MDM Implementation Best Practices

Since the introduction of smartphones in the workplace more than a decade ago, the lines between personal and professional use of devices have blurred. IT administrators have had to figure out how to incorporate phones, tablets, and other smart devices into the workplace in a way that keeps the company secure, while also respecting employee privacy.

Mobile device management (MDM) strategy and related tools has made that work easier by allowing IT to manage, support, and monitor devices outside of the office. In the wake of the rise of remote work due to the COVID-19 pandemic, MDM has never been more important than it is now. Working from home gives employees more opportunities to use their personal devices to access company data. They may also be more inclined to use company-owned devices for personal tasks.

It’s critical that IT managers keep up with the growing number of endpoints. An MDM strategy gives them more visibility into which mobile devices are being used, and how. If your organization doesn’t have an MDM strategy, now is a great time to consider developing one.

The purpose of this blog is to discuss:

  • The purpose and importance of MDM
  • How to develop an MDM policy
  • What to look for in an MDM software vendor

What is MDM?

Mobile device management is a combination of policies and technology that oversee the use of mobile devices within a business.

Common MDM solution features include the following:

  • Remote wipe of lost or stolen devices
  • Mobile device inventory and location tracking
  • Remote troubleshooting and repair of devices
  • Cloud application distribution
  • Access controls (passwords, authentication, etc.)
  • Encryption of sensitive data
  • Allowing and/or blocking applications

Why do I need an MDM policy?

In addition to simply being lost or stolen, mobile devices are vulnerable to many kinds of threats including:

  • Applications - In addition to apps that contain malware or spyware, there are other malicious apps that take advantage of the fact that people don’t read the terms of service and often just hit “accept.” They may inadvertently give the app permission to access files and folders on a device that it shouldn’t have access to.
  • Networks - Remote work doesn’t always take place at home. Connecting to a company’s server via unsecured wifi networks could make an employee vulnerable to an attack. In addition, if employees are not using encryption-based applications for communication, hackers and service providers may be able to intercept sensitive information.
  • People - When employees are working from home using multiple mobile devices, those devices may also be accessible to more people. While a child, spouse, or roommate would probably not intentionally try to compromise security, it is possible that they could download a malicious app or respond to a dangerous text message.

MDM allows you to mitigate those threats by allowing you to configure policies and push them to multiple endpoints remotely. You can also manage and deploy company-approved applications in the same manner.

Developing an MDM policy

Developing an MDM policy begins with assessing your organization’s current device landscape and deciding if you want to change it. The following are common structures:

  • Bring your own device (BYOD) - Employees are allowed to use their personal mobile devices for business purposes. This is the most common policy.
  • Choose your own device (CYOD) - The company allows employees to choose from a list of pre-approved devices, and will either purchase the device or reimburse the employee for the purchase.
  • Corporate owned and chosen - The company buys and distributes mobile devices to employees in the same manner that they would distribute laptops.

What are appropriate mobile devices?

Mobile devices are not limited to just smartphones and tablets. Smartwatches, fitness trackers, e-readers, IoT devices, and even video gaming devices fall under this umbrella. Many of these, however, are not appropriate for business use.

Even if your organization has a BYOD policy, you will need to be explicit with employees about which personal devices they can use to access corporate information.

How can the device be used?

In the case of corporate-owned or purchased devices, you can create lists of acceptable and non-acceptable applications. You can even block non-acceptable applications from being downloaded on devices.

In the BYOD model, you can’t enact such restrictions, but it is possible to maintain separation. Most MDM solutions offer a way to contain business data and keep it separate from the rest of the device. In the event that an employee’s persona device is lost or stolen, IT can remotely wipe enterprise data, while leaving personal data intact. This separation also ensures that an employee’s personal information is protected from their employer.

What to look for in an MDM vendor

If you are considering using MDM software as a part of your device management policy, be sure that it has the following key features:

Comprehensive trial period

Before committing to any tool, you’ll need to test it out in the most realistic way possible. This means that your trial should offer all of the functionality that you would receive in the full paid version. You want to ensure that the product fits the unique needs of your organization and prevent needing to use multiple MDMs.

Cloud-based

An MDM solution should be accessible from anywhere, especially in a time when there are limits on how many people can safely be in an office at the same time. In addition, a cloud solution can prevent you from dealing with on-premises network issues.

Scalability

Employees will continue to access company data from new personal devices, especially if you have a BYOD policy. Your MDM solution needs to be able to keep up with this growing number of devices.

Compatible with multiple platforms

It’s likely that employees are using devices from multiple platforms (iOS, Android, etc.). A good MDM vendor will be compatible with a large number of common platforms. You can find out the types of devices that employees are using by performing a comprehensive audit.

With so much work being done outside of the office on mobile devices, MDM is vital to ensure security for your organization. Figuring out all your bases to cover pertaining to MDM is not an easy process to navigate, especially in times like these— and that’s why Electric is here to support your organization.

Stay up to date

Subscribe to the blog to stay up to date with all the latest industry news and updates from Electric.