What are the capabilities of MDM?

Which MDM strategy is best and why? Just like anything in life there is no black and white answer. It all depends on what best fits you at the time and what you are willing to put up with. Let’s get started.

Apple iOS. For a young and hip startup iOS seems like the obvious choice. Apple is always successful in making a very streamlined process in order to get business done. Apple’s process is streamlined because they limit the control of their devices from system administrators. Many system administrators will take an issue with this but when you implement Apple’s DEP and VPP a big load is taken off the system administrators. The process becomes almost seamless in most situations. More on DEP and VPP below.

Android. For a system administrator this seems like the obvious choice. Android is all about choice and customization and a system admin is going to want the choice to limit as many features as possible in a secure environment. Android is open about their services including allowing a third party to use their own cloud messaging service.

DEP, KNOX, AFW. When an organization provides mobile devices to their workforce it is common to use an enterprise solution on the devices. Apple has the Device Enrollment Program aka DEP, this allows a company to register the devices directly with Apple as they buy them from their provider. When the devices gets to the user, it is already enrolled into MDM. KNOX is an Samsung’s enterprise solution. It provides system administrators with their own console on Samsungs website to manage devices, however it limits some of the capabilities from your own MDM provider you may already paying for. Android for Work or AFW is Google’s solution for enterprise management. It is probably the easiest one to implement. It only requires a company Gmail account to be registered on the AFW website and then entered into the MDM console.

BYOD. Bring Your Own Device solution is great for very large organizations or just organizations who will allow users to use their own phone with their network. There is a disconnect between marketing and its function, as there usually is when it comes to marketing. The solution is marketed as if there exists two separate OS’s on the device, one for work and a separate one for personal use. It is nice to see this separation, it is not always functional. Also this separation does exist virtually when there is only “one” OS on the device and it is more functional for the user. Any app pushed from MDM is managed and therefor exists independent of personal apps. If MDM is removed the managed apps will also be removed. There is even a policy to prevent data from leaking to a non-managed or personal app.

Device capabilities change with every new version of a device and OS updates. As well as the implementation of these new enterprise solutions. What solution do you have experience with? What is your favorite solution? What choice would you make if you could start from scratch?

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s