10 Top Mobile Device Management (MDM) Tools & Software
Mobile Device Management (MDM) is an issue for companies that employ wireless devices. Those devices include smartphones and tablets that communicate through a cellphone network and wifi-enabled office equipment such as mobile printers and scanners. Point-of-sales devices and barcode readers also fall into the remit of mobile device management.
Issues with mobile devices
Whether the devices that are included in the company network belong to the business or are owned by employees, the major issues that you need to cover are the same:
- Security
- Appropriate use
There is some overlap between these two topics.
Mobile device security
The security issues that arise from mobile devices fall into three categories:
- Communication security
- Virus risk
- Access control
MDM systems need to cover these three essential problems in order to allow you to safely integrate mobile devices into your network.
Communication security
Despite encryption protection standards for wifi communication, airborne communications are inherently less secure than cable-based networks. Devices taken out of the office may connect back to the network via public wifi hotspots, which may not be bona fide.
The fake wifi hotspot is a very useful tool for hackers to get access to data in transit. The standard wifi encryption protocols only encrypt data while it is in transit from the device to the wifi router. The keys for that encryption are distributed by the router/hotspot. So, if one of your employees connects through a fake hotspot, all network access credentials of that use and all of the data that passes back and forth during the session can be decrypted and stolen. Effective mobile device security needs to include end-to-end encryption.
Browsers and apps can store usernames and passwords to speed up network access. This could cause a security breach if a mobile device gets lost or stolen and the user hasn’t set up a unique lock key on the device. Therefore, it is important to be able to lock a mobile device or delete all data on it from a central location.
Virus risk
The “bring your own device” policy presents problems over which software can be loaded onto the device. If all mobile devices are owned and configured by the company, it is much easier to dictate the software that can be loaded onto those devices. Your mobile device management software needs to be able to remotely audit all software on a remote device and disable or remove unapproved applications. This is important because extra, unverified apps installed by the end user could give hackers access to your network.
Access control
On user-owned devices, the MDM policy should only allow network access via a portal where approved applications can be accessed from an application server. This will enable the owner of the device to keep it for personal use outside office hours.
Access control is an issue that also involves the previous two topics in this section. You don’t want unauthorized software to access your network and you need to be sure that access credentials can’t be compromised through theft or wifi snooping. Automatic login and credentials stored on the device will undermine the security of your access control, so some form of password protection, such as a password vault, should form part of your MDM strategy.
Appropriate use of mobile devices
There are two problems you need to keep track of regarding the use of mobile devices that connect to your network:
- Access to company resources for personal use
- Time wasting
If you allow your employees to get out of the office into the wider world to do their jobs, you need to make sure that they are not just sitting in a café playing a game or downloading music. The resources that you make available for your employees are only for business use, not personal pursuits.
If employees are out of sight but logged in through a mobile device, you need to make sure that they are actually working. You also need to be sure that they are not using unauthorized software on the network and that they are not using the company network to download offensive material.
If you provide employees with smartphones for work, then you will also be paying for their call time and data allowance. These factors can become very expensive, especially mobile data. So, you need to make sure that employees are not making the most of these facilities for personal use, ramping up the company phone bill.
MDM requirements
Keeping the above factors in mind, it is easy to see that proper mobile device management is essential before you allow mobile devices to connect to your network. The key requirements of mobile device management software are:
- Remote configuration – both individual and en masse
- Software tracking – to record license usage and prevent unauthorized software access
- Application security – for email, messaging, browsers, application and data access
- Remote lock or wipe – in case of device loss
- Data usage tracking – to prevent resource abuse
- End-to-end encryption – to prevent man in the middle attacks over wifi
- Password management – such as a password vault for each device
- Disabling native apps on devices – to enforce software policy
- Jailbreak detection – to prevent rootkit viruses from attacking the operating system
MDM implementation models
The MDM systems available on the market today fall into two broad categories. The first is an on-premises package. You need to install a controlling program on your office server and also a client program on each of your mobile devices.
The second option is implemented as a cloud-based solution. This category of MDM is known as SaaS, or “software as a service.” You may find that the best option for your company’s requirements lies in contracting in a range of services. You might end up with a hybrid MDM system with some functions covered by on-premises monitoring and other requirements fulfilled by online services.
MDM and MAM
The network security industry has divided the functions of control of mobile access into two categories. Mobile Device Management, strictly speaking, just refers to the security imposed between mobile devices and the central network. Mobile Application Management is concerned with the delivery of software to mobile devices.
Given that software performance can impact network security, it is difficult to imagine how secure access can be implemented without also controlling the applications allowed to use the company’s resources. Therefore, some specialists merge the definition of MAM into MDM. In short, to fully control the activities of your staff that use mobile devices and protect your company network and other resources, you need both MDM and MAM.
Here’s a list of the 10 Best MDM Solutions
- ManageEngine Mobile Device Manager Plus
- AirWatch Workspace ONE
- BlackBerry Unified Endpoint Management
- Citrix XenMobile
- Cisco Meraki
- Microsoft Intune
- SOTI MobiControl
- Miradore Mobile Device Management
- Jamf Now
- SimplySecure
Source: compareitech.com