Apr 11

Mobile Device Management

The goal of this article is to explain first of all the meaning and the funtionality of a MDM, after that try to understand, giving parameter if this is really what you need, because outhere there are a tons of opportunity, you have just pick the right one.

Mobile device management (MDM) providers continue to partner, develop and acquire mobile technologies to support a broader enterprise strategy, including the areas of security, enterprise file synchronization and sharing (EFSS), and application management. The basic technology components of MDM are similar among MDM vendors, but the user experience, analytics and broader offerings are differentiated.
The mobilespecific MDM companies are still providing leading vision and technology in MDM software, but the bigger software and security companies are catching up.

Mobility is a priority at most enterprises. During the past two years, it has been ranked second in the list
of CIO priorities Enterprises continue to see value in supporting access to their data for mobile users as a way to increase productivity and become more responsive in a faster business world. Access to faster speed, wireless networks and more powerful devices is driving the opportunity to support morecomplex data on devices. Two major trends continue to challenge that type of support: (1) IT no longer can pick the mobile platform that is
the most secure, manageable and lowest cost. (2) Devices in the enterprise are diverse. There is no one
standard; these devices were designed with consumer needs first. That means that enterprises will continue to struggle to meet a lot of basic security and support needs. Diversity is an opportunity and a challenge to enterprise IT.
Consequently, many companies have been adopting mobile device management to enforce enterprise
policy (mostly around data security) and to help enable enterprise content on MDM devices. In the past
three years, the adoption of MDM has grown rapidly: 30% of midsize and large companies use some type
of MDM software, and 80% at least use Microsoft Exchange ActiveSync (EAS) to enforce policies on
enterprise devices. Although the basic capabilities of MDM (hardware, software, security and network
management) remain the same, MDM providers have broadened their offerings to go deeper into security,
application and content management. Enterprises are looking for a single solution to help them secure
their data, as well as enable their data on these devices. The MDM market is also diverse, with a large
number of competitors. It is beginning to show signs of consolidation and moving to the next phase of
maturity, deepening functionality and the breadth of offerings. MDM will continue to be important to
enterprises, and careful due diligence on the technical and business factors will help companies make the
right decisions.
We defines MDM as a range of products and services that enables organizations to deploy and support
corporate applications to mobile devices, such as smartphones and tablets, enforcing policies and
maintaining the desired level of IT control across multiple platforms. Mobile devices may be corporate and
personal assets, as in BYOD programs. Areas of functionality include provisioning and decommissioning,
inventory management, application management and security. The primary delivery model is on premises,
but MDM can also be offered as software as a service (SaaS) or through the cloud.
The growing demand for MDM by IT organizations has motivated a large number of technology providers
to enter the market with MDM offerings. These products and services enable IT organizations to maintain
control, automate management and minimize risks, while delivering consumer mobility to the workforce.
Regarding basic management functions (e.g., provisioning and inventory management), most policy based
management offerings are progressively becoming similar, with little differentiation among
competing vendors. They differentiate, instead, on enhanced capabilities, such as containerization,
application management, document sharing and the cloud delivery model.
Now we examine one by one the critical capabilities of MDM.

Policy enforcement and compliance:

This varies in capability by mobile OS, but includes:

  • Detect and enforce OS platforms and versions, installed applications and manipulated data
  • Detect jailbroken iOS devices and rooted Android devices
  • Filter (restrict) access from noncompliant devices to corporate servers (e.g., email)
  • Restrict the number of devices per user
  • Restrict downloadable applications through whitelists and blacklists
  • Monitor access to app stores and application downloads, put prohibited applications on quarantine, and/or send alerts to IT, managers and users about policy violations
  • Monitor access to Web services, social networks and app stores; send alerts to IT, managers and users about policy violations, and/or cut off access
  • Enforce mobile communication expense policies in real time
  • Detect policy violations (e.g., international roaming), and take action if needed (e.g., disable access to servers, and/or send alerts to IT, managers and users about policy violations)
  • Enforce separation of personal versus corporate content
  • Manage corporate applications on personal devices, and manage personal applications on corporate devices
  • Tag content as personal or corporate through flags
  • Detect separation violations, and send alerts to IT, managers and users, if needed
  • Prohibit exporting data outside the container (e.g., when opening an email attachment) if a container is in use, and regulate interactions among different enterprise containers
  • Restrict or prohibit access to corporate servers (e.g., to email servers and accounts) in case of policy violations.

Mobile Security Management

This is a set of mechanisms to protect corporate data on a device and corporate backend systems, and to preserve compliance with regulations. It may include:

  • Password enforcement (complexity and rotation)
  • Device lock (after a given time of inactivity)
  • Remote wipe, selective remote wipe (e.g., only corporate content) and total remote wipe (e.g., a hard wipe, with data not recoverable after deletion)
  • Local data encryption (phone memory and external memory cards)
  • Certificate based authentication (includes device ID, OS version and phone number) and certificate distribution
  • Monitoring devices, and data manipulation on devices
  • Rogue application protection (e.g., application quarantine)
  • Certifications (e.g., Federal Information Processing Standard [FIPS] 1402)
  • Firewalls
  • Antivirus software
  • Device mobile VPN and appbased VPN
  • Message archiving (SMS, IM, email, etc.) and retrieval, and recording of historical events for audit trails and reporting
  • Containerization (for a definition of containerization, see “Technology Overview of Mobile
  • Application Containers for Enterprise Data Management and Security”)
  • Mobile Software Management: A set of mechanisms for over the air (OTA) software upgrades,
  • application inventory and distribution, such as:
  • App store capability
  • OS support and updates
  • Enterprise app procurement and provisioning — Apple Volume Purchase Program or other enterprise volume purchasing program integration
  • Software updates for applications or OSs
  • Patches/fixes
  • Backup/restore
  • Background synchronization

Mobile Content Management

  • A set of mechanisms to support file synchronization and sharing,
  • File distribution, and secure and manageable folders on mobile devices with policy enforcement. It may include:
  • File synchronization and backup, transparent to the user
  • File sharing with other employees or among applications
  • File distribution to a group of users, security and management policy enforcement


This refers to MDM deployments in mass volume:

  • Platform scalability for over 20,000 devices supported
  • High availability and disaster recovery techniques


  • Onpremises — appliance, virtual appliance
  • SaaS — hosted, cloud
  • Ease of implementation, timing
  • Pricing policies — per user, per device, perpetual licensing


Approaches used to support enterprise data needs include:

  • Dashboarding
  • Reporting
  • Analysis
  • Software/network usage

Now reading this we can understand that we don’t need only a Mobile Device Management, me need a Mobile Application Management and Mobile Content Management, this is quite important because a pure MDM have really poor scalability because everything is connect with the hardware and the OS, so we can easily see that the that actually we have tons of devices and not only well knows. So if you are thinking to use this kind of tools take the principles above and check it one by one.

1 comment

  1. swinerulstav science

    Experts explore the positive aspects of devices in the enterprise and address the challenges of managing more endpoints, facing security risks, and enforcing usage policies.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>