What is an MDM and what is it used for?
As a company with several employees, choosing the right mobile device management solution quickly arises. What criterias should be considered? The number of employees? The company’s activity? In this article, we will focus on MDM (Mobile Device Management) solutions, which allow companies to have full control over their mobile-devices fleets.
MDM (left) and MAM (right) (© Microsoft)
MDM vs MAM: what is the difference?
Let's start with a little reminder: if a MAM (Mobile Application Management) solution will manage specific applications, or only part of the device, a MDM (Mobile Device Management) solution will take control of ALL the device. Something like a super-admin on desktop.
This management solution will make it possible to control everything, from the authorizations, downloads, from preventing the installation of applications from public app-stores, and even hide the public stores or other applications. It will also be possible to install special wifi-configurations for the device, in order to let it only connect to a particular network.
In terms of personal data, it will be possible for the administrator of the device (the company) to access all the information - whether it’s text, images, all types of content, exchanges, contacts... The company will also be able to send messages to its employees via specific channels, such as wallpapers for example.
While the company may reserve the right to do so, this type of practice is less and less appreciated by employees (considered too violent and intrusive), who have an increasingly personal relationship with their device - even if the device remains the company's property.
However, as a company you should be careful: even if your employee uses a professional device, you aren’t allowed to read his personal messages and the content he’s producing.
Obviously, it’s the same thing with a personal device used in a professional context: pro or personal, the company can manage and monitor certain parts of its activity, but care must be taken not to infringe on the privacy of its employee. It is therefore in the best interest not to be manage the device fleet too intrusively!
In the 1990s, mobile phones and devices were rare and mostly reserved for professionals. It was therefore normal for a company to manage entire fleets of devices via MDM solutions.
In the 2000s, mobile devices became more popular with the general public, leading to the situation in which we find ourselves today: employees often have, on a personal basis, extremely high-performance mobile devices - sometimes more powerful than those provided by the company.
At this stage, does it still make sense for the company to provide them with devices? Isn't it better to let them use their own device - what is known in the lingo as BYOD (Bring Your Own Device)? But in this case, does a MDM solution still make sense?
Indeed: for a few years now, many employees have been asking to keep their personal device and use it as a personal and professional device at the same time.
In this case, an MDM solution does not work: a company cannot manage the entire personal device of an employee, that wouldn’t make sense. In this case, it is therefore essential to opt for a MAM solution.
And the opposite is also true: sometimes employees use the device provided by their company, and use it both for their professional and personal lives. In this case, it's the same thing: an MDM solution may be very/too intrusive for them...
A little history…
From a historical point of view, MDM solutions represent a management tool that allows you to push configurations on devices but also to manage applications. MDM has been designed to manage devices for much longer than pure application management solutions.
As a result, large companies have implemented MDM solutions - only because it would have been too complicated to organize without them. Now MDM solutions can also manage applications, sometimes even do no more than that.
Which obviously makes no sense: if you no longer need global device management, you might as well switch to an MAM solution.
Is the MDM solution mandatory in some cases?
It all depends on the use cases - each case is different. Here are 3 examples:
- In sectors where working conditions are sometimes extremely dangerous (the chemical industry for example), and where certain products can ignite at the slightest spark, the use of a "classic" device is impossible. The company will therefore have to equip its employees with highly technical devices, which will inevitably remain its property. In this case, choosing an MDM solution is the most obvious choice.
- In more “regular jobs”, such as that of an executive who works in an office, who will call his clients and colleagues, but who will also communicate with his family, his partner, management via MDM is not mandatory. The company does not need to manage the employee's device in its entirety. Otherwise, depending on the features the company needs, a MAM should be enough!
- However, even in traditional sectors, the question must be asked: if a company wants to force its employee to use a particular Wi-Fi network, for security reasons for example, it’s definitely necessary to opt for an MDM solution.
Similarly, if a company wants to carry out a "reset factory" on a very regular basis, because the device changes users everyday for example, it will only be possible to do that with an MDM solution.
How to choose?
If you’re thinking about how to handle your EMM (Enterprise Mobility Management - i.e., the overall management of the mobile phone fleet in the company ), you’ll first have to define the precise needs of the company.
Too often, companies tell us that they want this or that solution, but finally, after discussion, they are forced to admit that they did not have a clear and precise vision of their needs.
Too often, companies have management solutions that are too advanced for what they need.
Too often, companies opt for expensive MDM solutions, while they could have opted for cheaper MAM options.
On our side, we offer you a MAM app store solution, so that you can manage some of the applications that are present on the device. Appaloosa will never take control of all your devices.
At best, we will delimit a part of the device that will become the "pro" part, and that you can manage on your side, without the employee deciding what is inside. In this part, which can be accessible by pin code, you can install apps, update them, remove some of them...