What is mobile device management (MDM)?

Brock Bingham headshot
Brock Bingham|March 9, 2022
General IT Article 2 Background
General IT Article 2 Background

Mobile device management, or MDM, is the management and monitoring of notebooks, tablets, smartphones, and other mobile devices, often using a third-party dedicated management platform. MDM platforms are designed to ensure users can access company resources, such as corporate data and authorized applications, while protecting sensitive data from security threats in a mobile environment.

The term mobile device management has been floating around the IT sector for a long time. However, newer terms, such as enterprise mobility management (EMM) and unified endpoint management (UEM), have gained traction in recent years. While some argue that enterprise mobility management and unified endpoint management indicate different technologies and levels of management, the goal of MDM remains the same: supporting and managing remote devices and keeping organizational assets secure.

The rise of mobile devices

If you think about it, computers haven’t changed much in the past 30 years. Sure, most of our applications are cloud-driven these days, but the functionality remains the same. We check our email, browse the web, utilize applications, and so forth. What has drastically changed, though, is the form of our devices.

Each year, hardware manufacturers and talented engineers devise new ways to cram more power into smaller components. Smaller components mean smaller devices, such as ultrathin notebooks, tablets, and smartphones. Now, the workforce has become saturated with these ultra-portable devices.

According to Statista.com, smartphones sales have increased by over 1100% since 2007. Notebooks have consistently outsold traditional desktops worldwide since 2009, with a majority of sales belonging to slim profile notebooks, while desktop sales have declined year over year. Ultra-affordable Chromebooks have dominated the education industry, with a massive sales jump in 2020 and 2021, primarily attributed to the transition to at-home learning. With so many mobile devices flooding the market, sysadmins are left scrambling to manage them all. That’s where mobile device management comes in.

What does mobile device management do?

Mobile devices present challenges for IT departments. Unlike their non-mobile counterparts, which are almost always connected to a dedicated on-premise network, mobile devices tend to wander. One minute, they’re connected to a home network; the next, they’re connected to the Wi-Fi network of a coffee shop on the other side of the country. Regardless of where these devices end up, MDM software ensures that sysadmins can manage them.

Mobile device management platforms give administrators control of the devices they manage, no matter where they’re located. The ability to deploy apps, updates, security policies, and configuration changes remotely ensures users have the tools they need to succeed and administrators have the control necessary to protect their organization’s digital and physical assets.

Is mobile device management necessary?

If you’re a small organization with only a handful of mobile devices, then a dedicated mobile device management solution may not be necessary. However, even a small organization can have a pretty remote workforce. And it doesn’t take many mobile devices to overwhelm an under-resourced IT department.

Mobile devices are particularly susceptible to both physical and cyber risks. While malware, ransomware, and vulnerabilities are inherent risks to both mobile and non-mobile systems, mobile devices are in much greater jeopardy of loss and theft.

Additionally, mobile devices also risk connecting to compromised networks while off-premises. Considering the devastating impact a cyberattack or data leak can have on an organization, ensuring your IT department has the resources necessary to secure mobile devices properly is highly recommended.

What are the benefits and advantages of mobile device management?

While no two MDM software solutions offer identical features, most share similar attributes while striving to achieve a common objective. Here are some of the standard benefits and advantages of a mobile device management platform.

Remote management

Remote management is the primary focus of all mobile management platforms, including mobile device management platforms, enterprise mobility management platforms, and unified endpoint management platforms.

For years, organizations have been moving away from the standard in-office work environment and supporting a more mobile workforce. The pandemic kicked this transition into overdrive, making remote and work-from-home situations the new normal. It’s become increasingly common for companies to ship new devices straight from distributors to new hires without IT departments ever getting their hands on them. Maintaining administrative control over devices that may be thousands of miles away is essential and a significant component of mobile device management.

Powerful security controls

Cyber attacks are among the most significant threats currently facing organizations. Phishing campaigns continue to be very successful, while unpatched vulnerabilities are gaining popularity as an entry point for bad actors. Additionally, the skill ceiling required to deploy devastating cyber attacks has been lowered, and the payouts for successful attacks have increased, drawing in more bad actors than ever before.

MDM solutions feature robust security controls to help protect corporate data and assets and meet compliance certifications, such as SOC II. Security functionality includes deployment and configuration of security applications, password management, device encryption, device tracking, policy changes, remote locking, and more.

Bring your own device (BYOD)

Another trend becoming popular among companies is bring your own device (BYOD). BYOD is the practice of allowing users to access company resources using personally owned equipment. As you might imagine, BYOD presents unique security challenges for IT teams.
MDM provides the functionality necessary to enable organizations to allow personal devices access to corporate data and systems while ensuring company resources remain secure. MDM tools also ensure management remains separated between company and personal information.

Application deployments

One of the most widely used features of a mobile device management solution is remote application deployments. Remote deployments can often be configured according to schedules and policies, though they can also be initiated manually.

Some solutions provide a self-service portal that allows users to download the applications they need while restricting access to applications not relevant to their responsibilities.

Device tracking

Because of the mobile nature of portable devices, they have an unfortunate tendency to disappear. Theft and loss are much more common with mobile devices. The smaller the device, the easier it is to misplace. Tracking a device’s location is a valuable feature of MDM, though it’s no guarantee that a lost or stolen device can be recovered, which leads us to our next benefit of MDM, remotely locking and wiping devices.

Remote lock and wipe

Many mobile device management solutions provide remote locking and wipe functionality for those devices that have disappeared for good. While the loss of a device can be frustrating, the cost of an unauthorized user accessing company data is much greater than the cost of replacing a physical device. Remotely locking and wiping a device that has gone missing ensures the data stored on that device isn’t compromised.

Patch management

Staying on top of patch deployments can be difficult for IT teams. Without the right resources, sysadmins can quickly become overwhelmed by the sheer volume of updates and patches that are regularly released. MDM solutions ensure administrators have the tools they need to get operating system and application patches distributed quickly, even to remote devices. MDM also controls when patches will be applied, allowing IT time to test and ensure compatibility before patches are distributed to their general user base.

What do MDMs have access to?

Sysadmins require detailed system information to accurately manage remote devices, including hardware, software, and user data. Serial numbers, hardware details, makes and models, storage info, app data, versioning information, applied policies, and more are all data points you can expect an MDM platform to access and store automatically.

It’s important to note that MDM systems don’t provide this level of detailed information on devices enrolled via BYOD or user enrollment. Devices enrolled via these methods often only provide access to data that has been granted to the device by the organization, such as authorized apps and corporate data.

Can MDMs track browsing history?

The short answer is no, MDMs cannot track browsing history. The longer answer is still no, but with some things to consider.

It may seem like a surprise to some, but manufacturers take user privacy pretty seriously — at least more seriously than some social media platforms that shall not be named.

Simply put, MDM platforms aren’t designed to track browsing history, and device manufacturers strive to protect user privacy. However, that doesn’t mean your IT department can’t find other means to collect this kind of data.

It’s also important to remember that if you are using your company’s network or VPN to access the web, it’s safe to assume they can track all of the traffic that flows through their network.

How does MDM differ between iOS and Android?

Apple devices and Android devices have always had fundamental design philosophy differences. Apple has established a well-controlled (locked down) device ecosystem with its iOS devices. On the other hand, Google gives device manufacturers a lot of flexibility on both hardware and software design decisions, including MDM implementation protocols. This freedom allows for greater user choice and flexibility on Android devices, though it could also lead to ecosystem fragmentation.

Which ecosystem is right for your organization is not a decision to take lightly. Often, it’s a combination of both to ensure your users have the tools they need to get the job done.

How do you set up mobile device management for your company?

Configuring an MDM solution for your organization varies depending on the platform you decide to go with. Some solutions are entirely cloud-based and can be set up with basic MDM functionality in minutes. Others call for a dedicated MDM server, requiring a bit more configuration.

Regardless of the solution you choose, it’s essential to test the product thoroughly before deploying it to your production environment. When you’re ready to start enrolling devices, begin with a small test group and expand from there. In no time, you’ll be managing your entire fleet from a centralized console, effortlessly distributing apps and policies to devices around the world.

Which MDM solution is right for your organization?

There are many robust mobile device management solutions on the market today. However, consider your requirements before deciding which platform is suitable for your environment.

  • What devices do you support?

  • What functionality do you need?

  • How many resources do you have to support the platform?

  • What security features are important to you and your users?

  • Is automation an important factor for choosing a device management platform?

These are just a few of the questions you should consider before comparing MDM solutions. Once you’ve narrowed down your choices, demo a few different products. Most vendors offer free trials of their products, which is a great way to get to know the ins and outs of a platform.

While you ultimately have to decide which platform is right for you and your environment, we can tell you that if you’re looking for a feature-rich macOS and iOS MDM solution with an easy-to-use interface, SimpleMDM has you covered. With a hosted Munki integration, user enrollment support, pre-built and custom profiles, 2FA, device tracking with remote lock and wipe functionality, SAML integration, forceful device unlocking, automated device enrollment, and much more, SimpleMDM offers the perfect balance of simplicity and robust configuration options. Go ahead and see for yourself. With a 30-day free trial, you’ll have plenty of time to discover why IT teams around the world are joining the SimpleMDM family.

Brock Bingham headshot
Brock Bingham

Born in the '80s and raised by his NES, Brock quickly fell in love with everything tech. With over 15 years of IT experience, Brock now enjoys the life of luxury as a renowned tech blogger and receiver of many Dundie Awards. In his free time, Brock enjoys adventuring with his wife, kids, and dogs, while dreaming of retirement.

Related articles