Remote work has increased the use of mobile devices and tablets by end users, creating more ways of accessing business data and interacting with the different company systems.
As a result, IT departments must be able to manage and secure endpoints from outside of their network. This might be a simple task for organizations with large IT departments, but SMBs that might not have a dedicated IT professional must be very careful about how they expend resources and what management platforms -- such as mobile device management (MDM) -- they choose.
Why do SMBs need MDM?
End users are in near-constant need of some sort of IT support, whether they know it. These needs include application installs, software updates, performance issues, security incidents or just general support. There are also other common maintenance activities that administrators must perform on mobile devices to protect from malicious content and ensure the endpoints meet security requirements.
One of the main risks of not using MDM or some other tool within an SMB is the security associated with those devices connecting from home or public networks into the company systems. Additionally, the use of personal devices for this same purpose might have the same implications if these devices lack adequate protections, update posture or are compromised. This can lead to a breach into the company's systems and have catastrophic implications.
To help secure devices that connect to the company's network and data, SMBs must consider MDM -- or a more comprehensive tool with similar controls such as unified endpoint management (UEM) -- to exact more careful controls over devices accessing company data.
MDM tools provide several utilities for administrators that are critical to the health and security of the organization at large. Five of the most important functions MDM can provide for an SMB are as follows:
1. Asset management
MDM platforms should provide various controls for managing and monitoring hardware assets, inventory systems, security and update posture checks, and more. On the application front, MDM tools help with software licensing and purchasing for the organization, which can improve license compliance and inventory of all paid and unpaid applications.
One MDM platform with strong asset management is the Apple-focused Jamf Pro. SMBs that use Mac iPads, iPhones and Apple TVs can deploy this platform to support business initiatives via a web interface. From here, administrators can easily identify all registered devices, view the status and update poster of each, and gain insights into the different apps deployed.
2. Security protections and policy management
As security continues to be a prime focus of device management in businesses of all sizes, dealing with mobile and personal devices poses a significant risk to small businesses without dedicated IT staff. MDM platforms can support the deployment of security policies that can help restrict devices and protect data by enforcing password policies, restricting certain application functions and deploying protection applications.
MDM vendor N-able offers a platform with built-in endpoint detection and response (EDR) tools that can protect devices from a broad range of threats.
3. Remote access -- in some devices
Another area that is commonly needed for SMBs is the remote access feature to assist users with some of their device needs. When a user contacts the help desk, IT can use utilities within certain MDM tools to remote into the devices and see what the end users are experiencing.
Vendors such as Hexnode offer remote access tools within their Remote Monitoring and Management offering to assist with remote access.
4. Application and update management
When it comes to installing applications and deploying updates, it is no longer feasible for administrators to require their end users to be physically present in the office to run them. This is due to many factors, but chief among them is remote work. To help facilitate the need to keep apps and mobile OSes updated, MDM tools allow admins to push applications and patch systems accordingly.
For organizations with heavy Apple device usages like iPads, iPhones and Apple TVs, Apple Business Manager has an MDM offering that serves these needs. It includes Apple account configuration and management, mobile VPN management, security policies, licensing management, data management and application management.
5. Remote monitoring for mobile devices
To keep up with the health and status of mobile devices, admins can use MDM tools to receive alerts on any device issues. These include storage issues, alerts, security risks and any other relevant health details on the device to avoid malfunctions, performance issues or security incidents.
Tools such as Microsoft Intune -- now a part of Microsoft Endpoint Manager -- can provide reporting and technical assessments, as well as benchmarks against Microsoft's published best practices for mobile devices. Admins can use this information to make any necessary changes that are recommended by the platform and ensure that the appropriate policies and updates are in place.