What Is Mobile Device Management?

Mobile device management, or MDM, refers to the strategies and applications businesses use to manage mobile devices, such as smartphones and tablets, that are used by employees. Learn the definition of mobile device management and what it means to businesses, consumers, and employees.

Many companies have adapted the bring-your-own-device philosophy, requiring employees to use their own devices to log into email, retrieve documents, and access work-related apps. This puts a large amount of sensitive corporate data on a device the employer doesn't control. If an employee suddenly leaves the company, they can take sensitive documents, customer lists, and trade secrets with them. Even worse, their phone could get lost and fall into the wrong hands.

Mobile device management is a solution to mitigate such risks. If your employer issues mobile devices to employees for work-related tasks, they can use MDM software to track the activities of those devices and sync any data they collect with the cloud.

The most straightforward way your employer might assert control over their data is through the features built into mobile operating systems. These are presented as options when you attempt to connect your device to corporate systems, such as email through Microsoft Exchange. The system administrators can enable options that will require you to grant them certain permissions, including:

• Requiring a certain level of security to unlock the device
• The ability to lock the device remotely
• The ability to monitor if a certain number of unsuccessful unlock attempts are reached
• The ability to monitor internet activity
• The ability to wipe all storage on the device

The goal here is clear: Your company wants to make sure it's not easy for anyone to pick up the device and get access to it, and if someone does, the company can make sure valuable corporate data doesn't fall into an outsider's hands.

In most cases, mobile device management will only impact you if you lose track of your device, but it also represents some loss of privacy for you. Your employer (or another member of your company) might be able to track your location with the device without your knowledge. If you do legitimately lose your device, your employer can wipe all your data, including personal items like text messages and photos.

If you attempt to sign in to MS Exchange using the Gmail app on Android, you'll be prompted to grant permissions (shown in the screenshots below). If you don't grant these permissions, you can't check your work email on your phone, nor will you get reminders for appointments on your work calendar. On the other hand, mobile apps like Microsoft Outlook don't require such permissions because administrators can utilize Microsoft's own safeguards without requiring access to other areas of your device.

There are more sophisticated methods of mobile device management. Companies like Google have solutions, such as the Android Enterprise Recommended program, that effectively split your phone in two. One profile contains your personal stuff, and the other contains stuff related to your job.

For example, if your company uses a VPN to share company files, you'd only be able to access those files using apps from the work profile. If your company has a web filter preventing you from visiting certain websites on your work PC, then you likely can't access those sites from the work profile on your phone. The company may also automatically install new applications on your work profile.