What in the world is an MDM Solution?

Kevin Qiu
April 6, 2021

Have you ever had to wait hours for IT to install a printer for you? Maybe you've lost a company laptop and freaked out about the files on it? What about waiting for IT to approve a new productivity tool with their admin account? Fear not! MDM solutions are here to make that a thing of the past.

MDM stands for Mobile Device Management. With the rise in remote work, MDM solutions are quickly becoming a valuable way for IT teams to ensure that company smartphones and laptops remain secure. In fact, the MDM market is expecting to grow to $15.7 billion by 2025.

Based on our past experiences working at tech companies, and from customer stories here at SafeBase, we've crafted a post about some of the common use cases for MDM solutions, some drawbacks, and a list of popular solutions for you to consider adopting at your company.

MDM solution on smartphone
MDM solutions can be used to secure company data on smartphones

There are several major benefits that make MDM solutions a smart investment for companies of all sizes:

Easy Onboarding

Mobile device management solutions generally allow IT administrators to set up seamless onboarding experiences for new hires. For the most part, properly configured, MDM-managed, new computers can be set up by a new user in a few minutes, without the need for an IT helpdesk technician. Items such as password policies, common applications, and wireless or printer settings can be automatically downloaded once a user turns on the computer for the first time. In an increasingly remote world, the benefits of an easy onboarding can't be overstated.

Centralized IT Management

After onboarding, MDM solutions also help IT administrators with general IT management. They allow all devices to be centrally tracked and inventoried, allowing IT teams to easily understand information such as where devices are, when they are due for upgrades, and more. Most platforms also allow admins to push out custom scripts or policies after initial onboarding to account for new policies and procedures. Another common use case for MDM solutions is a company approved, internal app store. In many cases large organizations have enterprise licenses for popular software such as Office Suites. MDM self-service app stores allow users to install pre-approved, safe, and licensed applications without needing to submit a support ticket.

Improved Security Using MDM Solutions

Better security is perhaps one of the most important features of any MDM solution. In the event of a theft or loss of a company device, administrators can choose to remotely wipe or lock any managed device, reducing the risk of sensitive company data from being leaked. In addition, mobile device management solutions allow admins to remotely push the latest security updates to vulnerable devices. Admins can also use MDM policies to enforce operating system level settings such as screens locking after idle periods. In some cases, IT admins may even require that access to company data on personal devices be done using sandboxed special email and office apps.

Considerations

We want to note that MDM solutions aren't always perfect, and that companies should take the following considerations in mind when deciding to invest in one:

  • Mobile device management solutions are generally priced based on number of users
  • Requires initial setup, including manually enrolling existing employees
  • Can occasionally be prone to bugs that can be difficult to debug without an IT person
  • Cloud hosting means proper access control will be critical given that these solutions usually have highly privileged access to devices
  • Platform support is dependent on solution
  • Some users may balk at having to use separate MDM apps for email

Although some of these may seem concerning, overall we still believe that the benefits of MDM solutions outweigh the drawbacks. With that being said, now you might be wondering how to get started. There are multiple well known vendors that offer MDM solutions, each with their own features and operating system support. For the most part, they all generally have the same core capability of letting you centrally manage your devices, but they all vary slightly in terms of platform support, price, and occasional nice-to-have features like bundled anti-malware.

Our Recommendations for MDM Solutions

Here is a list of some of the most popular solutions:

Jamf

  • iOS and macOS
  • Very fully featured
  • Formerly self-hosted, but now focused on cloud
  • Certifications and training available
  • Is used at very large organizations
  • Also has an anti-malware product called Jamf Protect
  • Is the most tried-and-true solution for Apple products

VMWare Workspace ONE

  • iOS, Android, Windows, macOS
  • Formerly known as AirWatch and is very popular with big enterprise
  • Has additional security features for zero trust authentication
  • Very fully featured

Microsoft Endpoint Manager

  • iOS, Android, Windows, macOS
  • Included as a part of Enterprise Mobility and Security
  • Integrates with Azure AD and is a good choice for existing Azure customers
  • Much easier to configure than traditional, standard on-premise Active Directory
  • Recommended for smaller teams with mostly Windows laptops

MobileIron

  • macOS, Windows, iOS, Android
  • Allows some passwords to be replaced with biometric authentication
  • Remote screen share for mobile devices
  • Includes a Threat Defense product

Google Endpoint Management

  • iOS and Android focused, limited capabilities for other operating systems
  • Makes users create a work profile sandboxed from personal apps with the ability to do remote deletion
  • Can enforce general settings like encryption and screen passwords for phones, but its overall capabilities are pretty limited compared to other MDM solutions
  • Included with Google Workspace plans

Rippling MDM

  • macOS and Windows
  • Enforces basic policies such as a complex password policy and disk encryption
  • Included with Rippling HR service
  • Optional Cylance integration for anti-malware

And there you have it, a handy list of some MDM solutions for you to consider. We highly recommend deploying one if you haven't already. Your future IT team will thank you, especially if you do this while your team is still small. (This is coming from someone who had to manually send out JAMF install emails to over 1000 users at once!)

SafeBase is the single source of truth for your security program. Close deals faster with a Trust Center that accelerates the vendor assessment process for your customers.

Begin building your Smart Trust Center today.
Creating your own Smart Trust Center is easy, and getting started is free.