Mobile Device Management: What Is MDM and Who Needs It?
What is MDM and what MDM features are there? Are MDM services worth it? Before getting an MDM provider, find the answers to these questions in this article that will help you decide if you need MDM and explain useful MDM features.
You may be a business that has allowed employees to work from home but is now struggling to manage the security of your network. You’ve probably allowed employees to use their own devices to access company files & data; after all, the modern trend of BYOD (or Bring Your Own Device) comes with advantages such as lower hardware and service costs, higher user engagement, and experience, and faster deployment time.
But now, you’re facing the problem of employees opening up your network to security threats. There is the dilemma of giving employees access to the files they need versus securing your network against cyber attacks - especially if your employee uses their own mobile devices.
Based on Intelligent Technical Solutions’ experience as a Managed-IT Service Provider, we found that the best way for clients to solve this problem is to use an MDM. Brian Kaminsky, ITS’ Phoenix Partner, shared his experience with MDM in an interview. He talked about what MDM is and how, based on real-life experiences, businesses can balance their need for convenience and security by implementing MDM in their employees’ devices.
We will tackle the following questions in this article:
- What is MDM?
- How does MDM work?
- What are the services included in MDM?
- Who needs to use MDMs?
And by the end of this article, you’ll be able to answer the most critical question of all: do I need MDM for my business?
What is MDM?
Mobile Device Management (MDM) is the process of managing a mobile device through its entire lifecycle in an enterprise. A complete mobile device management solution enables administrators to optimize the functionality of mobile devices, including smartphones and tablets, while securing their business from threats.
MDMs can also be a part of Unified Endpoint Management (UEM), which combines the management of mobile devices and PCs into one program.
How does MDM work?
MDM works on two fronts: MDM server management and MDM software management. For security purposes, the IT Team is mostly the only one with access to these necessary parts. They are also responsible for the installation of MDM software on all the required mobile devices.
All-in-all, MDMs follow these steps:
Step #1: Obtaining the License
First, the company buys the license to use the MDM - although some businesses allow their MSP to do that instead.
“Companies buying the license is important,” Kaminsky said. “By owning the license, the treatment of company devices is through the company itself.”
He says when employees put their log-in details in the device, it seems like the device is personally owned instead of company-owned. In the long run, this may cost companies should the employee keep the device or lose it.
Some places you can buy MDM software from are the big tech names such as Google’s GSuite MDM, Microsoft’s Intune MDM Solution, and IBM’s MDM Solution. Other well-known independent MDMs are Manage Engine, Centrix MDM, and N-able N-central.
Step #2: Setting up the System
Your IT team will then set up your MDM server and install the MDM software into your mobile devices. This step can take between a week to months, depending on how many devices you’re connecting to the network and how you want each device to be set up. You might also need to do some software and server training for your IT team, and some training for regular employees so they can use the device properly.
Step #3: Using and Maintaining Services
After the set-up and installation of MDM, your IT team or your MSP maintains the MDM devices and makes sure all services are running smoothly. In this step, you can get feedback from your users and IT team about the performance of the MDM, and adjust how you use it as your business grows.
What are the services included in MDM?
Businesses need simple, standardized, and secured devices for maximum efficiency, and having an MDM ensures this is what you’ll get. “It will allow users to use their own devices but have a separate space set up for users to do their work,” Kaminsky said.
Installing an MDM involves your IT department in getting the device ready for the user - you’ll have an immediate record of the log-in credentials, have access to the device, and be able to teach your employee how to use the mobile device properly.
However, the time MDMs shine the most is during the use of the device. Some of the key features are app management, security options, GPS tracking, and remote support.
A key perk in MDMs is app management. The key features of app management are as follows:
1. Choosing which apps can be installed on your mobile device
Having an MDM installed on your mobile devices will allow you to choose which apps can be installed on your mobile device. MDMs are essential for businesses that need to lock down what employees or customers can do. For example, companies can run a Kiosk mode with only one locked app on the screen. Kiosk mode is helpful for businesses that run a self-order or self-payment system.
2. Keeping uniform devices.
By choosing which apps can be installed and how they appear, businesses can keep the devices uniform. Uniformity is immensely helpful for the tech team, as it’ll be easier to diagnose problems when every device has the same features.
3. Pushing out simultaneous updates.
You can also immediately push out updates to the apps all at the same time. Real-time updates avoid the risk of outdated devices with missing features. This is especially important for businesses that rely on mobile devices for online kiosks.
4. Specialized access to apps for specific groups.
You can also choose which groups of people get which apps. If you have, let’s say, an HR department and you don’t want them to access YouTube, you can block that solely for them. But if your marketing team needs access to it for their video uploads, you can give them access to that.
It might be counterintuitive to think having all mobile devices connected via one program will improve security instead of posing a security risk, but that’s what an MDM does. It helps keep your devices secure through a variety of different features.
1. Allowing automatic, user-wide system and application updates.
MDM allows for automatic, user-wide system and application updates. When devices are not managed through an MDM, businesses run the risk of some devices using outdated security patches. In a world where 51% of companies were hit by ransomware in 2019, with numbers only increasing due to the prevalence of shifting to an online work set-up, hackers are exploiting all security holes.
2. Enforcing password policies.
Password policies such as changing passwords every X number of days and enforcing rules about password complexities help a business avoid hackers who’ve accessed your log-in information through leaked password databases.
You’ll also be able to help employees remember those passwords. Who hasn’t put in a complex password then had to click “forgot password” on the next log-in? By having an MDM, you’ll be able to keep a secure database of these passwords for your users and make sure employees don’t write their passwords on a spare piece of tissue on their desk.
3. Standardizing and varying multi-factor authentication.
Some employees might think that having a complex password is all it takes to protect your account. But businesses need more protection than that, as your data is a gold mine for ransomware hackers. (Literally. The average ransomware payments are projected to exceed $6,000 this 2021.)
MDMs can ensure all employees have more than one level of varied security. Additional Face IDs, Biometric/Fingerprint Scanners, PINs, and Mobile Device Authentication add more security walls between you and cybercriminals.
4. Notifying the IT team of lost devices.
Sometimes the worst happens, and thieves make off with employee or company phones. MDMs give the IT team notifications of possible lost devices. MDMs also allow businesses to set alarms on the phone for specific situations and lock and wipe the device remotely.
These are valuable features for unforeseen situations like theft.
In connection with the security features, GPS (or Global Positioning System) is another feature of MDMs businesses can take advantage of. An MDM can keep track of multiple devices’ locations; this is particularly useful for companies that send their employees with company devices to off-site assignments. It gives businesses peace of mind with the location of their employees and assets.
Remote support involves your IT team accessing a device from another location and directly moving or interacting with the device. Having this kind of access empowers your IT team - they’ll be able to directly help your employees with tech problems that go beyond your employees’ ability to solve.
“The users can be anywhere out in the field [and] as long as they have cellular or good WiFi, we can help them,” Kaminsky said. “[Remoting into the device] is probably the handiest [feature].”
But he also reassured us that the “user has to allow it [remote service].” The employee doesn’t need to worry about their privacy as the IT team can’t just go through their device without the user’s consent.
Who needs to use MDMs?
As seen above, MDMs come with a lot of features. But who gets the most use out of MDMs? Based on ITS’ experience, the businesses that get the most use of MDMs are those who check the following boxes:Have employees that use their device or a company mobile device for work
Want a uniform layout for all devices
Have multiple devices that need managing
Value up-to-date security patches & immediate IT support for mobile devices
Want limited access to websites or applications for employee/customer safety
Feel more empowered and comfortable with information about device location and usage
“We have clients that use them in the hundreds,” Kaminsky shared about his handled customers. “It’s [Those devices] just too many to manage at an individual level.”
He added, “[...] There’s a lot of challenges, a lot of bad things, and a lot of bad people. Sometimes [the freedom to install whatever employees want] will give [the device] access to nefarious areas or they [the employees] are not going to be able to complete their actual job.”
“[Businesses] are trying to protect their [employees] in a world that is very difficult,” Kaminsky said. The goal, after all, is the protection of business assets - whether these assets are their employees or their devices.
Who doesn’t need MDMs?
Maybe you don’t fit the previous boxes. Perhaps your business fits this list more:
No intention to incorporate mobile devices in the employee workflow
Has a manageable number of mobile devices in the business process
Unbothered by unstandardized security patches, OS updates, or mobile layouts
Wants employees to keep their mobile devices separate from working
Uncomfortable with access to devices and possibly personal information of employees
If you find yourself ticking off most of the boxes in the previous list, then an MDM won’t be a good choice for your business. You’d be better off learning how to protect your company’s network and researching managed IT services for holistic data management.
Are MDMs for your business?
It’s time for you to answer the last question: is an MDM right for your business? When thinking about it, remember the following key points of MDMs:
- MDM means Mobile Device Management.
- It involves the installation of software on mobile devices and the management of an MDM server.
- It has important features such as app management, security options, GPS, and remote support.
- Businesses that get the most out of MDM have multiple mobile devices used by employees/clients and want standardized layouts, up-to-date security patches, fast IT remote support, and knowledge of device location & use.
It’s also essential to have an IT team that can manage your business’ MDM system. Ensure that your tech team can adapt to different devices and has experience in deploying MDMs to ensure a smooth transition.
And that’s it! That’s everything you need to know about MDMs and if they’re right for you. Go ahead and get your team and devices together to use everything you’ve learned.
However, if you’d rather hire someone else to do all the nitty-gritty for you, make sure you know what you need out of an IT team before you give them your hard-earned cash. Read this article about 5 Questions to Ask Before Choosing an MSP Provider, so you know what you need to consider before getting into a partnership with an IT team.