Mobile device management (MDM) technology has matured and is widely adopted across the enterprise. MDM now serves as a baseline management tool for organizations, supporting workers using smartphones, tablets and laptops for business use. While MDM technology has somewhat commoditized and evolved to the broader enterprise mobility management (EMM) market, businesses are seeing revived interest in device management as IT teams are tasked with discovering, managing and securing new types of endpoints connecting to business networks.

Learn about IBM’s industry-leading approach to MDM

Smartphones and Tablets Have Company: Supporting New Device Types

Broad new categories of devices types are appearing on enterprise networks and connecting to IT infrastructures. Technologies such as the internet of things (IoT) are appearing in the workplace, including connected conference room equipment such as video and audio gear, collaborative computing platforms (e.g., Microsoft Surface Hub), general-purpose wearables (Apple Watch), and specialty devices (augmented and virtual reality). These diverse form factors are increasingly being used in office environments and in specific use case scenarios. Consumer IoT devices, such as Apple TVs, Chromecast, and smart speakers such as Alexa and Google Home, are also popping up in the office, making business workspaces more connected and productive.

The general proliferation of screens in the enterprise is another trend driving new interest and deployment scenarios for MDM. When formerly analog processes (paper workflows, clipboards, etc.) become digitized, a smartphone or tabletlike device is often introduced into the process. The addition of these devices presents a new opportunity for mobile device management enrollment and use case support.

In industrial and ruggedized device scenarios, smartphones and tablets are increasingly replacing legacy and proprietary handheld devices for single-purpose applications, such as bar code scanning inventory tracking, image capture and data input. Many proprietary endpoint technologies are converging and standardizing on smartphone operating systems such as Android and iOS. These new rugged, single-app devices will still require close monitoring, management and security. In some use cases, the most sensitive information in a business’s supply chain, workflow or other operations often flows through such endpoint types.

Rapid adoption of Windows 10 devices and modern management frameworks is another driver of new MDM use cases and management scenarios. Windows 10 devices can be managed traditionally by PC management platforms such as Microsoft System Center Configuration Manage (SCCM), but also under a new modern management framework, where PCs are not managed by traditional domain-joined or active directory. Modern management is essentially “Windows MDM,” similar to MDM used for iOS/Android phones. Software updates, application delivery and other configurations are done over the air on the public internet. Modern management greatly expands the use cases as well as the potential universe of devices that could be managed by an MDM platform.

The Risks and Rewards of Connected Workspaces and Workplace IoT

There’s a strong business case for having a connected workspace and working environment. This notion encapsulates futuristic scenarios — such as connected conference rooms with audio, video and collaboration tools — where meetings start instantaneously when attendees enter the room. When technologies such as location tracking and awareness tie into systems like smart building and facilities solutions, advanced use cases around power management, smart facility management and physical security analytics come into focus.

There are risks and challenges involved in connecting all these new endpoint device types into a connected workspace. Industry standards surrounding IoT device security are in their infancy, and this space is rapidly evolving across a broad swath of industries looking to connect products to IP networks. There are already stories in the media about mundane connected endpoints used as launching points for sophisticated cyberattacks on enterprise IT infrastructure. Businesses will have to weigh the potential benefit of a highly connected workspace with the risk of breeches and intrusions that such an infrastructure might make possible.

MDM’s Role in Connected Workspace Device Management

The role of MDM in a connected workspace environment is similar to the traditional role of MDM in fleets of smartphones and tablets. Software updating, policy enforcement and endpoint configuration are primary functions of MDM in workspace IoT environments. Ruggedized, consumer and industrial IoT endpoints require software updates, patches and monitoring for compliance and security posture.

An MDM platform deployed for a connected IoT workspace can also be a critical tool in mitigating threats to connected devices on the network. If a hacked or compromised device is detected by a security platform, MDM platforms will play a critical role in the enforcement chain, from disconnecting devices from the network quarantine to providing OS-level wiping in other scenarios.

What to Look For in a Modern Mobile Device Management (MDM) Platform

An MDM deployed in the modern connected office should have a strong set of attributes and capabilities for securing and managing new types of connected devices. Not all traditional MDM platforms will apply to this new type of use case.

Look for MDM platforms that have strong device management capabilities across a broad set of endpoint operating systems. This means going beyond traditional MDM-managed OSs, such as iOS and Android. In these scenarios, MDMs must support platforms such as Windows, Linux, real-time operating systems, and emerging/embedded IoT operating systems such as Android Things. MDM tools for advanced workspace management scenarios should also have a strong ecosystem of software partners around security and management technologies. Key integrations here include security and vulnerability management systems, security information and event management (SIEM) platforms, and advanced mobile threat defense (MTD) integration.

As new deployments of screens, IoT devices and other connected endpoints proliferate across enterprises, IDC sees MDM technology as a strategic platform for businesses to secure, manage and control these new mobile-oriented use cases.

Learn about IBM’s industry-leading approach to MDM

More from Endpoint

The Evolution of Antivirus Software to Face Modern Threats

Over the years, endpoint security has evolved from primitive antivirus software to more sophisticated next-generation platforms employing advanced technology and better endpoint detection and response.  Because of the increased threat that modern cyberattacks pose, experts are exploring more elegant ways of keeping data safe from threats.Signature-Based Antivirus SoftwareSignature-based detection is the use of footprints to identify malware. All programs, applications, software and files have a digital footprint. Buried within their code, these digital footprints or signatures are unique to the respective…

Contain Breaches and Gain Visibility With Microsegmentation

Organizations must grapple with challenges from various market forces. Digital transformation, cloud adoption, hybrid work environments and geopolitical and economic challenges all have a part to play. These forces have especially manifested in more significant security threats to expanding IT attack surfaces. Breach containment is essential, and zero trust security principles can be applied to curtail attacks across IT environments, minimizing business disruption proactively. Microsegmentation has emerged as a viable solution through its continuous visualization of workload and device communications…

Self-Checkout This Discord C2

This post was made possible through the contributions of James Kainth, Joseph Lozowski, and Philip Pedersen. In November 2022, during an incident investigation involving a self-checkout point-of-sale (POS) system in Europe, IBM Security X-Force identified a novel technique employed by an attacker to introduce a command and control (C2) channel built upon Discord channel messages. Discord is a chat, voice, and video service enabling users to join and create communities associated with their interests. While Discord and its related software…

3 Reasons to Make EDR Part of Your Incident Response Plan

As threat actors grow in number, the frequency of attacks witnessed globally will continue to rise exponentially. The numerous cases headlining the news today demonstrate that no organization is immune from the risks of a breach. What is an Incident Response Plan? Incident response (IR) refers to an organization’s approach, processes and technologies to detect and respond to cyber breaches. An IR plan specifies how cyberattacks should be identified, contained and remediated. It enables organizations to act quickly and effectively…