Mobile Device Management (MDM) is a category of technology solutions that helps organizations manage large numbers of diverse user devices connected to the corporate IT environment in a consistent, scalable and cost-effective way, giving users the flexibility to use the devices of their choice to get their work done. Using MDM, IT administrators can control, secure and enforce policies on smartphones, tablets and other endpoints. With the help of MDMs, companies can reduce support costs and business risks.
MDM is a core component of a larger category of solutions called enterprise mobility management (EMM), which also includes mobile application management, identity and access management and enterprise file sync and share. The intent of MDM is to optimize the functionality and security of mobile devices within the enterprise while simultaneously protecting the corporate network.
MDM was initially developed to help secure mobile device access to corporate networks, resources, and data. The basic idea was to provide secure container on the user’s mobile device using cryptographic techniques and ensure that corporate data is effectively segregated from user’s personal data. MDM ensured that corporate data such as email, documents, and enterprise applications are encrypted and processed inside the container. Once deployed, MDM can restrict the moving of data in and out of the secure container, so corporate data is always in a controlled environment.
More recently, MDMs began managing other classes of devices, including computers and IoT devices.
The bring your own device (BYOD) trend has been a significant driver for the adoption of MDM solutions, as MDM lets corporations provide employees with access to their networks using a device of their choice, whilst managing these devices remotely with minimal disruption.
MDM solutions are typically deployed as a combination of an on-device application component to enforce policies and a backend component for managing devices and policies, and pushing out updates. The backend service component sends out the management commands to the mobile devices. The on-device application receives and implements the management commands. In some cases, a single vendor provides both the client and the server, while in other cases the client and server come from different sources.