Mobile device management (MDM) is software that allows IT administrators to control, secure and enforce policies on smartphones, tablets and other endpoints.
MDM is a core component of enterprise mobility management (EMM), which also includes mobile application management, identity and access management, and enterprise file sync and share. The intent of MDM is to optimize the functionality and security of mobile devices within the enterprise while simultaneously protecting the corporate network.
Modern enterprise mobility products support not only smartphones but also tablets, Windows 10 and macOS computers and even some internet of things (IoT) devices. The practice of using MDM to control PCs is known as unified endpoint management (UEM). UEM is widely considered the successor to MDM and aims to manage all enterprise devices with a single console.
How mobile device management works
Mobile device management relies on endpoint software called an MDM agent and an MDM server that lives in a data center, either on premises or in the cloud.
IT administrators configure policies through the MDM server's management console, and the server then pushes those policies over the air to the MDM agent on the device. The agent applies the policies to the device by communicating with application programming interfaces (APIs) built directly into the device operating system.
Similarly, IT administrators can deploy applications to managed devices through the MDM server.
BYOD mobile device management
Mobile device management software emerged in the early 2000s as a way to control and secure the personal digital assistants and smartphones that business workers began to use. The consumer smartphone boom that started with the launch of the Apple iPhone in 2007 led to the bring your own device (BYOD) trend, which fueled further interest in MDM.
Deploying MDM in a BYOD environment introduces some challenges. Organizations must balance IT's need to secure corporate apps and data with the end user's need to maintain privacy. Users are often concerned with the IT's ability to see which applications are downloaded and track location through the MDM. IT admins can use privacy settings to prevent these behaviors, however.
Organizations can use other methods to maintain user privacy while deploying MDM for BYOD environments. Some MDM platforms offer app wrapping, which provides a secure wrapper on mobile apps and enables IT to enforce strong security controls. For Android devices, organizations can use Android Enterprise, Google's enterprise mobility program that integrates with EMM and MDM platforms. Android Enterprise offers separate work and personal profiles so end users can keep their personal data away from IT's control and IT admins can secure corporate data and apps as needed.
Mobile device management features
The developers of mobile operating systems and manufacturers of mobile devices control what MDM software can and can't do on their devices through their APIs. As a result, mobile device management has become a commodity, with most vendors offering a similar set of core capabilities. MDM vendor differentiation comes by integrating mobile device management servers with other enterprise software.
Common mobile device management features include:
MDM vendor landscape
The MDM vendor landscape has changed significantly since the early days. Most vendors in the market at that time, such as AirWatch, MobileIron, Sybase, Zenprise and Fiberlink, were solely focused on enterprise mobility.
In 2017, MobileIron was the only stand-alone EMM vendor remaining as a leader in the Gartner Magic Quadrant. Most of the other major players in the market were large enterprise software vendors. Those included VMware (which acquired AirWatch in 2014), IBM (which acquired Fiberlink in 2013) and BlackBerry (which acquired Good Technology in 2015). Citrix (which acquired Zenprise in 2012) and Microsoft also had substantial market share, according to IDC.
In 2018, Gartner released a Gartner Magic Quadrant for UEM. Many MDM vendors, such as BlackBerry, Citrix and MobileIron, renamed their products to reflect the market's transition to UEM. Citrix, for example, renamed its MDM product XenMobile to Citrix Endpoint Management.
Many MDM vendors now offer cloud-based services in addition to on-premises ones, especially as cloud gains traction in the enterprise. Cloud subscriptions offer increased flexibility and a pay-as-you-go service model that is attractive to many organizations.