Mobile Device Management (MDM): A Gateway to Security

As the need for corporate and enterprise devices grows, how organizations manage assets – sometimes in the tens of thousands – is necessary.

This can mean anything from protecting sensitive company data on employee devices to accessing critical tracking and telemetry data. Either way, there’s a tool for the job. It’s called mobile device management (MDM) software. 

MDM and MDM-like software manages everything from company assets like corporate-owned laptops to employee-owned devices for bring-your-own-device (BYOD) scenarios. MDM has evolved dramatically in recent years as more businesses expand their digital footprints. 

Common mobile device management features

While MDM is typically considered a software solution, you can’t implement it without the hardware to run it on. While each MDM provider offers a variety of exclusive features, every MDM provides some core options. 

MDM providers onboard devices to the service – a core functionality needed to manage devices. Once onboarded to the service, organizations can use internal policies to protect corporate data, securing data on corporate and employee-owned devices against malicious attacks. 

Many MDM services also track devices, set and update remote configuration and compliance policies, and offer some form of content management system, including applications. 

As more enterprises manage multiple devices, more tools have popped up. While MDM is sometimes a blanket term for all such tools, EMM, UEM, and MAM often describe similar services.

Source: Esper

EMM, UEM, MAM, and MDM: What’s the difference? 

All of these are device management services. Here’s a quick breakdown and what you can do with each.

• Enterprise mobility management (EMM): EMM is an all-encompassing approach to securing and enabling employee use of smartphones and mobile devices. It’s often used in BYOD and company-owned/personally enabled (COPE) scenarios. 

• Unified endpoint management (UEM): UEM is specifically designed to manage computers and computer operating systems, like Windows, macOS, and Linux. It was born out of the necessity to manage more than smartphones – an alternative to MDM’s original smartphone-only design. 

• Mobile application management (MAM): MAM is designed for application control on digital devices. Its primary function is installing, updating, and securing applications, though some MAM solutions also offer content management capabilities. It’s the most limited among the different management solutions and is largely incorporated into all MDM services, though independent MAM services still exist. 

• Mobile device management (MDM): MDM was originally designed for smartphones but has since branched out to cover all devices and operating systems. It’s often interchangeably used with EMM, UEM, and MAM as a blanket term to describe these services. 

The dramatic overlap between these device management services makes it hard to understand “when to use what”. This is precisely why MDM has become the term that often umbrellas the others, as most MDM services offer functionality across all variations. 

For example, some providers stick to a specific brand of devices, like Apple. These companies provide different tools organizations need to manage iPhones, iPad, and even macOS computers. Essentially, this provider covers MDM, EMM, UEM, and MAM all at once. 

Other providers, however, may offer exclusive control over a specific operating system, like Android, regardless of the device form factor. They’ll work with Android tablets, phones, computers, digital displays, wearables, and more. These providers can typically work with any device running on Android. 

As operating systems become more versatile and form factor agnostic, the need for MDM and MDM-like services to ebb and flow with the needs of organizations becomes essential. And while you’ll still hear other terms used occasionally (like EMM or UEM), MDM is by far the most popular to describe modern device management, regardless of form factor, operating system, or device type. 

What other types of devices is mobile device management designed for? 

When you think of “mobile devices,” a few specifics come to mind: smartphones, tablets, and laptops. They can all be managed with MDM software. 

But as stated earlier, MDM is often about the operating system it supports, not the specific device type or form factor. This muddles the definition of “mobile”. 

For example, Android is open source and can be built for nearly any device type. Besides phones, tablets, and computers, Android runs on smartwatches and other wearables, cars, cycling computers, various fitness equipment, digital cameras, display signage, kiosks, point-of-sale systems, and a whole lot more. The possibilities are nearly endless when it comes to hardware compatibility. 

As a result, the “mobile” in “mobile device management” can be confusing. Digital signage and self-checkout kiosks aren’t generally “mobile,” after all. Yet MDMs that support Android could theoretically also support these devices. Some device management services are even designed from the ground up with these kinds of devices in mind. 

To further complicate the nomenclature and the types of hardware MDM supports, think about point-of-sale systems. These come in various shapes and sizes.

Sometimes, they’re tablet-based systems with cash drawers and credit card readers. Other times, they may be handheld systems called mobile point of sale (mPOS) with card readers and NFC for tap payments. 

Oh, and those credit card readers? Many of these can also be managed using the right MDM solution, even if they don’t have a screen! 

So yeah, MDM is a big category that can manage all types of devices. You just have to find the provider for device compatibility.

Benefits of using mobile device management

Mobile device management addresses specific organizational needs. As technology is adopted and more devices are integrated, protecting company assets and information becomes critical. But ensuring corporate-owned devices comply, always work, and are always available is equally crucial. 

More businesses rely on critical functionality provided by dedicated-use devices than ever, and MDM meets those needs. 

Here are some notable benefits of MDM.

• Centralized management: MDM software provides visibility into company devices through a single dashboard so they can all be managed in one place. 

• Improved security compliance: Protecting digital and physical assets is one of MDM’s primary functions. It ensures your devices always comply with company security standards, including application and operating system updates and patch levels, firewall settings, VPN protocols, and more. MDM also helps you track devices and remotely lock or reset them. Geofencing – that can automatically send alerts or lock a device if it leaves a specific area – is also a key MDM feature.

• Remote monitoring and configuration: Seeing a device’s physical location is helpful, but knowing what it does is even beneficial. Using MDM, you can troubleshoot devices with the right monitoring and diagnostic tools. You can also remotely configure updates and make other configurations. 

• App and content management: As mentioned in the previous section, most MDMs offer a full suite of MAM functionality. This includes app access and updates, and content management on the device. 
• Cost savings: Many modern MDM providers reduce the need to manually support, optimize, secure, and otherwise manage devices. Remote security updates and content management help prevent data breaches and other security incidents. 

For MDM, the name of the game is efficiency. An MDM’s ultimate goal is to help organizations manage company assets, increase efficiency, and save time. 

Challenges with mobile device management

As much as MDM is designed to simplify device management processes, it’s not without its challenges. Choosing the wrong MDM out of the gate is among the biggest.

• Implementation: For newcomers, implementing an MDM solution can be daunting. Depending on the device count, the process can be highly time-consuming, often requiring devices to be reset and re-configured. 

• Scalability and adding new device types: The more versatile your MDM, the better off you are. Scaling rapidly, adding multiple devices at once, or adding new device types can all be significant challenges for MDM software.

• Migrating to a different MDM: If implementing an MDM is challenging, migrating to a new one is perhaps even more difficult. This can be time-consuming and costly, especially if your devices are geographically distributed. So, making sure you choose the right MDM to start is crucial. 

• User adoption and resistance to change: Employees new to MDM or moving to a more robust MDM solution might not like the new system or the device restrictions. This discourages adoption and causes employees to search for workarounds to bypass or disable the software. 
• Integration with existing systems: MDM simplifies device management. But managing integrating devices is challenging. Software compatibility across devices, servers, and cloud storage can be a key issue here. 

Choosing the right MDM and deployment timeline is crucial when integrating an MDM solution to mitigate the resulting challenges.

Limitations of mobile device management

Technology is dynamic and always evolving. The way we use it is also constantly in flux. As a result, MDM services are chasing a moving target and adjusting to new demands. But there will likely always be limitations to overcome. 

• Compliance limitations: One of the biggest benefits of MDM is improved security compliance. Note the word “improved” here. Compliance is multi-faceted, and MDM is only part of the story. Full compliance also requires employee education, which is beyond the scope of MDM software. 

• Support across multiple operating systems: Many MDM solutions only focus on supporting a single operating system or particular device type. Finding a compatible MDM solution can be an issue if you have multiple devices running various operating systems. The same is true if you decide to add more devices in the future.

• Custom device support: Many MDM solutions are built for off-the-shelf commercial devices. A compatible solution can be an issue if you have a custom device. 

• Data visibility: MDM software may not provide detailed information or insights into the data on a device or how it’s used. For example, if you use MDM to manage single-use kiosks, having telemetry data on how those devices are used can be crucial to a business strategy. 
• Remote tools: While many MDMs focus on delivering device monitoring through a single pane of glass, the remote tools they offer may not be as robust. For example, remote access and debugging for troubleshooting or remote deployment may not be commonly available. 

Many of these will likely be addressed as MDM continues to evolve. Still, as with everything else, each evolutionary upgrade to any product has the potential to introduce more challenges and limitations. For example, as services offer more features, they become more complex and difficult to use, increasing the learning curve for new users. 

How to pick the right MDM service

With MDM software's pros, cons, upsides, and downsides, picking the right one for your needs can be daunting. Here are some considerations when shopping for MDM services. 

• Device support and scalability: The first – potentially the most important – is device compatibility, not just for the devices you have right now but also for the ones you’ll add later. Finding an MDM that supports all your current device types and operating systems is important. Choosing one that scales and grows with your needs is equally important. MDM should simplify device management and enable you to grow quickly – not hold you back. 

• Integration with existing tools: Integrations can be slippery. You’ll want to ensure all your existing tools, including software, cloud, and servers, work with your MDM. 

• Security features: Besides a single place to manage your digital devices, security is MDM's other primary use case. Pick one that offers strong security features, including data encryption, password enforcement and reset options, remote access and reset app and content management, and the ability to control device updates. 

• Ease of use: Just because an MDM offers a variety of features and capabilities doesn’t mean it should be complicated. The best MDMs offer an intuitive user interface for core functionality and APIs or other integrations for more advanced capabilities. It should be simple enough for anyone to use but robust enough for your IT team or engineers to do what they need. 
• Cost: MDM saves time and money. Finding the one that fits your needs at a reasonable price can feel like walking a tightrope. Remember that good software that grows with you is the ultimate cost saver, even if it’s more expensive than the competition. Evaluate the total cost of ownership (TCO), not just the per-device subscription fee. Cheaper is rarely better!

This is far from a full list of every consideration but core features and a good jumping-off point. Many MDMs use a one-size-fits-all model for device management, which rarely works well for enterprise devices. Each scenario is unique and should be treated as such! 

The future of mobile device management

As devices continue to evolve, so will the tools to manage these devices. Providers will certainly offer more robust features and support for a wider range of device types and operating systems while simplifying the user experience. To better understand what to expect from device management’s future, look at the device landscape and how organizations use technology. 

For example, the device management tools of the future will likely move beyond what we know today as more enterprises add automation to their needs. Imagine having devices that can almost manage themselves with the right automation. You could theoretically set specific parameters for the device to execute specific commands, reducing the time it takes to run routine tasks. And that’s just the beginning. 

Artificial intelligence (AI) and machine learning (ML) will continue to shape how enterprises and consumers use devices, and device management tools must respond accordingly. This goes hand-in-hand with automation, as tools learn device reboot patterns, update deployment frequency, and automatically perform these tasks. No programming or human interaction is necessary. 

Autonomous drones and robots could also help shape the future of device management. As organizations add these intelligent, time-saving robots, they’ll inevitably need a better way to manage them. 

Manually managing a few robots on a warehouse floor in a single location isn’t a huge challenge right now. But, when you add multiple drones and robots across several locations, you end up in the same situation that birthed MDM in the first place. The device management tools of the future will need to respond to this growth to stay competitive. 

Beyond the devices, themselves, device management software will also need to emphasize the people using the software. Greater privacy for employees in BYOD or COPE situations will likely emerge as employees want more control over their own data. They will need to balance more granular employee privacy controls with increased security on digital devices. 

Along these lines, the future of device management software will rely on better integration with external tools. This will likely always be a challenge or limitation of device management software since it can’t possibly support all third-party tools, software, and other services. But adoption of the most popular tools and services across industries will potentially be a focus as device management tools look for ways to edge out the competition. 

As more organizations implement more devices and device types, a way to gather, collect, and analyze the data generated by those devices will become increasingly important. Advanced device telemetry, analytics, and reporting will become more important. Enterprises will look to their device management software to provide access to this data. 

Like with most things, this will be an evolutionary process, and much of it will be out of the control of MDMs initially. Drones and robots will need operating systems with APIs and SDKs.

AI and ML will need to evolve. Device-based automation, better-reporting systems, and more insightful analytics will take time. It’s about the journey, not the destination. Or something like that. 

The right tool will simplify your management strategy

Mobile device management has evolved beyond its humble beginnings as a smartphone management tool for BYOD policies. It continues to become more robust, offering support for smartphones, tablets, laptops, computers, and more running various operating systems. Its importance in the modern enterprise cannot be overstated, as it’s the all-encompassing solution to simplify devices and have better control over them. 

Choosing, implementing, and utilizing an MDM solution presents its own challenges. However, with the right research, talking to different MDM providers, and considering your future roadmap doesn’t have to be daunting. 

Whether you’re looking for your first MDM solution or need something more robust to handle your growing business, remember that the right tool will simplify your management strategy, saving you time and money. Not the other way around. 

Following along these lines, learn more about unified endpoint management (UEM) software and how it enables security by managing end-user software and hardware.