12 MDM Questions Enterprises Should Ask

Mobility plays a significant role in enterprises, with both positive and negative effects for employees, for the IT departments that have to manage all these devices, and for the CIOs who are tasked with making policies for the company.

Mobility enhances productivity and business continuity, but it also puts pressure on operations to manage all of those external devices that carry critical business information. Due to a wide range of available platforms, functionalities, and usage habits, it can become extremely difficult for organizations to manage all of those devices.

What has continued to complicate the mobile enterprise is the sheer number of devices that IT has to manage, thanks to BYOD, where Apple's iPhone dominates as the preferred smartphone of employees and the admins who have to keep track of them.

However, there are other mobile operating systems -- including Android, Windows, and BlackBerry -- to consider as part of any BYOD program, as well.

To handle such issues, many organizations are investing in mobile device management (MDM) tools. These tools offer many features to manage an enterprise mobile fleet. MDM tools help secure devices and their contents to ensure enterprise compliance while respecting users' privacy.

Complicating matters is figuring out how best to manage not only the devices, but also the data that is stored on the gadgets. Many IT departments must decide whether data can live on smartphones or tablets, or whether it's better to control everything through the cloud, a situation that creates its own series of issues.

In the MDM marketplace, many vendors are offering effective and feature-loaded solutions, and it's essential to select the one that best suits your business needs.

To help you decide, InformationWeek looked at 12 specific aspects of MDM tools that IT, CIOs, and even employees who use mobile devices and access company data on those devices should consider when thinking about or creating a mobile plan for business.

[Did you miss any of the InformationWeek Conference in Las Vegas last month? Don't worry: We have you covered. Check out what our speakers had to say and see tweets from the show. Let's keep the conversation going.]

Most enterprise IT products and solutions now have multiple deployment options, including on-premises, cloud, or hybrid. You can choose the deployment option suitable for your requirements, including something that will work with your existing IT infrastructure. For some tools, the features on the on-premises version and the cloud version may vary, so it's important to ensure that the tool you choose offers the features and functionalities you need for your deployments.

Benefits: With a cloud-based deployment, you can easily scale up to accommodate a large number of users or devices. A hybrid deployment option provides flexibility and scalability. It's suitable for organizations that have a hybrid IT environment, which enables the MDM solution to migrate from one deployment environment to the other whenever required.

An effective MDM solution should be able to support integration with third-party enterprise applications such as directory services (e.g., Windows Server Active Directory, LDAP, Novell eDirectory), email infrastructure (e.g., Microsoft Office 365, Microsoft Exchange), APIs (e.g., SOAP, REST), corporate networks (e.g., Cisco, Juniper, SonicWALL), and content repositories (e.g., Microsoft SharePoint, Microsoft Office 365).

Benefits: Integration with third-party applications can help you maximize the efficiencies and capabilities of your MDM solution and your existing infrastructure. Integration can simplify the operational tasks of your MDM solution, and can help you manage and control many of your existing business applications (like email, calendar, documents, and many other productivity apps) using a single solution.

Many MDM solutions offer centralized management of multiple functionalities, including users, apps, content, and devices across a variety of platforms (e.g., Android, iOS, and Windows Phone) from a single Web-based console. Many solutions also provide a real-time dashboard for a quick snapshot, as well as detailed visibility into all operations and activities with support for multiple languages.

Benefits: A solution with centralized management and monitoring can save a lot of time and money in contrast with maintaining specific solutions for users, apps, devices, and content.

Bulk enrollment enables organizations to enter large numbers of users and devices into the system by uploading a .csv file that include such parameters as user name, email address, location, contact details, department, designation, and more. This functionality is a valuable feature for any enterprise, particularly during mergers and acquisitions, bulk hiring, or adopting a new mobility platform. Many solutions offer bulk enrollment of a very large number of users or devices in a single go.

Benefits: Having a solution with the ability to enroll devices or users in bulk can reduce your time investment and overhead, compared with adding or registering individual users or devices one at a time.

Containerization -- separating corporate and personal data on users' devices -- is a key MDM feature to protect corporate data at rest or in transit. Corporate containers are mostly used for email, applications, content, and browsing. Many MDM solutions enable corporate policies and controls to be applied only to corporate-owned data, while leaving users' personal data (which is outside the containers) untouched.

Benefits: Containerization can help protect your corporate data. It can ensure compliance at all times without compromising security, while also respecting users' privacy.

Many MDM solutions enable organizations to control mobile devices over the air with a wide range of commands such as remote wipe (full or selective), remote lock, send message, encrypt device, configure WiFi/VPN, sync device, clear passcode, change passcode, and find device.

Benefits: Over-the-air control of your mobile fleet allows you to manage devices remotely, enabling actions necessary to meet business requirements (such as when a device has been stolen or an employee has left the job).

A robust MDM tool can give an enterprise the ability to control or restrict a variety of mobile device resources, such as functionality (camera, Bluetooth, screen capture, and copy/paste), sync and storage (USB, backup, and SD card), application downloads from the marketplace, phone features (non-emergency calls, SMS, and MMS), security (lock-screen settings, and encryption), network services (WiFi, VPN, and data connection), and location services.

Benefits: An MDM solution with device-functionality-restriction options can improve effectiveness by offering a single solution to manage many of the built-in features of mobile devices across different platforms.

It's not uncommon in some industries for devices to be shared by multiple users, a situation that can pose a security risk. When devices are shared, each user must be authenticated before gaining access to a device or its contents to protect against unauthorized access. Many MDM tools offer a feature that allows multiple users to share the same device without compromising security.

Benefits: Multi-user support for a single device can save organizations money when compared to the cost of buying and maintaining multiple devices. This is a particularly essential feature in industries like hospitality and retail, where different people often use one set of devices or kiosks in different shifts.

A good MDM solution should offer an end-user, self-service portal that allows users to perform some basic actions. These functions may include: enrollment of new devices, resetting/removing/renaming/retiring devices, wiping devices, changing/clearing passcodes, syncing devices, locating devices, and locking/unlocking devices. Users can usually reference their last check-in details from an MDM self-service portal.

Benefits: A multi-functional self-service portal allows end-users to perform some basic actions on their own devices, such as changing a password and locking or wiping a stolen device, alleviating some burdens on mobile device administrators.

Compliance management policies describe predefined rules to manage the corporate data residing on users' mobile devices. In the event of a compliance breach (such as rooting a device or installing a blacklisted app), a predefined action (like device wipe, retire, or alert to admin) can be immediately performed.

Benefits: With this MDM feature, you can set some predefined rules and actions to meet your business needs, and alleviate the pressure of being watchful and responsive to any prohibited activities.

Security is especially important when an enterprise allows access to corporate data from mobile devices both in and out of the office. Generally, MDM solutions offer many security-related features like email security, multi-factor authentication, malware detection, firewalls, backing up and restoring devices, and more. Multi-factor authentication involves multiple factors in the authentication process to ensure device security before a user can access corporate information.

Benefits: Based on existing practices and infrastructure, organizations can implement certain security features across all the devices used in the organization.

There are multiple players in the MDM marketplace. Each vendor offers a different set of features to help enterprises manage mobile devices more effectively. Identifying the best fit can be a challenge. But, by being familiar with each MDM solution's features and benefits, you can compare them against your requirements and select the product that will best meet your organization's needs.

There are multiple players in the MDM marketplace. Each vendor offers a different set of features to help enterprises manage mobile devices more effectively. Identifying the best fit can be a challenge. But, by being familiar with each MDM solution's features and benefits, you can compare them against your requirements and select the product that will best meet your organization's needs.