Evaluate Weigh the pros and cons of technologies, products and projects you are considering.
This article is part of our Essential Guide: Enterprise mobile management's evolution

Pros and cons of mobile device management software

There are some security gaps that MDM can't fill, but mobile device management software is still a must for many companies.

Every company should have some form of mobile device management software, but the technology's drawbacks make it an incomplete solution to IT's problems.

Mobile device management (MDM) software lets organizations control and secure access to smartphones and tablets. MDM products are typically composed of an agent on the mobile device, a server component that IT administers and usually an intermediary server the MDM vendor runs.

The main purposes of MDM are to:

Increasingly, mobile device management software also provides some mobile application management features, such as an enterprise app store and application sandboxing, as well as mobile expense management.

More on mobile device management software

Defining the need for MDM software

MDM software guide

An MDM checklist for IT

Despite the numerous positive and useful features, some companies don't invest in mobile device management software because it is costly. Large companies could spend a million dollars or more on a cloud-based MDM service, or to have an MDM system installed on a server. Businesses should do a financial analysis of whether a breach would cost more than the total price of an MDM system. Many companies don't understand the cost of the kind of breach that may happen with employee-owned mobile devices, however. It's also important to fully grasp the amount of productivity that workers gain when companies securely enable mobile device use.

Other reasons companies choose to not invest in mobile device management software include a lack of trained IT staff to administer the system and the absence of policies to govern use of company data and devices. Companies may also have investments in current laptop and desktop architecture that prevent them from committing to an MDM system. And some organizations have a fear of the security limitations of MDM tools.

There are also some gaps that mobile device management software cannot address, such as those outlined in a recent PDF from the National Security Agency:

  • Companies may have more stringent security requirements than an MDM system can support; for example, some organizations may not want any data to leave their control, but MDM can't always prevent data leakage via cloud services or other means.
  • Some VPN implementations only make sure that part of a device's network communications are protected, which means that MDM tools do not protect company data well enough in some VPN implementations.
  • The piece of software installed on the mobile device -- the MDM agent -- is not sophisticated enough to fend off all attacks because device and OS manufacturers don't provide MDM vendors with all the code necessary to totally manage devices. And there isn't a one-size-fits-all system; different device and OS makers provide different levels of MDM access.
  • MDM providers have a tough time providing support for new operating systems as quickly as those OSes come out.
  • App management features can be fairly weak. For example, some MDM products lack a proper test environment for company-developed apps.

How do you fill in the gaps? Companies can request that employees use a secured VPN or Wi-Fi connection and provide data storage applications that the corporation  manages. They can also develop policies that encourage productivity, yet provide the proper measures of security. Although I don't recommend it, companies can utilize ActiveSync with the right mixture of security policies to enable corporate devices on the network. If a company does not like the available third-party apps, it can develop homegrown apps that provide the proper level of security.

But the bottom line is that mobile device management software is necessary in the here and now for companies that want to encourage more productivity and provide an appropriate level of security.

This was last published in June 2013

Join the conversation

1 comment

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

[Views expressed below are my own and not necessary a reflection of the enterprise that I work for]
Hi Matt,
Thanks for the article. I understood the objective of MDM and MAM... interesting thoughts...
As you rightly pointed out... information today travels to different mobile devices. Sometimes this information would also reside on the cloud or is exchanged with business partners. Thus the risk of information loss remains high. With better apps on the marketplace people are bound to look at better ways to being more productive. Restricting the app, are like killing an entire market place and the sole objective of why the market place was built in the 1st place. What most companies are now looking is to look at ways to protecting the information itself. MDM or MAM policies simply stop working as users collaborate with business partners, thereby identifying different ways in exchanging information.
Have a read on what Information Rights Management aka IRM as a platform has to say
IRM allows the enterprise to focus on controlling the information itself. IRM gives the enterprise a mechanism to automate policies to control the information. Some of the key players in this segment have a device and O/S independent way of delivering and controlling valuable information. The IRM platform from Seclore has a Gartner review to speak about.
Let us work to allow enterprises to enable their employees to collaborate freely and still have a say on what business partners can do with their information.
Rahul Khattar