David Graham, Principal Consultant, Certero
Originally posted in May 2016, revised in November 2019.
What is an MDM Solution and what are the benefits of agent vs agent-less deployment?
The number of mobile devices within organizations continues to grow year-on-year. Such a development means that organizations need MDM solutions to manage these devices, leading to deciding between agent or agent-less deployment.
What is Mobile Device Management (MDM)?
Mobile device management is the industry term used to describe the administrative management of mobile devices, which includes smartphones, tablets etc. It involves the process of deploying, securing, monitoring, integrating and managing devices within the workplace. This allows you to protect your corporate network while using the functionality of mobile devices.
Why do you need MDM?
Managing mobile devices within your enterprise can be difficult and time consuming without the right tools in place. With accessing your network and sensitive corporate data being a bit of a balancing act, an MDM solution must be simple for the end user but provide the functionality required to ensure that the enterprise stays secure. On the one hand organisations need to protect sensitive data on mobile devices against misuse or theft, but also accommodate the need to keep personal use of their mobile device private. This is more pronounced when the device is the employee’s own, being utilized under a BYOD (Bring your own device) policy. (Benefits of a BYOD policy). BYOD is when an employee uses their own personal devices within the workplace, however, this can come with its own advantages and disadvantages.
How does an MDM solution work?
An MDM solution works by placing an agent or app on the device to monitor and control it (if lost or stolen). Many employees don’t like this and either remove the agent/app or don’t sign up in the first place. Employees dislike this as it gives corporate IT the ability to dictate device policies, from enforcing password security to blocking access to certain applications in the app store.
This has led to the introduction of agent-less MDM solutions to give a level of control back to the user when using their own devices within the workplace. But, these have their problems as well. In particular, without the agent installed on the device it is impossible to detect if a device has been rooted or jailbroken. This can leave organisations open to hacker attacks or the impact of malware.
Mobile Device Management: The best of both worlds
To keep both the end user and the IT department happy, Certero took this user behavior into account when designing our MDM solution, Certero for Mobile. We recognize that a solution must fit the needs of the industry. Firstly, we understand that if an agent/app impacts on the performance of the device, then a user would be more likely to uninstall it. So, Certero for Mobile has no noticeable impact on device performance (battery, device speed etc) and does not interfere with other apps. All of which helps to prevent instability and freezing of the device. This promotes the use of the MDM solution by employees.
Certero for Mobile recognizes BYOD devices on the network and turns off certain features to ensure user privacy. The solution can be flexible and customizable to suit your organisation. This includes collecting user location information as well as inventorying which apps are installed on the device. Giving you the ability to create separate groups with disparate (essentially different in kind; not able to be compared) policies for company owned and BYOD devices.
Importantly, Certero for Mobile can detect jailbroken or rooted devices, enabling such devices to be remotely wiped or disabled. So giving you the best of both worlds – security for the organization and privacy for the employee.
Keen to embrace an MDM solution and start or improve how you manage mobile devices? Get in touch with Certero today.