Absolute basics of mobile device management (MDM)

MDM, Technology

What is MDM?

MDM stands for mobile device management. The goal for MDM is to allow companies to manage the devices that end users have. The term “MDM” very specifically means the configuration and control of mobile devices.

What configurations are allowed by MDM?

Different configurations are available for different operatins systems. Here are some configurations that available for iOS end users: Email, Wifi, VPN, restrictions, passcode, webclips, and more.

What controls are allowed by MDM?

iOS has built in several MDM actions that allow MDM aministrators to control devices. This includes: locking a device, clearing the passcode of the device, remote wiping the device, deleting email privileges of a devices, and more.

What is a “policy?”

“Policy” is a very special term in MDM. It can be confusing, especially in a large company, to what a policy is because the word “policy” means different things. Many people see the term “policy” as meaning rules or guidelines that have to be followed. In MDM however, a “policy” is a set of data that can be pushed to a mobile device. There are two types of policies: application and configuration. Configuration policies are what configures and restricts a device. Application policies are what allow a device to download mobile applications.

What are the pre-requisites for MDM to work?
  1. MDM server.
  2. Trust established between MDM server and a push cloud service.
  3. Trust established between a mobile device and the MDM server.

How does MDM work?

The best way to illustrate how MDM works is by walking through the steps of how an MDM server communicates with a mobile device. Here are the steps:

  1. MDM server sends a command to a mobile device
  2. The command gets routed to a cloud service. This service is unique for each type of device.
    • Apple devices use the cloud service APNS.
    • Google devices use the cloud service GCM/FCM.
    • Blackberry devices use the cloud service RIM.
    • Windows devices use the cloud service WNS.
  3. The cloud service takes the MDM command and sends it to the mobile device.
  4. The mobile device receives this command (or finds it when checking into the cloud service), and then reaches out to the MDM server in order to receive further commands.
  5. The mobile device then executes whatever MDM commands received from the MDM server.
Tweet
Share
Share

Leave a Reply

Your email address will not be published. Required fields are marked *