Mobile Device Management (MDM) is an increasingly important IT management discipline, particularly with the rise in mobile working and the Bring Your Own Device (BYOD) phenomenon.

In response, technology vendors have created a whole range of tools and technologies to help IT professionals to stay on top of their burgeoning mobile estates.

MDM enables organisations to track their assets using GPS; enforce usage policies; apply over-the-air software and application updates; support end-users with remote-controls; and secure data using functions such as ‘power on password’, application lockdown, and remote data wipe or kill.

By using the analytics features in some MDM suites, IT managers can also track device and application usage, and identify problems that may require additional training or discipline.

UK law firm Maclay Murray and Spens (MMS) is typical of an organisation that has come under increasing pressure from employees who want to use Android and Apple devices for work, which compelled it to deploy MDM technology.

Crawford Hawley-Groat, director of IT at MMS, says his IT department was tasked with creating an enterprise mobility strategy that would enable flexibility in device choice, but without impacting security.

“It became clear our corporate-owned, BlackBerry-only mobile policy was no longer fulfilling the mobile demands of our employees. As the consumer smartphone market matured, the demand to use other devices like iPads, and have the option to use their personal iPhone or Android devices for work, has grown significantly,” he said.

Hawley-Groat adds that many of the firm’s lawyers work away from the office, visiting clients and courtrooms, and this requires his department to manage large amounts of data on the move. Many wanted to use iPad tablet computers.

MMS went on to devise a mobile management strategy that had security at the core; but which supported a range of different corporate devices, as well as including a BYOD policy; and which kept the IT department in control, Hawley-Groat said.

The firm evaluated a number of MDM platforms and technologies, eventually implementing MobileIron’s MDM suite, due to its support for multiple operating systems, says Hawley-Groat. The software can also track the locations of assets using GPS, monitor employees’ online activity, effect remote wiping of data, and secure the range of devices without the users needing to authenticate themselves.

Full suites

More and more IT managers are starting to demand MDM suites that offer the full complement of features, say experts. “More enterprises are now realising the benefits of having a full suite of tools at their disposal to visualise and manage the entire IT estate – including those external devices associated with the network – via a single user-interface in seconds,” notes Koby Amedume, EMEA marketing director at IT systems management software firm Kaseya.

“Once equipped with a comprehensive IT management solution, technicians can enforce policies, create ‘corporate profiles’ on personal devices, and automate a vast number of otherwise repetitive tasks, freeing up their time for other activities.”

He added: “Monitoring and managing devices on the corporate network is a complicated and disparate process for IT teams, with the BYOD debate bringing yet more challenges. While all-encompassing software platforms have often been dismissed as too generic, continued advances have put their technical capabilities on a par with more specialist solutions.”  

However, as well as having the ability to track and manage mobile devices, security remains a core function of the MDM suite, although some say the security features are inadequate.

Cesare Garlati, vice president of mobile security at Trend Micro says that while MDM has become the de facto platform for managing devices and enforcing policies, it also represents “a first line of defence that must be complemented with other IT management and security tools”.

One of MDM’s weaknesses, says Garlati, is that it often lacks “true security” such as encryption and anti-malware protection. It can also be intrusive from the user’s perspective, particularly in terms of their privacy.

Glyn Owen, portfolio manager at ICT services provider Damovo UK, agrees about the security issues of MDM. He said: “Currently, mobile security is often left in the hands of the end users, meaning that important company and personal data can be easily compromised if devices are lost or stolen. In addition, the onus is on the end user to return mobile devices to the IT department or the device manufacturer when software needs upgrading. As a result, organisations are left with many different devices running different software versions with differing levels of protection. Such inconsistent upgrade cycles can lead to increased mobile security and performance concerns.”

Owen adds that new, sophisticated mobile devices, which are becoming the de facto tool of choice for business users, are bringing a whole raft of security and productivity concerns. “Without properly provisioning and having an effective MDM strategy in place, organisations are going to incur increased support costs and risk losing the visibility and security they had created in the fixed desktop environment.”

He urges IT professionals to use features such as ‘over-the-air updates’, data encryption and remote data wiping, to ensure their workforces’ mobile devices stay secure, “especially if they fall into the wrong hands”.

Another industry-watcher, Nathan Marke, CTO at IT services firm 2e2, says his business has seen rapid growth in demand for MDM from its enterprise customers, and expects this trend to continue. However, mobile devices bring new security concerns that require smartphone and tablet control services, such as data encryption and remote device lock and wipe.

He said: “As enterprise wakes up to the threat represented by unstructured corporate data being stored and accessed on mobile devices, we are likely to see more of them wanting the ability to administer consistent policies across their fixed and mobile estates. This will require enterprises to have a coherent strategy when it comes to ID management, access, anti-virus, anti-malware, anti-spyware, data backup and so on.”

MDM looks set to stay high on the IT agenda for IT leaders, as more organisations embrace mobile and flexible working, and support a greater array of portable devices. Consequently, IT managers can expect to go on securing, tracking and supporting mobile devices long into the future.