What Is Mobile Device Management (MDM)?

MDM or Mobile Device Management allows IT administrators to remotely control and secure mobile devices in their IT estate, such as smartphones and tablets. When it comes to asset management, mobile devices are usually a challenge due to the sheer number of them, their diversity, their mobility, and their generally closed-off nature. MDM software allows you to control mobile devices and their use when they are provisioned to users by applying software, processes, and security policies as well as keeping an inventory of all mobile devices.

Why Mobile Device Management?

A mobile device management tool not only manages the device inventory and provisioning but also applies processes and policies, to protect your mobile devices' data and applications, essentially taking care of mobile security from a device-centered approach.

Mobile devices are a diverse category, and they have their own operating systems, which are notoriously closed-off, creating a unique challenge for IT departments to include these devices in their wider asset management strategy. In order to guarantee network mobility and user flexibility (think BYOD) they still need to provide the same level of support, compliance, and security to end-users using their mobile devices as they would to users using classic workstations.

The rising popularity of MDM is down to a number of factors, but the most important one is without a doubt the ever-increasing importance of mobile devices in the workplace. They allow your user a level of mobility and flexibility that simply didn't exist until a couple of years ago. It allows for an easy remote working experience, using the cloud to access corporate data.

Over the last couple of years, the use of mobile devices within corporations has increased significantly, adding another layer of complexity to your IT estate. This has made many organizations scramble to put a mobile device management framework in place, to guarantee security and compliance for these transient devices. MDM allows them to deploy device configuration, software, apps, and corporate guidelines easily, from a centralized tool.

With the emergence of mobile devices in the professional work-sphere came concerns about security breaches taking advantage of these newly implemented mobile devices. As they aren't always directly accessible in the network, they are more likely to lack essential security updates and patches for apps and firmware. This makes them coveted targets for malware and hackers, also due to the large quantities of data that are stored and transferred on the device.

Recently, management practices for mobile devices are becoming more standardized, creating a need for tools to manage them. They need to secure and protect their data while still allowing their employees to access essential resources.

How Does Mobile Device Management Work?

Mobile device management software automatically identifies devices and allows you to manage their configuration and offer remote support using a system of servers and clients or agents that you manage through a centralized management platform.

The central MDM server can live on-premise or in the cloud. Through the central MDM server's management console, admins can configure policies that are then pushed to the agent on the device by the server. The agent communicates with the device's OS through the API to apply the policies. In short, MDM allows your IT team to manage, service, and secure mobile devices the same as they would do classic workstations

Application Management

An important feature of MDM is application management. Same as you want to control what software a user can install on their company laptop, you want to be sure that users can only install approved apps on their company mobile devices. This can be done using an app catalog. The app catalog functions like a custom play store where your end-users can download, install, and update a selection of secure and compliant apps without the need for interference from the IT department.

Remote support

Your MDM solution allows your IT team to remotely support mobile devices. In case of malfunctions, they can administer remote support in real time by accessing the device over the cloud network. They can also audit devices, and monitor their usage and security vulnerabilities. Should there be a security breach they can remotely lock and wipe a device of any critical data.

In case of a system crash, your MDM Software can also serve as a backup for your mobile devices, preventing the corruption or loss of data.

Deployment

The same system can also be used to deploy applications, configure the device OS, manage content and applications, take inventory of applications and hardware, or configure mobile apps on all company-issued devices. Ideally, many of these processes are automated, so devices are kept up-to-date and secure with as little intervention from the IT team as possible.

BYOD

The situation becomes more complicated in a BYOD environment. IT admins still need to enforce policies and secure corporate apps and data, while also maintaining the end user's privacy. Users are rightfully wary of the possibility of IT seeing what apps they are installing or even tracking locations through the MDM. Privacy settings can be used to allow the IT team to monitor behaviors and protect business-critical data on the device, while still protecting the users' privacy.

Using MDM policies organizations manage mobile devices as well as their use and security. The policies provide answers to questions like "What authentication is used?", "Which networks can a device connect with? ", Or "What customization options does the user have?"

Device Tracking

MDM allows IT teams to keep track of any mobile devices issued by the organization. This means both literally tracking the physical location of the device, but also monitoring a device in real-time to provide updates, support, and troubleshooting, or even by remotely locking or wiping data on the device in case of loss or theft.

Security

A mobile device management system allows IT admins to apply security features to certain applications. These security features can determine whether a user needs to authenticate before accessing the application, as well as prevent data from being copied from the app or stored on the device and whether data can be shared.

User access to a device can also be fully regulated, providing an extra layer of security for the data stored on company-issued devices. Identity and access management (IAM) can be managed using single sign-on, multifactor authentication, or role-based access.

Mobile Device Management Platforms

An MDM platform allows your IT and security teams to let their users have the flexibility and productivity offered by mobile devices, while still effectively managing these devices, regardless of their type of operating system. Mobile device management solutions offer you a range of features that help you save time and easily manage your mobile devices to improve efficiency, productivity, and security.

In the end, it is the developers of mobile OSs and devices who decide what MDM solutions can and can't do on a device through the API, so most offer the same core features, including:

  • Mobile device inventory
  • Device tracking
  • App distribution (in some cases with a customized app store)
  • App blacklisting and whitelisting
  • Remote wipe
  • Data encryption
  • Password enforcement
  • Automated reporting

As most MDM tools offer the same capabilities, where they differentiate is mostly what other enterprise software they can integrate with, to get more out of the device information they store. As such, Mobile Device Management is more and more becoming a part of Unified Endpoint Management (UEM), which allows businesses to manage all endpoints, like laptops, mobile devices, PCs, network devices, IoT, and wearables; in short, the entire IT estate from a single console. Some consider this to be the future of MDM.

Lansweeper and Mobile Device Management

Lansweeper is not strictly an MDM software, but it does allow you to collect mobile device information by scanning them through Microsoft Intune or VMware AirWatch. Lansweeper retrieves detailed hardware, software, user, and device typical information from Android, iOS, and Windows Phone devices.

Lansweeper adds this mobile device information to your inventory of network devices, workstations, and cloud assets, giving you one single pane of glass into your entire IT estate, mobile or otherwise.

You may also like...

Try Lansweeper for Free

Learn why Lansweeper is used by thousands of enterprises worldwide.​