- Mobile device management allows companies to monitor, track, and secure mobile phones, laptops, and tablets that employees use for work.
- Mobile device management protects sensitive business data from hacking, loss or theft.
- Unified endpoint management (UEM) extends this protection to desktop computers, printers and other devices.
- This article is for business owners whose employees use company-owned or personal mobile devices for work purposes.
The use of both company-owned and employee-owned mobile devices in the workplace has exploded in the past several years. This trend, along with today’s mobile workforce, has enabled companies to deliver faster, more efficient service to customers and greater workforce efficiency and productivity.
But there’s a downside, and it’s a serious one: How does an organization effectively monitor, manage and secure all devices (both employee-owned and company-owned) and their disparate applications and operating systems, no matter where they’re deployed and used?
What is mobile device management?
Mobile device management (MDM) is a type of security software that company IT departments use to monitor, manage, and secure any mobile devices that are used in the organization, whether issued by the company or owned by the employee. MDM is also sometimes called EMM, or enterprise mobility management.
Devices that can be managed by MDM and EMM include laptops, smartphones, tablets and other mobile hardware. This software secures apps, policies, and permissions across platforms and multiple mobile service providers. It reduces risk to organizations and safeguards their networks and data assets.
MDM and EMM solutions typically include these broad functions:
- Software distribution
- Policy management
- Inventory management
- Security management
- Service management for smartphones and media tablets
Tip: Choose an MDM solution that supports the operating systems you use in your company.
Benefits of mobile device management
There are many benefits to using mobile device management in your business.
Protection of company data
When your employees have mobile devices connected to your company database, it can put your data at risk. This may include proprietary information such as price lists, product specifications, unique business processes, financial information and customer payment data. MDM allows your IT administrators to set permissions for certain data sets, assign strong passwords and restrict sharing. These precautions can prevent data leaks and misuse.
Lower risk of hacking and malware
MDM adds a layer of security that protects your company from malware, phishing and other types of attacks from outside the organization. It accomplishes this with built-in security, but also by limiting the types of apps that employees can use on the devices, as some might contain malware. [Related: How to Improve Your Small Business’s Cybersecurity in an Hour]
Device updates and backup
Because of a lack of time or attention to detail, individual users may not be rigorous about keeping their devices’ software up to date and compliant with your company’s data policy. With MDM, you can push regular updates to all work devices. This includes any necessary settings to ensure compliance with current data policies. MDM can also enable regular auto-backups of data for redundancy and protection in case something happens to a work device.
Tip: For extra data protection, check out our picks for the best cloud backup and storage solutions.
When employees are traveling or working remotely and have a problem with their devices, the ability to remotely access the device and fix the problem is a great benefit. Without remote support, the employee would have to mail the device to headquarters to have IT fix the problem and then mail it back. The remote support capabilities of MDM make the process convenient for the employee and reduces downtime, allowing the employee to be more productive.
With mobile devices, there is always the chance of loss or theft, either by the employee or from the employee. MDM allows administrators to track the devices’ locations and set geo-locks on them to secure their data. Lost or stolen devices can be erased remotely.
Most important features of mobile device management
There are many MDM and EMM providers in the marketplace. Feature sets vary widely by provider, but you should consider these features essential in your search:
- Mandatory passwords
- Password, blacklist and other security policy enforcement
- Remote configuration and monitoring
- Remote wipe (to safeguard data on lost or stolen devices)
- Backup and restore function
- Device and data encryption
- Malware detection
- Restricted access to specific data and apps based on location
- VPN configuration and management
- Wi-Fi configuration and management
- Fully managed, 24/7 monitoring of threats
- Integration with your existing security and management solutions
While cloud-based services are popular, some companies still opt for MDM or EMM systems that run in their own data centers. Many solution providers offer multiple options – on-premises, cloud-based and hybrid systems. As with any important business purchase, you should research your options thoughtfully.
Did you know? Cloud-based MDM is usually best for small businesses, because on-premises solutions require a dedicated employee to manage the system’s implementation, monitoring, maintenance and updates.
Editor’s note: Looking for the right mobile device management solution for your business? Fill out the below questionnaire to have our vendor partners contact you about your needs.
The best mobile device management solutions
These are our recommendations for MDM and EMM solutions you should consider.
VMware Workspace ONE UEM
It’s a good bet that many of your employees use Apple products, so if you’re planning to implement a BYOD policy, you’ll need MDM that integrates well with the macOS and iOS ecosystem. VMware’s Workspace ONE UEM accomplishes this through integration with the Apple Device Enrollment Program. The platform makes it easy to push out apps from the App Store to your containerized environment. It also works with Google and Microsoft products.
Ivanti Neurons for MDM is a cloud-based UEM solution that secures your data while allowing you control over any iOS, macOS, Android and Windows-based devices in your network.
Codeproof has multiple features specifically for Android devices, including integration with the Google Play Store for easy enrollment and deployment of business apps. With this platform, you have full control over the devices’ features and components to keep your business data secure and private. You can locate lost devices with the console’s GPS tracking features.
Sophos is known for its advanced endpoint protection, which extends to its MDM platform, allowing you to protect your company’s data with the same level of cybersecurity. Your organization’s content is safe and encrypted behind the platform’s container, allowing you to wipe it out if you suspect the phone is stolen or a security risk.
Miradore is one of the few MDM solutions with a free version, so it’s a good choice for small businesses. Miradore supports iOS, Android, and Windows and includes security, control, app management, and automation. For employees using their own devices, Miradore can selectively erase all corporate data from their phones in the event of loss, theft, or termination of employment.
Hexnode is an affordable MDM solution that can run either locally or in the cloud. It has “zero-touch enrollment,” which allows devices to be added to the system automatically with certificates. A UEM upgrade is available if you want to add desktops, printers and Internet of Things (IoT) hardware. [Learn how your IoT devices and printers can pose security risks.]
Citrix Endpoint Management
This MDM solution from software powerhouse Citrix comes with UEM functionality as well. Unlike some others on this list, it supports Chrome OS and Linux. Since it requires Citrix Workspace, it’s a good solution for current Citrix clients; otherwise, you will have that added expense.
Jennifer Dublino contributed to the writing and research in this article.