Mobile Device Management Solutions for Verizon
PCMag editors select and review products independently. If you buy through affiliate links, we may earn commissions, which help support our testing. Learn more.
The Best Mobile Device Management (MDM) Solutions
Today's IT admins need to keep track of an ever-growing amount of mobile devices that inhabit their networks. We test eight tools that can help admins know what resources their employees' mobile devices are accessing, as well as locate, lock, and potentially wipe lost devices.
The Year in Mobility
The number of headline-grabbing data security breaches has grown in recent years. Many of these disasters were the result of the loss or security breach of mobile devices. As a result, IT managers need to find ways to securely manage these devices more than ever before. The average employee has come to expect a Bring-Your-Own-Device (BYOD) culture in their company, but the BYOD movement still represents a significant attack vector to corporate security. IT managers must find ways to facilitate the use of personal devices while also keeping work and personal data both separate and secure.
It's been a while since we dug into the mobile device management (MDM) category, so it's time for an update. However, updating this round of MDM product reviews has seen some vendors pushing for a more comprehensive review. Citrix, IBM, Microsoft, and VMware have expanded their product offerings and are steering customers toward their higher-end options. In most cases, this is based on customer demand and the need to manage a wider range of devices and applications.
You Can Trust Our Reviews
Since 1982, PCMag has tested and rated thousands of products to help you make better buying decisions. (Read our editorial mission.)
For this review roundup round, we looked at AppTec360 Enterprise Mobility Management, Baramundi Management Suite, ManageEngine Mobile Device Manager Plus, SOTI MobileControl, along with Citrix XenMobile, IBM MaaS360, Microsoft Intune, VMware AirWatch. MobileIron declined to participate. These products are the best of the best in the MDM space. The other leader, according to Gartner's 2017 Magic Quadrant for Enterprise Mobility Management Suites, is BlackBerry, which we hope to review in a later round of this update. Microsoft has made some gains from last year's version and now sits at number six on the list.
Identity is a key piece of the MDM puzzle and is foundational to protecting corporate assets, be they physical or digital. Microsoft's Enterprise Mobility + Security (EMS) Suite includes the basic MDM functionality plus their Azure Active Directory (AD) identity product. VMware has added improvements to their identity solution and rolled it into the VMware Workspace One (6.00 Per User Per Month at VMware) product. All the products we tested provide integration with Microsoft's on-premises AD service to authenticate corporate users.
Another trend that has continued to gain momentum is the use of personal devices for accessing corporate mail and content. All vendors provide some level of monitoring for devices that are simply enrolled and not managed. It's common to treat corporately-owned devices differently, down to the level of providing a minimal number of apps, and restricting or disabling the ability to install new apps. The primary concern for corporate IT personnel is the protection of company data, and all of the products we tested provide this at some level.
What Is MDM?
In case you're confused about what exactly MDM or [enterprise mobility management (EMM) as it's often referred to] is, well, that's changed a bit from our last roundup, too. As with our previous roundup, the biggest challenge in this update was drawing a line between MDM and any other functionality, including app management and delivery, security features such as advanced endpoint threat management, and document protection. All of these vendors have many additional capabilities beyond basic MDM to get your attention. Managing desktop computers is another area in which traditional mobile management platforms are looking to make inroads. Corporate adoption of Windows 10 has provided an opportunity here and several of these vendors have included support for this in their products.
It's pretty obvious that a lost corporate mobile device represents a significant threat. Providing the ability to locate, lock, and potentially wipe lost devices must be available. Automating that process is even better. Many of the products reviewed here provide a geofencing capability which can generate alerts and take action should a device cross a specific boundary. This works great for a company with a local workforce where the devices should never be more than some fixed number of miles away from the home office. This feature can be tweaked for traveling employees and, in many cases, can be time restricted as well.
Policy-based security is pretty standard across all of the products in this roundup. Configuring devices to use a personal identification number (PIN) to lock the device is just one of many policies which can be set as mandatory. Other policies to restrict behavior or to lock down specific apps are also common. The boundaries get a little blurry when you move from corporate-owned devices to personally owned or the BYOD scenario. Having the ability to restrict the gathering of location and other sensitive data from a personally owned BYOD helps keep employees happy while letting them use their own devices for company work.
Enrolling lots of devices might not seem like a big deal but it can be a showstopper without some type of automated process. Providing a connection to a local AD domain to process users is one method. Most of these products also offered a way to import users and devices from a flat file to streamline enrollment in the case where either users or devices aren't identified in a directory service.
Test Approach
For this review roundup, our goal was to focus on mobile management, which means testing across Android, iOS, and Windows Mobile. To get a feel for different devices, we used four different phones to evaluate the experience on different devices. Key pieces for testing come from this short list:
- User and device self-registration,
- Verify that policies, settings, updates can be pushed out,
- Understand how the product deals with locating lost devices, and
- How the product handles data security.
To test on different platforms, we used a Samsung Galaxy S8+ and Galaxy Note 8 running Android 7, an Apple iPhone running iOS 10, and an HP Elite X3 running Windows 10 Mobile. We tested all device wipe actions on both the Windows phone and the Apple iOS phone. Client software was removed and the device returned to its original state prior to testing a different product.
How to Buy
For this roundup, we focused on several key areas which can help with any evaluation. Enrollment can be a significant issue for a large number of devices. Any added capabilities to make that process easier goes a long way in judging a product as acceptable or not. That can spill over into the user enrollment experience as well. Making a user enter information that could be entered either by using a specific URL or a QR code scores extra points.
At the administrator level, it's all about tracking down problems. Presenting a dashboard with easy access to key information and one that uses color to help quickly identify problem areas gets the highest marks. Another nice-to-have feature is the ability to customize the dashboard screen to present information of importance. The same goes for reporting when it comes to customization. Canned reports are all well and good but everyone doesn't necessarily want the exact same thing.
Ease of device control is another key feature, and by that we mean being able to quickly find a device and then take some kind of action such as lock the device or perform a secure wipe. If you get a phone call from an employee who just landed at a distant airport and they lost their mobile device, then you want to be able to take action right away. Removing devices from MDM control shouldn't be a big deal, especially when you allow employees to BYOD.
Data security is the final big item to evaluate and this is often where the products take different approaches. Some vendors provide a secure file sharing and syncing capability while others go further to protect copy and paste of information from a corporate app such as email to a personal account. The same goes for moving data from a corporate location to a private storage service such as Dropbox.
Like What You're Reading?
Sign up for Lab Report to get the latest reviews and top product advice delivered right to your inbox.
This newsletter may contain advertising, deals, or affiliate links. Subscribing to a newsletter indicates your consent to our Terms of Use and Privacy Policy. You may unsubscribe from the newsletters at any time.
Mobile Device Management Solutions for Verizon
Source: https://www.pcmag.com/picks/the-best-mobile-device-management-mdm-solutions