Mobile Device Management Definition
Mobile Device Management (MDM) is a term used to describe the management of a device from a remote location by a person, usually known as the administrator. MDM allows the administrator to add a device to manage it manually from a remote location. The device can be an individual-owned or a corporate-owned one. After a device is added to the list of allowed devices, the administrator is able to install any application to the device. Most MDM vendors allow MDM services only when there is a network connection available on the remote device.
Another feature of MDM system is to restrict or allow apps on the remote device. The administrator can blacklist an app to restrict it from working or white-list them to remove the restrictions. These actions can be performed with a Mobile Application Management (MAM) system. MAM can be implemented as a part of an MDM service, like most of the MDM vendors do. Restricting apps also include restricting of system apps and services, such as the in-built Camera app.
Any device that fails to stick to the rules of the MDM service can be deleted/wiped by the administrator. The devices reported as missing or stolen can also be wiped or locked for security. Several MDM vendors allow a device to be tracked if stolen and retrieve the latest location at which the device had been.
An ideal MDM can have the following properties:
- Compatible with all operating systems.
- Add or remove mobile devices as required.
- Support most/all service providers.
The main disadvantage of MDM is that, if a corporate performs a full wipe on a device, the personal data of the employee is also wiped. Some sources say MDM is costly, but free MDM services are also available.
Bring Your Own Device
With Bring Your Own Device (BYOD), a corporate allows an employee to use his/her own device instead of using the corporate-owned devices for corporate use. Corporates promote BYOD, since BYOD helps the corporate in cost-savings, and will also improve the efficiency of employees since using their own devices.
The advantages of BYOD includes those which are already mentioned above. Employees can be more productive by feeling good in using their own devices for corporate use. Corporates save cost since the devices used by employees are owned by the employees themselves.
The major disadvantage is data breach. For example, if the device is stolen, then there may be a chance of data breach. Also, when the device is used by another person, he may access corporate-specific confidential data, whether accidentally or not. When employees use more than one device, there may be an issue with network scalability.
Mobile Application Management
Mobile Application Management (MAM) is a term used to describe securing apps instead of the whole device. MAM provides functions for restricting individual apps instead of wiping or locking the entire device.
MAM can be implemented with/without MDM. Even though most of the MDM vendors implements MAM into MDM, independent MAM services are also available. Most of the employees (not employers) do not like “MAM-in-MDM” feature because if one of the employees lost his/her device, then corporates can wipe his/her data (a full wipe can be done), thus deleting all their personal data instead of just the corporate-specific ones. An independent MAM service can wipe specific apps only, and cannot be used to wipe the entire device. So, it is necessary to have two types of options in MDM tools:
- Full wipe.
- Wipe organizational data only.
Pros of MAM are listed below:
- Wiping of individual apps is possible, thus securing any personal data in the device.
- App usage can be monitored.
- App wrapping is possible.
App wrapping is the process of adding new policies to apps. With app wrapping, it is possible to set user authentication for a specific app. Some APIs can also be restricted.
Enterprise Mobility Management
Enterprise Mobility Management (EMM) can be defined as the expansion of MDM. Earlier, MDM tools allow managing and monitoring of mobile devices. But, the latest MDM tools allow more than just managing a remote device, but also include monitoring of users, apps, and emails. This expansion can be termed as Enterprise Mobility Management.
Enterprise mobility management is useful when the corporates enhance BYOD, to prevent data breaches, as mentioned before as the major disadvantage of BYOD. EMM is important to be used when promoting BYOD since mobile devices are likely to be stolen easily. EMM include:
- Mobile Application Management,
- Mobile Security Management, and
- Mobile Expense Management.
In EMM, a centralized system can remotely control the BYOD devices. Certain rules (also known as policies) can be set and the employees are to strictly abide by these rules. Devices can be wiped if the devices do not follow these policies. Apps in the devices can be restricted, updated or deleted remotely, and new apps can be installed on these devices.
Mobile Security Management
Mobile Security Management (MSM) is a term used to define securing a device from, for example, data breaching. MSM include detecting a non-compliant device (after it is registered in an MDM tool). A device which fails to follow the policy, or a stolen device can be wiped or restricted. New devices can be added to manage. Blacklisting or whitelisting of apps is possible. Password-based policies can be set to restrict unauthorized access. Password-based policies include:
- Minimum and maximum password length,
- Whether there should be presence of special characters, and
- Number of wrong password attempts before the password is reset or the device is wiped.
Mobile Email Management
Mobile Email Management (MEM) provides a lot of functionality. MEM can be used to configure calendar to show the employees special events and corporate holidays. It can also be used for configuring Exchange ActiveSync, CalDAV, and CardDAV. Exchange ActiveSync is used to sync the users’ contacts, calendar etc. to be available for access from various devices. Calendaring extensions to Web Distributed Authoring and Versioning (CalDAV) allows multiple users to access the same information, and also allows a user to manage multiple calendars. vCard extensions to Web Distributed Authoring and Versioning (CardDAV) is used to sync user contacts between various devices. It is also possible to view shared contacts on a server.
Mobile Expense Management
Mobile Expense Management is a process where the system calculates the cost of the mobile communication network of a corporate. Ideal Mobile Expense Management is one which calculates the cost of the network for an individual device, staff, and department. The administrators are also allowed to set data and voice usage policies.
Mobile Content Management
Mobile Content Management (MCM) helps corporate to securely send documents to their employees’ mobile devices. Like MAM, MCM can also be implemented independently of MDM. MCM provides security by encrypting data and allowing the corporate data to be viewed only by the employees. Passwords can be provided to each employee with which the documents can be opened. Location-based content delivery is also possible. Some advantages of MCM are listed below:
- Real-time access to latest content
- Secure confidential documents with no data loss
- Improves productivity of employees
- Reduce paper and printing costs