Jetzt Ausprobieren
ITAM Insights

What Is Mobile Device Management (MDM)?

7 min. read
14/02/2023
By Karen Lambrechts
Mobile-Device-Management

MDM or Mobile Device Management, allows IT administrators to remotely control and secure mobile devices in their IT estate, such as smartphones and tablets. When it comes to asset management, mobile devices are usually a challenge due to the sheer number of them, their diversity, their mobility, and their generally closed-off nature. MDM software allows you to control mobile devices and their use when provisioned to users by applying software, processes, and security policies and keeping an inventory of all mobile devices.

Why Mobile Device Management?

A mobile device management tool manages the device inventory and provisioning. It applies processes and policies to protect your mobile device’s data and applications, taking care of mobile security from a device-centered approach.

Mobile devices are a diverse category. They have their operating systems, which are notoriously closed-off, creating a unique challenge for IT departments to include these devices in their more comprehensive asset management strategy. To guarantee network mobility and user flexibility (think BYOD), they still need to provide the same level of support, compliance, and security to end-users using their mobile devices as they would to users using classic workstations.

The rising popularity of MDM is down to several factors, but the most important one is undoubtedly the ever-increasing importance of mobile devices in the workplace. They allow your user mobility and flexibility that didn’t exist until a few years ago. It allows for an easy remote working experience, using the cloud to access corporate data.

Over the last couple of years, the use of mobile devices within corporations has increased significantly, adding another layer of complexity to your IT estate. This has made many organizations scramble to implement a mobile device management framework to guarantee security and compliance for these transient devices. MDM allows them to quickly deploy device configuration, software, apps, and corporate guidelines from a centralized tool.

With the emergence of mobile devices in the professional work-sphere came concerns about security breaches taking advantage of these newly implemented mobile devices. As they aren’t always directly accessible in the network, they are likelier to lack essential security updates and patches for apps and firmware. This makes them coveted targets for malware and hackers due to the large quantities of data that are stored and transferred on the device.

Recently, management practices for mobile devices are becoming more standardized, creating a need for tools to manage them. They must secure and protect their data while allowing employees access to essential resources.

How Does Mobile Device Management Work?

Mobile device management software automatically identifies devices, allows you to manage their configuration, and offers remote support using a system of servers and clients or agents you work with through a centralized management platform.

The central MDM server can live on-premise or in the cloud. Through the central MDM server’s management console, admins can configure policies that are then pushed to the agent on the device by the server. The agent uses the API to apply the approaches to the device’s OS. In short, MDM allows your IT team to manage, service, and secure mobile devices the same as they would do classic workstations.

Application Management

An essential feature of MDM is application management. As you want to control what software a user can install on their company laptop, you want to be sure that users can only install approved apps on their company mobile devices. This can be done using an app catalog. The app catalog functions like a custom play store where your end-users can download, install, and update a selection of secure and compliant apps without the need for interference from the IT department.

Remote support

Your MDM solution allows your IT team to support mobile devices remotely. In case of malfunctions, they can administer remote support in real-time by accessing the device over the cloud network. They can also audit devices and monitor their usage and security vulnerabilities. Should there be a security breach, they can remotely lock and wipe a device of any critical data.

In case of a system crash, your MDM Software can also serve as a backup for your mobile devices, preventing the corruption or loss of data.

Deployment

The same system can also be used to deploy applications, configure the device OS, manage content and applications, take inventory of applications and hardware, or configure mobile apps on all company-issued devices. Ideally, many of these processes are automated, so devices are kept up-to-date and secure with as little intervention from the IT team as possible.

BYOD

The situation becomes more complicated in a BYOD environment. IT admins must still enforce policies and secure corporate apps and data while maintaining the end user’s privacy. Users are rightfully wary of the possibility of IT seeing what apps they install or even tracking locations through the MDM. Privacy settings can allow the IT team to monitor behaviors and protect business-critical data on the device while protecting the users‘ privacy.

Using MDM policies, organizations manage mobile devices and their use and security. The policies provide answers to questions like “What authentication is used?”, “Which networks can a device connect with? “, Or “What customization options does the user have?”

Device Tracking

MDM allows IT teams to keep track of any mobile devices issued by the organization. This means literally tracking the device’s physical location, monitoring a device in real-time to provide updates, support, and troubleshooting, or even remotely locking or wiping data on the device in case of loss or theft.

Security

A mobile device management system allows IT admins to apply security features to specific applications. These security features can determine whether a user needs to authenticate before accessing the application, prevent data from being copied from the app or stored on the device and whether data can be shared.

User access to a device can also be fully regulated, providing an extra layer of security for the data stored on company-issued devices. Identity and access management (IAM) can be managed using single sign-on, multifactor authentication, or role-based access.

Mobile Device Management Base

Mobile Device Management Platforms

An MDM platform allows your IT and security teams to let their users have the flexibility and productivity offered by mobile devices while still effectively managing them, regardless of their operating system type. Mobile device management solutions provide a range of features that help you save time and easily manage your mobile devices to improve efficiency, productivity, and security.

In the end, it is the developers of mobile OSs and devices who decide what MDM solutions can and can’t do on a device through the API, so most offer the same core features, including:

  • Mobile device inventory
  • Device tracking
  • App distribution (in some cases with a customized app store)
  • App blacklisting and whitelisting
  • Remote wipe
  • Data encryption
  • Password enforcement
  • Automated reporting

As most MDM tools offer the same capabilities, where they differentiate is mostly what other enterprise software they can integrate with to get more out of the device information they store. As such, Mobile Device Management is more and more becoming a part of Unified Endpoint Management (UEM), which allows businesses to manage all endpoints, like laptops, mobile devices, PCs, network devices, IoT, and wearables; in short, the entire IT estate from a single console. Some consider this to be the future of MDM.

Lansweeper and Mobile Device Management

Lansweeper is not strictly an MDM software, but it does allow you to collect mobile device information by scanning them through Microsoft Intune or VMware AirWatch. Lansweeper retrieves detailed hardware, software, user, and device-specific information from Android, iOS, and Windows Phone devices.

Lansweeper adds this mobile device information to your inventory of network devices, workstations, and cloud assets, giving you one single pane of glass into your entire IT estate, mobile or otherwise.