Utelize 3-minute briefings: What is MDM (mobile device management)?

In this Utelize 3-minute briefing, we look at an overview of the key features of mobile device management (MDM) software, (also known as enterprise mobility management (EMM)), and the role that MDM can play in ensuring your business implements a successful BYoD plan.

However you choose to deploy BYoD, it is essential that both corporate and employee devices are secured, so that business data and user details can be separated from personal information, and so that access can be controlled, and data wiped off the device, in the event of a policy breach or loss.

What is mobile device management (MDM) software?

Mobile device management covers the process of enrolling and managing the security and associated policies on both corporate and BYoD devices. Whilst corporate devices like Blackberry have been managed in this way for many years through the BES platform, BYoD is driving the mass roll out of MDM software, and as a result there are now a large number of software, and some managed service, providers supporting device management and security. It can be complex to compare the different platforms available, but the key features that most corporates will wish to consider are summarised below.

Platform capability

In the early days of MDM there were significant limitations as to which devices and operating systems were supported by which MDM software. Whilst this problem is slowly disappearing, it remains true that certain devices place greater restrictions over the control that MDM software can have over the device and its content. As a result, not all features of MDM software can be used equally on all devices. Also, it is still the case that some MDM software is optimised to certain O/S or devices, and it is therefore essential that your business has a clear understanding of the required MDM functionality, which devices are planned for future use, and what MDM device limitations exist, before implementing an MDM or BYoD plan.

Corporate data ring-fencing

This capability enables organisations to separate corporate and personal information, data, applications, and profiles. This provides the organisation with control and security over corporate usage and data. In short, this enables the organisation to lock down or wipe corporate data and access rights without impacting on the user’s personal information – and it allows for the day-to-day separation of corporate data from personal, for instance: preventing a user from mailing corporate data from their personal email account.

Policy management

Policy management features range in sophistication, but can be used to control and manage web access (whitelists/blacklists), voice calling, roaming capability, and even the use of certain phone features (e.g. cameras). Policies can also be established to differentiate between corporate and personal profiles.

Alerting

These features enable alerts to be triggered against a wide range of security, compliance, or usage rules. For instance: breach of policy; removal of MDM software; bypassing operating system restrictions (e.g. jail broken devices); or exceeding usage limits.

Asset & Inventory management

These features allow the business to build and manage inventory remotely, and control/update device settings and configurations. Some platforms also enable IT teams to perform diagnostics and troubleshoot technical issues remotely.

Location services

These allow the business to track lost business devices, and identify last known locations, and, with permission, can track device/employee movement.

Mobile expense management

These ‘on-device’ logging and reporting tools enable businesses to track and report on usage at a more granular level than is available on supplier billing, and can provide near real-time alerting to help control excess usage or costs (e.g. roaming voice and data.)

Mobile application management

These features allow the business to manage application updates, and control or bar access to specific applications. The availability of corporate application stores, and Apple’s VPP (Volume Purchase Program), now allow for organisations to purchase applications, and manage their distribution across their entire organisation.

Mobile threat prevention (MTP)

MTP applications and bolt-on MDM services allow organisations to implement more sophisticated protection from advanced malware and device security threats, providing even greater levels of protection from risks and data loss.

Summary

The capabilities of MDM software have come on in leaps and bounds in the last five years. Understanding what devices your employees use, or plan to use, and establishing how these devices are utilised, is critical to deploying a successful MDM and BYoD strategy. Without this understanding, businesses risk investing in the wrong MDM solutions, and creating new security risks, employee dissatisfaction, and excess costs. What’s more, as the level of complexity increases, so too does the demand on IT resources, leading many organisations to consider managed services for device security.

If you have any questions about MDM, or if you have a topic that you’d like covered in our 3-minute briefings, email us at hello@utelize.co.uk and we’ll be happy to help.

 

 

Get in touch

Got a question for Utelize, or want to arrange a discovery meeting or call?

Please feel free to call us on 03300 240 444, or complete the quick contact form below, and we’ll arrange a suitable time to talk.