Best mobile device management (MDM) solutions 2021
What are the best enterprise MDM tools available for securing your corporate devices?
One of the most important business tools used by organisations in the UK is mobile device management (MDM). This is a system that allows IT administrators to control and secure smartphones, tablets and computers used by employees at work.
Due to expanding initiatives such as bring your own device (BYOD) and hot-desking, and most recently the surge in remote working, MDM has become increasingly popular in recent years. COVID-19, in particular, has caused the demand to surge among businesses keen to take on MDM. Now, as the world of work transitions to a hybrid model, we’re likely to see this demand continue, with UK organisations keen to ensure the endpoints distributed across their networks remain secure.
Ensuring your employees can only access the data they need, and that they’re restricted from accessing other information, is crucial to GDPR compliance. Organisations will, after all, be hoping to remain as compliant as possible in order to reduce the likelihood of fines. Locking data if a device goes missing, or restricting data access for employees, are two ways that MDM systems can help businesses on their compliance journeys.
As well as smartphones, MDM systems can manage tablets and laptops, as well desktop PCs. This means they're capable of managing cyber security risks across all workplace devices. Malware, for example, can be downloaded inadvertently in a number of ways including through phishing attacks, and infects various devices regardless of their form. The best MDM systems will manage multiple types of devices at once, treating or wiping those infected with malware before any infection spreads.
Whatever your needs are from an MDM solution, there are many options available from a variety of providers. Here's a round-up of some of the best options, including offerings from IBM, Citrix and more.
Perhaps one of the most well-known MDM platforms, Cisco Meraki allows you to manage every type of device in your business from one dashboard. No matter what you need to monitor - be it Android and iOS smartphones, or Linux, macOS and Windows PCs - you can do so. There's also an app for managing devices while not at your computer, monitoring usage and making sure all data is safe and sound.
Enabling operational resiliency with Veritas
Boost your DX goals with data and infrastructure insightsWatch now
Cisco Meraki offers a bumper feature set, enabling you to enforce device security policies, deploy software and apps, and perform remote troubleshooting if any problems arise, monitoring calls and more on the devices across your network. Every device managed and monitored is regarded as a separate device, even if they're linked. This means you can, for example, allow certain apps to run on an employee's iPad but not on their linked smartphone.
Cisco Meraki enables all of this to happen over the network, so even if you're trying to manage remote employee devices, it's a breeze. You can keep tabs on everything without anyone needing to be on the same network. It’s also easy to test-drive the platform with a browser-based demo with slated network devices and users. Plus, you can request trial hardware and get technical support to help with setup.
Pricing: Available upon request
IBM entered the MDM market following its acquisition of Fiberlink Communications back in 2013. Since then, Big Blue has been making some big improvements to its flagship MDM product. The service, which is powered by Watson AI, will easily integrate with existing IT infrastructure, enabling you to manage a diverse, complex endpoint and mobile environment.
IBM Maas360 also puts security at the forefront, securing and containing data accessed by users and keeping corporate apps and content separated while allowing for easy removal and access revocation. Its integrated threat defence also proactively shields corporate data.
IBM might not be the cheapest out there - especially since some of the services that you'd find bundled with other providers come at an additional cost - but with IBM's lengthy experience in enterprise security, you know you're getting a good quality solution for your money.
Hexnode MDM lets you provision and manage devices, and prides itself on a user-friendly design. Users can add their own devices by connecting to the network or by using a portal installed on your company's website or intranet. Their device will then be added using their Active Directory credentials.
Once the devices are added, you can manage them whether they're connected to the corporate network or being used remotely. That means you can push configuration settings to the device, restrict functionality, manage mobile applications (including blocking App Store downloads and implementing a black/whitelist), check and enforce compliance and even remotely lock and wipe devices.
Hexnode MDM also offers a 30-day free trial if you want to get give it a test run.
Pricing: From $1 (80p) per device/month
Soti allows you to manage Android, iOS, Linux, macOS, and Windows devices from one place, for the entire lifecycle of the device within the organisation. They can be provisioned when first added to the company's fleet of devices, managed throughout their service and then wiped when it comes to retirement.
The platform was designed for use with ruggedised devices often used by fieldworkers and the healthcare, logistics, retail, and transport sectors.
The MDM platform can be installed on-premise or deployed on Soti's cloud. You can add devices to the platform using its Express Enrollment feature, which automatically delivers the settings, apps, and files a user needs over the air to get them up and running.
Pricing: From $4 (£3.22) per user/month
MobileIron's enterprise device management offering is probably one of the best-known tools for keeping on top of employee devices, whether a smartphone, tablet or computer.
All devices can be managed from a single console, whether you want to enforce data and security policies, install or manage applications and services allowed on devices, or wipe/restore them on demand.
The MobileIron Client (Mobile@Work) is part of the company's EMM platform and has been specifically designed to enforce corporate email, Wi-Fi, VPN, and security certificate policies on devices, automatically configuring the device to function exactly how the IT department needs it to. It also features mobile application management (MAM), allowing employees to install applications the enterprise approves of from a storefront.
Content is also governed through Mobile@Work, giving workers access to web resources and content sitting behind the firewall using a secure reader to enable employees to securely read encrypted email attachments, something that's not usually allowed on corporate devices.
Pricing: Available on request
Citrix XenMobile is an MDM tool that allows the containerisation of business apps and personal apps, making it best suited to BYOD workplaces. Every device, including desktop PCs, smartphones and tablets, can be managed from one centralised console and devices don't even need to be enrolled to benefit from MAM, too.
As well as allowing the device owner to use a device provisioned and managed by the organisation, Citrix XenMobile has also been designed to let multiple users have access to one mobile device. This is particularly useful for industries such as healthcare, where field workers and emergency service workers may need shared ownership of one device.
However, it's likely one device will need applications and service provisioned with different access rights and this can be set up simply with XenMobile's MAM capabilities. IT managers can also lock down the device depending on the network location, stopping staff from using certain features outside of the corporate network.
Pricing: From $2.25 (£1.81) per device/month or $2.89 (£2.33) per user/month for up to 10 devices
VMware Workspace ONE
VMware Workspace ONE (formerly called Airwatch prior to its VMware acquisition) offers endpoint protection for all devices, regardless of the operating system, with full device management, whether it's a BYOD or shared corporate device.
You are able to deploy and manage any app via the platform's app catalogue, whether employees are trying to access them natively, on-device, via the web or remotely. The layered security across the individual user, endpoint, data, and network can all be centrally managed using the same mobility platform too.
Workspace ONE uses automation to carry out many everyday MDM tasks, which reduces the strain on IT staff. You don't have to manually provision or enrol devices - this happens without the need for any manpower, making it a perfect option for resource-stretched businesses.
Pricing: From $3.78 (£2.78) per device/month
As offices begin to reopen at a limited capacity, ensuring the security of employees’ devices will continue to be one of the main challenges for IT departments.
This is largely due to the rising popularity of the hybrid model of working, which combines working from home most of the time with coming into the office at least a few days a month. One notable example of a company which champions such an approach is Salesforce, which earlier this year announced that its employees will have the choice of three working models; flex, fully remote, or office-based in its San Francisco premises, on the condition of a proof of vaccination. Prior to the pandemic, around 18% of Salesforce employees were fully remote. In June 2021, the number of employees continuing to work remotely was estimated to be at least 50%.
However, mixing remote with in-office working might raise particular security concerns, as the lines between what is considered a home or work device is blurred – even if it was provided by the company. Moreover, this also means that employees will be dipping in and out of their private networks, unknowingly become a victim of malware, and potentially infect other devices on the company network once they return to the office. This is why companies should not only be wary of their network security, but also consider adopting a formal BYOD policy.
MDM solutions will have an important role to play as employees return to the office, and is seen as a dependent solution to enforcing not only security, but also GDPR compliance. Hoever, they can come at a high price. Before investing, look at the options and decide which would suit your business best; take into consideration the cost and scalability of the software, the security it offers, and how many employees and devices it supports. There are many more parameters that you could consider before choosing your perfect MDM, but these will give you a good starting point.
Of course, it would also be helpful to devise the appropriate MDM business plan on whether you are likely to see an ROI. However, security should be of paramount importance to any business. Failing to protect data in these times can lead to massive fines so there's no excuse not to take every measure to make sure your business stays afloat.
Defeating ransomware with unified security from WatchGuard
How SMBs can defend against the onslaught of ransomware attacksFree download
The IT expert’s guide to AI and content management
How artificial intelligence and machine learning could be critical to your businessFree download
The path to CX excellence
Four stages to thrive in the experience economyFree download
Becoming an experience-based business
Your blueprint for a strong digital foundationFree download