Published: 24 Mar 2015
Users have very close relationships with their smartphones and tablets, but for years admins implemented MDM controls that were overly strict and hurt the end-user experience. Since then, IT has discovered equally effective uses for mobile device management (MDM) that are more palatable to workers.
Back in the early days of MDM, many admins just wanted to turn an employee's personal smartphone into a secure corporate BlackBerry. But this approach didn't really solve the problems that consumer devices presented in the enterprise, and there was often immediate backlash from employees.
Soon enough, mobile application management (MAM) emerged as an alternative to MDM. Instead of enforcing corporate policies on the entire device, IT could build controls into specific apps.
Today, as enterprise mobility management (EMM) has matured, we recognize the need for both MDM and MAM, plus all the ways they can work together in the modern enterprise environment.
Apple iOS MDM
This maturity is particularly evident in Apple's iOS, which is great at respecting the user experience. A strict system of access rights determines what IT can and cannot do to a device. Users have privacy controls to keep corporate apps from knowing their location or accessing photos. And some types of data, such as text messages, are simply impossible for employers to see. When either a user or administrator breaks the link between the device and the MDM software, an enterprise wipe can securely remove corporate apps and data without touching any personal data.
More recently, iOS devices have built-in MAM that keeps corporate apps, documents and network traffic separate from personal assets. Apple also offers many options for deploying and managing large fleets of institutional devices, such as its Device Enrollment Program.
MDM for Android
Managing Android devices has always been more difficult. The core MDM features in Android are fairly basic, so for years hardware manufacturers have added their own frameworks to fill in the gaps. This tinkering has resulted in some impressive devices that rival iOS MDM, but it also means a fragmented management experience for organizations dealing with anything-goes bring your own device (BYOD) programs.
Android for Work, Google's enterprise management initiative that's part of Android 5.0 Lollipop, could ease these issues; it will provide many enhanced device and app management options. Still, these features will take a while to roll out. Often the best option for Android is to not rely completely on MDM but instead look toward MAM and specialized corporate apps.
MDM is just plumbing
Estimates of overall MDM adoption vary, but it will remain a core piece of enterprise mobile strategy going forward. MDM is even spreading to laptops -- Windows 10 and Mac OS X have many MDM-like features.
Even though MDM is much more flexible and capable than it used to be, there are still situations where it's not appropriate. When it comes to BYOD, for instance, MDM calls for careful diplomacy, depending on local privacy laws and the trust employees have in their employers.
MDM is a valuable tool, but an enterprise mobile strategy should have much more to do with mobilizing applications and data. Compared to all the opportunities that come from mobility in general, MDM is just plumbing.
Keep track of what you need with this MDM checklist
Compare MDM and MAM benefits and use cases
Learn about iOS 8 MDM features