MDM: Introduction to Mobile Device Management
The use of mobile devices in the professional environment is steadily increasing. This creates new challenges for companies in terms of integration, security and data protection. Mobile device management offers a simple way to create transparency and control in the use of mobile devices.
What does MDM mean?
The abbreviation MDM stands for Mobile Device Management. Mobile device management is the central administration of mobile devices such as laptops, smartphones or tablets. The corresponding MDM software provides a wide range of functions for inventorying, configuring, managing and protecting mobile devices, which can be applied to all registered devices.
Excursus: MDM vs. EMM vs. UEM?
MDM originally referred only to the management of mobile devices. In addition, MAM (Mobile Application Management) for managing the applications on the devices and MCM (Mobile Content Management), which was used to regulate access to the respective resources, were further individual solutions. Enterprise Mobility Management aimed at merging these separate solutions.
EMM only referred to the area of mobile devices. However, the need to manage other devices and systems within an organisation via a common solution quickly grew. This need led to the development of unified endpoint management solutions that could also manage other devices such as desktop computers, printers or POS systems via one solution.
Reasons for using an MDM solution
In many companies, hybrid work is the new working norm of the future. The use of mobile devices is increasing. Depending on the chosen mobile device strategy in the company, a multitude of different devices with different operating systems must be integrated and managed.
Mobile Device Management offers a simple, scalable and easy-to-use way to integrate a large number of devices into the company and manage them centrally. This leads to enormous cost and time savings for the often very scarce IT resources in the company. At the same time, MDM can be used to minimise security risks and implement data protection guidelines in an uncomplicated manner.
How does Mobile Device Management work?
The underlying principle is the same for every MDM solution, even if the way it works differs slightly depending on the provider.
- In order to be able to manage end devices via the MDM console, they must first be registered in the system. Most device manufacturers already offer solutions for adding new devices automatically.
- In order for the MDM software to be able to communicate with the mobile devices, special software, a so-called agent, is required on the side of the end device.
All the desired settings are made via the console of the MDM software. - The configuration instructions are then sent from the MDM server to the mobile device via wireless networks and API interfaces.
- If the agent receives new instructions, these are carried out directly on the device.
Most MDM solutions provide endpoint agents for the respective operating systems such as Windows, Linux, iOS, Android and others. In this way, a wide variety of device types can be managed via a single system.
What possibilities does an MDM solution offer me?
The settings can be applied to individual devices or device groups (e.g. by department, management level or similar). Although the range of functions of the individual solutions can vary in detail, most of the following options can be found with most providers.
Equipment inventory
MDM solutions greatly simplify device inventory. The MDM software continuously collects important information about the registered devices. This includes:
- General unit information
- Current location
- Installed apps
- Guarantee status
Configuration
Using MDM, devices can be easily set up remotely to meet data security and compliance, such as:
- Control access to networks (VPN, wireless networks, ...)
- Block device functions such as camera
Software & Content Management
All applications on the devices can be managed. With just a few clicks
- Defines which apps must be installed on each device.
- regulates which software can be installed or not installed (white & blacklisting)
- Software brought up to date
- Software removed from the unit
Device safety
Numerous security settings can be made for the greatest possible protection of the devices against unauthorised access, among others:
- Encryption of data on hard disks
- Define minimum strength for passwords
- Create different device containers to separate private and professional data
Management of different terminals
MDM solutions were originally designed to manage smartphones, later also tablets. Many providers were therefore specialised in individual operating systems such as iOS or Android. As mobile device management became more widespread, the need for centralised management of different types of devices grew. As a result, the range of functions of the solutions offered increased, so that today a wide range of different devices and systems can be managed via a single software.
Separate from the MDM solutions, the device manufacturers have their own programmes to register the devices in the MDM solution.
Apple
The portals Apple Business Manager and Apple School Manager are used for the enrolment of Apple devices. The web portals can be used to include iOS, iPadOS and macOS devices in the administration and to manage apps and licences.
Android
Android Zero Touch and Samsung Knox Mobile (for Samsung devices) are available for the enrolment of Android devices. Software and licences are managed via the Managed Google Play Store.
Windows
Companies organise their employees' access to all important applications via Azure Active Directory. It can also be used to automatically add Windows devices to the respective MDM solution.
Which MDM solution is suitable for my company?
As is so often the case, a blanket answer to this question cannot be given. Rather, the individual choice depends on a number of factors
- How many devices must be able to be managed?
- Is it one type of unit or numerous different ones?
- How and for what are the devices used?
Before deciding on an MDM solution, attention should therefore be paid to the following points:
1. supported operating systems
Not every MDM solution supports every operating system. To find a suitable MDM software, it is important to have a clear picture of the devices used or to be used in the company. This ensures that all devices can be managed via a single system.
2. supported functions
3. on-premise or cloud
Most MDM solutions today run conveniently in the cloud and are thus accessible from anywhere. The resulting ease of scalability is especially important for fast-growing companies. Depending on the business sector, such a cloud service may not be desired, for example for security reasons in highly regulated areas. So-called on-premise, i.e. self-hosted solutions, are available for this.
4. available budget
The available budget is a limiting factor in most companies. For comparatively low costs, various providers now offer a wide range of functions. In addition, in many cases there are different payment plans that allow for easy scalability.
Examples of MDM solutions
There are numerous providers on the market for MDM solutions. Among the best known are:
- Citrix Endpoint Management
- IBM MaaS360
- Jamf
- Microsoft Intune
- Sophos Mobile
- VMWare Workspace ONE
How can Lendis support you?
As part of our Device as a Service offer, companies receive a turnkey solution for equipping employees with mobile devices. In addition to the provision of high-quality technology, the implementation of a suitable mobile device management solution is an essential part of this solution.
Mobile Device Management solutions from Lendis