>> Self-service: IT teams already have too much on their plates. The ability to provision devices via self-service portals is a big plus. Or say a user steps over the bounds of a policy by installing a blacklisted app. The MDM system should notify the user of what he needs to do to bring his device back into compliance.
>> Scalability and failover: These considerations are particularly important if you're running your MDM system on-site as opposed to as a SaaS offering. On-premises MDM systems need to be servicing the communications that rely on them 24/7. Building in fault tolerance is expensive, but important.
>> Reporting: Insist on audit and compliance reporting as well as usage analytics and inventories.
Finally, because the trend is toward personally owned devices, if an MDM system can't differentiate between enterprise data and personal data, don't buy it. What happens if you wipe a smartphone owned by a former employee and he doesn't have a backup of his contact lists? Are you liable for the loss? Ensure that the MDM product lets IT remove enterprise digital certificates, email and VPN profiles, enterprise-specific apps, and other corporate data while leaving pictures of the user's Cancun getaway intact.
MDM systems can help you manage multiple mobile device platforms before the problem spins further out of control--and results in a career-halting data breach. But before you buy any self-proclaimed miracle cure, commit time and resources to defining how you envision these devices interacting with your data. Control is the hallmark of a successful mobile device management program. As you develop policies, your end goal should be certainty that all data and connectivity profiles--VPN or Wi-Fi--that provide entree to corporate networks are completely secure, even when your company is on the bat-out-of-hell track to full mobility.
Grant Moerschel is a co-founder of WaveGard, a vendor-neutral technology consulting firm.
Lessons From Our MDM Buyer's Guide
Mobile Security Tech Center