end-users. With MDM, IT admins can securely manage all devices from a single portal, while employees can choose the devices they prefer to use.
No matter what size of the company you have, MDM provides indisputable benefits, including reduced support costs, increased employee productivity, and data security. Here are a few reasons why you should invest in MDM:
1. Control over all corporate mobile devices
When a wide range of devices and operating systems are in use, it can be hard to keep track of them and establish unified device management processes. With MDM, organizations have better visibility over their devices as the software pulls valuable data from managed devices. IT teams know which devices are in use and what’s their security level and organizations can more easily manage security risks.
MDM also gives full control over the use of devices and the entire device lifecycle. IT admins can configure devices remotely and handle updates and device replacements on time. And when an employee leaves the company, all business-related information can be wiped from the device, and the device can be assigned to a new employee.
2. Data and device security
Unmanaged mobile devices pose various cybersecurity risks. Whereas PCs and laptops typically have pre-installed malware protection in them, tablets and mobile phones are more vulnerable to cyber-attacks. MDM offers an effective way to safeguard devices and data and stay compliant with prevailing data protection regulations, such as GDPR, HIPAA, ELD, and CJIS.
Data and device security can be ensured with several configurations and restriction options. The use of certain device functionalities or apps can be prohibited, and the use of strong passcodes can be enforced on devices. And in case the same device is used both at work and in the free time, the user’s personal data can be separated from work data with secure containers. With these encrypted containers, companies can ensure that sensitive data does not leak to third parties, for example, through instant messaging apps.
3. Increased productivity and lower costs
With MDM, organizations can manage every step of device management efficiently from a single platform and automate device enrollments and configurations, which helps save time and, ultimately, money.
Especially if you’re managing multiple devices, automation can bring valuable benefits: human errors decrease, and devices can be setup up to 30 minutes faster. For small and medium-sized organizations, MDM provides a great way to secure devices without huge investments or the need to hire an in-house IT specialist. MDM also makes it easier to allow for BYOD/CYOD policies.
Furthermore, MDM helps increase employee productivity when end-users don’t have to waste time setting up devices themselves or visit the IT department. Instead, they get pre-configured devices and access to necessary data and applications from day one.
Most essential MDM features
Features and supported operating systems vary a lot between different MDM tools. Typically, you can view your device inventory, secure devices and data, manage apps and configurations, enforce standardized device policies, and update software remotely. Some solutions even provide identity, access, and expense management.
When choosing an MDM software, it’s good to compare different options to make sure that you find the right one for your organization’s needs. Here’s an overview of the seven most common MDM capabilities:
MDM software collects various hardware and software information on devices, which helps companies monitor and track company-owned and BYOD devices. You can, for example, view ownership information, installed configurations and applications, warranty and security status, and current location, among other data.
Restrictions and configurations
One of the most significant benefits of MDM is the possibility to configure devices remotely. With different configuration and restriction possibilities, organizations can easily ensure data security and compliance, and provide employees with the tools they need. MDM makes it possible to install all necessary settings (e.g., VPN, Wi-Fi) to devices and set restrictions for device usage (e.g., Single-App Kiosk mode).
Application and content management
To be productive, employees need to have easy access to the right applications and files. With MDM, companies can manage all mobile content centrally and keep applications updated. Apps can also be whitelisted/blacklisted or removed from the device.
Device and data security
Various security actions can be taken to safeguard both the device and the sensitive data in it. MDM allows companies to, for example, enforce disk encryption and the use of strong passcodes and create secure containers that separate company data from personal data. And in case a device gets lost, it can be tracked and wiped remotely.
Unified device policies help companies standardize device management, and ultimately increase efficiency and stay compliant with prevailing regulations. With different policies, companies can pre-determine which configurations, restrictions, and applications should be installed on devices, and mass-deploy these policies to a group of devices.
When a company is managing multiple devices, automation comes in handy. Most MDM solutions support automated device enrollments through Apple Business Manager / Apple School Manager, Android Zero-Touch Enrollment, or Samsung Knox Mobile Enrollment. And when these built-in programs are connected to a mobile device management software, companies can use MDM to deploy all necessary settings and applications to devices automatically with business policies.
With MDM, devices can be updated and serviced remotely, which means that employees don’t have to visit the IT department in person. Companies can save a significant amount of time as all software updates and configurations, device diagnostics, and troubleshooting can be done over the air.
Managing different devices with MDM
Mobile device management solutions primarily support the management of smartphones and tablets. You can also find solutions that enable you to manage laptops, desktops, and other devices, such as printers and POS devices, from the same portal.
Supported operating systems vary between MDM solutions. Some vendors specialize in Apple or Android devices, while some support a more diverse mix of devices and operating systems, including Windows, Chromebook, and Linux.
Solutions that offer multi-platform support are often referred to as EMM or UEM. They’re a great option if you want to manage all your devices centrally without having to depend on multiple systems.
Regardless of the mobile device management software you choose, device manufacturers have their own special device enrollment and management programs that you can connect to your MDM software. Here’s a summary of the programs that Apple, Android, and Windows offer:
iPhone, iPad, and Mac management
Whether you’re managing iOS, iPadOS, and macOS devices, you will come across Apple Business Manager and Apple School Manager that include Device Enrollment (formerly known as DEP) and Volume Purchase Program (VPP). Apple Business/School Manager is Apple’s web-portal, where IT admins can enroll their Apple devices and manage applications and licenses through VPP.
Android device management
To automate the enrollment of Android smartphones and tablets, you can utilize Android Zero Touch and Samsung Knox Mobile Enrollment (for Samsung devices) that are both built-in device management platforms. For managing software licenses and app installations, organizations can use the Managed Google Play Store.
Windows device management
Azure Active Directory is Microsoft’s identity and access management platform, which organizations can use to provide their employees with seamless access to all necessary apps. It can also be used for automating Windows device enrollments by connecting Azure AD to an MDM software and adding an Azure AD workplace accounts to managed devices.
MDM use cases
Using mobile devices in an office environment is just one example of their diverse use. Today, mobile devices are often used as point-of-sale (POS) terminals and info screens, and they have also become invaluable tools in telemedicine, logistics, and education. Here are some examples of how Mobile Device Management benefits various industries.
Healthcare and telemedicine
A surge in-home health aides and remote patient monitoring has fueled the need for reliable, secure mobile device management. As mobile devices are often used for storing and handling highly sensitive patient data, MDM helps healthcare organizations secure their devices and data and comply with industry regulations, like HIPAA. MDM also makes it easier to take devices into use and configure them according to company policies.
Transportation and logistics
Smartphones and tablets assist in various tasks throughout the entire supply chain: accessing custom applications, scanning bar codes, locating deliveries, sending notifications, and making quality controls. With MDM, transportation and logistics companies can enroll devices in minutes and ensure that they are always functioning correctly. And when there’s a need to restrict device functionalities, devices can be turned into Single App Kiosk mode. MDM also helps in becoming compliant with regulations, such as the U.S. congressionally mandated electronic logging device (ELD) rule.
Schools and other educational institutions are gradually adopting tablet-based teaching methods to facilitate teaching and learning. Tablets and laptops need to be correctly configured and have all the essential apps installed before they can be used in teaching. With Mobile Device Management, IT can configure the entire device fleet remotely and set restrictions for device usage, such as blacklist harmful applications or block access to specific websites. Some MDM vendors also offer flexible licensing, which makes those solutions suitable for every budget.
Retail and service industry
Mobile devices are widely used in the retail and service industry. They serve as point-of-sale (POS) terminals, info screens, and self-service checkouts. And in restaurants, tablets can be used for ordering food or viewing seating charts. When devices have multiple users, their secure use can be ensured by turning them into Single-App Kiosk mode or setting other device restrictions. Devices can also be customized with wallpapers to achieve a consistent brand experience.
Governments must often comply with even stricter security standards than big corporations and securing devices and sensitive data is paramount. MDM helps public-sector organizations comply with regulations and increase operational efficiency with automation tools.
MDM for small business
Cloud-based MDM tools are excellent options for small and medium-sized businesses (SMBs). They help SMBs to track their device fleet and manage devices remotely without the need to hire an in-house IT specialist. Being able to administer devices through a single portal increases efficiency and makes it easier to manage security risks.
Managed Service Providers
Mobile Device Management helps Managed Service Providers (MSPs) establish automated, secure, and legislation-compliant processes that enable seamless IT service. In one centralized MDM portal, IT service providers can view all their customers’ devices and manage them proactively. To customers, this means, among other things, faster device setups and less time spent on the phone with IT.
What is the best MDM solution for you?
The number of devices, and the way they are used, set requirements for device management software. Even though some MDM tools have gained popularity, there is no single solution that perfectly fits every organization. To help you choose the right software for your company, use the checklist below, and take your time to compare different platforms.
1. Supported operating systems
The most important thing when choosing an MDM software is to ensure that it supports the devices and operating systems used in your organization. Some solutions only support a specific operating system, while others enable the management of multiple OSs. With multi-platform support, businesses can manage all their devices with the same software, and employees can more freely choose the device they want to use.
2. Feature requirements
Companies who are looking for their first MDM solution typically want a simple device inventory to keep track of their devices. Additionally, basic configuration and restriction capabilities, such as email account and Wi-Fi/VPN settings, and passcode and drive encryption enforcement, are essential. Device enrollment automation and remote software updates typically become necessary as the number of manageable devices grows. Compare different vendors and supported features for each OS to find the right one for your needs.
3. On-premise or cloud
Most MDM solutions are cloud-based, and you can get started smoothly without investing in additional hardware. Cloud-based solutions also provide scalability, which means that you can enroll more devices as your business grows and upgrade your plan to take additional features into use. However, if your company prefers to run the MDM system in your own data center, which is sometimes the case in highly regulated industries, there are on-premise and hybrid solutions available.
In most cases, cloud-based MDM is an excellent option as on-premise solutions require a dedicated person who takes care of its implementation, monitoring, maintenance, and updates. Moreover, they might not always be as scalable as SaaS solutions.
If you are new to device management, choosing a solution with a user-friendly user interface facilitates its adoption. If there are multiple features that you don’t need, a large number of options can be confusing and affect the usability negatively. There are many review sites, such as G2 or Capterra, that you can browse to see how others rate different MDM tools and their user experience.
Budget is typically one of the biggest factors when choosing an MDM software. Luckily, you can find MDM vendors that offer great features at an affordable price, and different plan options that enable you to scale up and down when needed. The most expensive option is not always the best one for your organization’s needs, but if you require highly specific features, you might want to consider the biggest players in the market.
Some of the better-known MDM solutions
- Addigy (Apple only)
- Citrix Endpoint Management
- Cisco Meraki
- IBM MaaS360
- Jamf Pro (Apple only)
- Microsoft Intune
- Quest KACE
- Scalefusion (formerly known as MobiLock)
- SimpleMDM (Apple only)
- Sophos Mobile
- SOTI MobiControl
- VMware Workspace ONE (formerly known as AirWatch)
How can Miradore help?
Miradore is a cloud-based MDM/UEM software that makes it easy to manage a diverse mix of Android, Windows, iOS, and macOS devices, even if you’re new to MDM. You can create a site in minutes and start managing your devices the same day without a lengthy purchase process or the need to install the software on your company’s servers. Here are some examples of what you can do with Miradore MDM:
Device and data security
Miradore’s features enable you to ensure device and data security easily. You can enforce the use of passcodes, encrypt your devices, and create a secure container for work data. And in case a device gets lost, you can lock and wipe it remotely.
Device settings and restrictions
Managing device settings and restrictions is easy with configuration profiles that you can save and deploy to your devices. You can, for example, set devices’ Wi-Fi, data roaming, or email settings, and limit the use of specific applications, content, services, and device features.
Application management enables you to get the right software into the hands of device users. You can deploy, remove, and blacklist/whitelist applications, and manage software licenses.
Dashboard and reports
You can view device-related data easily through Miradore’s dashboard and reports. The dashboard gives you a quick overview of all the managed devices, but you can also create custom reports that allow you to dive deeper into specific data.
Automation of manual tasks
You can save time by automating various manual tasks, such as device enrollments and configurations. With Miradore’s business policies, you can define which settings and apps should be installed automatically on devices that meet certain conditions.