mobile device management (MDM)

Mobile device management (MDM) is software that allows IT administrators to control, secure and enforce policies on smartphones, tablets and other endpoints.

MDM is a core component of enterprise mobility management (EMM), which also includes mobile application management, identity and access management, and enterprise file sync and share. The intent of MDM is to optimize the functionality and security of mobile devices within the enterprise while simultaneously protecting the corporate network.

Content Continues Below

Modern enterprise mobility products support not only smartphones but also tablets, Windows 10 and macOS computers and even some internet of things (IoT) devices. The practice of using MDM to control PCs is known as unified endpoint management (UEM). UEM is widely considered the successor to MDM and aims to manage all enterprise devices with a single console.

How mobile device management works

Mobile device management relies on endpoint software called an MDM agent and an MDM server that lives in a data center, either on premises or in the cloud.

IT administrators configure policies through the MDM server's management console, and the server then pushes those policies over the air to the MDM agent on the device. The agent applies the policies to the device by communicating with application programming interfaces (APIs) built directly into the device operating system.

Similarly, IT administrators can deploy applications to managed devices through the MDM server.

MDM architecture

BYOD mobile device management

Mobile device management software emerged in the early 2000s as a way to control and secure the personal digital assistants and smartphones that business workers began to use. The consumer smartphone boom that started with the launch of the Apple iPhone in 2007 led to the bring your own device (BYOD) trend, which fueled further interest in MDM.

Deploying MDM in a BYOD environment introduces some challenges. Organizations must balance IT's need to secure corporate apps and data with the end user's need to maintain privacy. Users are often concerned with the IT's ability to see which applications are downloaded and track location through the MDM. IT admins can use privacy settings to prevent these behaviors, however.

Organizations can use other methods to maintain user privacy while deploying MDM for BYOD environments. Some MDM platforms offer app wrapping, which provides a secure wrapper on mobile apps and enables IT to enforce strong security controls. For Android devices, organizations can use Android Enterprise, Google's enterprise mobility program that integrates with EMM and MDM platforms. Android Enterprise offers separate work and personal profiles so end users can keep their personal data away from IT's control and IT admins can secure corporate data and apps as needed.

Mobile device management features

The developers of mobile operating systems and manufacturers of mobile devices control what MDM software can and can't do on their devices through their APIs. As a result, mobile device management has become a commodity, with most vendors offering a similar set of core capabilities. MDM vendor differentiation comes by integrating mobile device management servers with other enterprise software.

Common mobile device management features include:

  • device inventory and tracking;
  • app distribution and/or an enterprise app store;
  • remote wipe;
  • password enforcement;
  • app whitelisting and blacklisting; and
  • data encryption enforcement.

MDM vendor landscape

The MDM vendor landscape has changed significantly since the early days. Most vendors in the market at that time, such as AirWatch, MobileIron, Sybase, Zenprise and Fiberlink, were solely focused on enterprise mobility.

In 2017, MobileIron was the only stand-alone EMM vendor remaining as a leader in the Gartner Magic Quadrant. Most of the other major players in the market were large enterprise software vendors. Those included VMware (which acquired AirWatch in 2014), IBM (which acquired Fiberlink in 2013) and BlackBerry (which acquired Good Technology in 2015). Citrix (which acquired Zenprise in 2012) and Microsoft also had substantial market share, according to IDC.

In 2018, Gartner released a Gartner Magic Quadrant for UEM. Many MDM vendors, such as BlackBerry, Citrix and MobileIron, renamed their products to reflect the market's transition to UEM. Citrix, for example, renamed its MDM product XenMobile to Citrix Endpoint Management.

Many MDM vendors now offer cloud-based services in addition to on-premises ones, especially as cloud gains traction in the enterprise. Cloud subscriptions offer increased flexibility and a pay-as-you-go service model that is attractive to many organizations.

This was last updated in April 2020

Next Steps

Find out which product would best suit your organization's needs, what questions to ask before purchasing an MDM product and get a comparison of the best MDM products in the market today.

Continue Reading About mobile device management (MDM)

Dig Deeper on EMM tools | Enterprise mobility management technology

Join the conversation


Send me notifications when other members comment.

Please create a username to comment.

Which MDM software does your organization use, and why?
Hi Margaret, the answer comes too late but maybe it will help other interested parties. We are a retail company with about 1850 employees. In 2018, we were asked to find MDM software to manage employees' mobile devices. The process took 3 months until we decided on the right solution. We use APPTEC 360's MDM software and I can recommend it to anyone because it's easy to use and has all the features you need to manage the devices. In addition, it is very fair in price.
I'm hoping someone could help.

Mobile device management has become more than just the management of devices, like stated above. This shift to the management of users, apps and content is known as enterprise mobility.
Do you have definition about mobile device configuration?
Mobile Device Management (MDM) can benefit businesses in the many ways. The primary objective of an MDM is to achieve security of the device and its contents.
Developing your own MDM server could be a large amount of work and is likely to require extensive security testing.
The scope of mobile device management is expanding with the growing connected ecosystem. The concept of BYOD is incorporating, not only smartphones, but smartwatches and other connected devices as well. And, an effective device management or Enterprise Mobility Management tool should be capable of deploying, securing, monitoring, integrating and managing any device used by workforce for official purpose.
After a long search for a suitable MDM solution, we came across the solution of the Swiss provider AppTec360. Since last year we have been using the solution of this provider. The fact is that most of the other providers are developing abroad and the servers are located there. Especially the American providers, which Gartner constantly announces as leaders in its portfolio, were not an option for us on the one hand for data protection reasons and on the other hand for financial reasons! Apptec360 develops and hosts in Germany and Switzerland and convinces with quality, support and price. We are very enthusiastic about the solution.

My home use laptopnoschool no work. Is controlled by ITDeveloper using MDM. Put windows 2012 and 2016 sql server. I net stat on my surface go and there were so many established connections I can not use my surface go. The sa part is it is a neighbor with out an ISP who is 
Mobile device management software uses add on security features and services like Mobile Application Management to generate a complete Enterprise Mobile Management Solution.
Hi Patrick1970, I wanted to thank you for your recommendation. We have now the test phase behind us and will acquire the licenses.