Mobile device management (MDM) describes how companies manage the administration and security of mobile devices (cellphones, tablets, laptops, etc.) issued to employees. All businesses—especially smaller ones, due to the higher level of vulnerability—should establish a solid system that ensures reasonable control over all company hardware, software, and data. This should start from when the devices are ordered and issued to when the employee leaves the company.
MDM solutions typically consist of a server that manages mobile devices and a client application that users install on their devices. We recommend using MDM software like Rippling, which can manage your mobile devices through the entire lifecycle of each employee and also serve as your HR software. It makes mobile device management easy by providing remote access to perform everything necessary—enrollment, configuration, app management, device backup, activity insights, and more—right from your dashboard.
How Mobile Device Management Works
A strategic mobile device management system can help you keep track of which devices are active and which ones have been deleted or lost. A more advanced system—often handled by an IT expert and supported by software—can also help you limit employee access to specific devices and apps that are not required for their jobs, while also providing protection from malicious software.
In general, mobile device management has two approaches: manually or via software. The breadth of this process depends on how well it’s implemented and can be as basic as setting up policies or as complex as generating user activity insights reports to improve device efficiency and usage.
Manual Mobile Device Management for Small Businesses
For small businesses with a limited employee base or a tight budget, mobile device management can come in the form of manual management, which includes following a policy and device tracking. Your small business may not require advanced app management.
MDM Policy Creation & Implementation
A mobile device management policy can help protect your company’s data. The policy should include information on which devices will be supported, how data will be secured, and which apps or functions will be allowed.
A tracking system ensures that all devices issued are being tracked by their serial, IMEI numbers, etc. This is usually a manual spreadsheet with data showing check out/in of all devices, along with the employee’s name and the dates/times of borrowing.
Using your in-house IT department to manage your MDM may include a quick installation of basic software (Microsoft products, communication software like Slack and Zoom, etc.) after HR sends a new employee setup request during onboarding.
Keep in mind that while your HR department will be the main point of contact for getting mobile devices set up for new hires (or the office manager/business owner, depending on the size of the company), the technical aspects of more advanced MDM are best left to an IT expert. There is a lot of behind-the-scenes work to be done before issuing a device, like device configuration, device policy setup, app and security software installations, etc.
Mobile Device Management Using Software
Working with a software provider that has MDM products is a great option for companies that are just starting to implement a mobile device management system. The provider can set up the software system for you, and you or a designated employee can act as the administrator.
When your needs become more advanced, requiring more than basic software installation of Microsoft products, Slack, and security systems, then you can always hire an IT contractor to help work out any kinks. And if growth supports it, your company may graduate to hiring an IT manager (and potentially a department).
Mobile Device Enrolling & Activation
Administrators can enroll and activate mobile devices through the MDM software and ensure that each one is properly configured and registered. All units can also be set up to receive recurring updates and security patches—helping organizations comply with government regulations related to mobile device use.
Device configuration refers to the process of setting up the hardware for its intended use. Depending on how advanced your needs are, you may need an IT expert to help in addition to an MDM software. For example, if your employees need access to an intranet or VPN (virtual private network) on their mobile devices, then you will need an IT professional to set it up, as this requires a custom installation. Most user-friendly MDM software providers, however, will be able to tailor the configuration so you can perform basic tasks, like:
- Initiate the setup of user accounts: When new employees join the company, they need access to the devices required to do their jobs and within a timely manner (ideally by Day 1). If working with a software provider that makes this easy for a non-IT expert, you should be able to enter the employee’s basic information, select general software they need access to (as long as it is pretty common), and initiate an automated setup.
- Set passwords and personalize security options: Every new employee must be set up with unique passwords to use the company software needed. IT staff or the MDM provider can also put in additional security measures to ensure that your company’s information remains secure.
- Assign unique identification numbers: If your business requires unique identification numbers for employees, this can typically be set up directly through your MDM solution.
- Activate the device: Once you have chosen the appropriate devices for your new employee and set up all security and identification measures, your MDM can activate the device automatically for the employee.
Policy Integration With Company Mobile Devices
Mobile device management policies are designed to protect data and enforce compliance with company security and privacy guidelines. These can provide centralized control over mobile devices.
With MDM software, you can set automated prompts that coincide with your policies such as when to wipe data remotely, block access to applications and websites, and send notifications for improper usage of a device. This can help improve security and compliance on the front-end while reducing the amount of time needed to manage mobile devices.
MDM tools provide a way to centrally control the usage and security of devices, ensuring that they are used for work purposes in accordance with company policy. It can also help prevent data theft and other forms of malicious activity.
Some common security tools needed may include:
- Antivirus software
- Firewall applications
- Email Security
- Certificate-based authentication
- Device permissions and restrictions
Remote Wipe & Lock
Remote wipe and lock is an important security feature that allows administrators to remotely erase data from devices and/or lock them so they cannot be used or accessed by unauthorized users. This helps to protect data and ensure that it is not compromised.
For example, if an employee’s device is lost or stolen, someone from your IT department can quickly and remotely wipe all data or lock the device so that no one can access what’s stored in it. The same is true for terminated employees; computers and cellphones can be wiped and locked at the exact moment of termination, making it impossible for the terminated employee to access company property prior to the return of the device. In fact, whether you are using an MDM system or not, removing systems access is an essential part of the employee termination process—merging it with your MDM process just makes things a bit more streamlined.
Apps Management on Company-issued Mobile Devices
The application management process involves the installation, configuration, and management of applications on Android and iOS devices. On some devices, this may be as simple as downloading apps from an app store.
MDM solutions take it a step further and provide a secure environment for managing app permissions. These can also automate the installation of new applications and ensure that all installed apps are up to date. On top of that, such software can also monitor the use of apps and manage app privileges more tightly than traditional user management methods.
A good backup system will protect your data from accidental loss and allow you to restore a device to its previous state if something goes wrong (i.e., the hard drive goes out). There are different ways to back up your device, and the best one for you will depend on your specific needs. You can use a cloud-based service (though you will likely have to pay a monthly fee), a local storage system, or a combination of both.
User Activity Insights & Reporting
When using an MDM solution, you can pull up reports on user activity data, such as the applications and websites that are accessed, to provide insights into how employees are using their devices. You can apply these insights to better decide which applications and services to install on devices.
Corporate Data Management
Corporate data can be synced from internal servers and managed through an MDM solution, keeping corporate data secure and ensuring that devices are compliant with company policies. This is all in place to keep both corporate information and private data safe throughout the devices of your employees. This includes any human resources information (e.g., employee data) that might be private information to just your corporation.
According to a recent survey, most organizations are using mobile device management to whitelist and blacklist apps and websites (65%), automate app updates (55%), and wipe lost or stolen devices remotely (49%).
Use of Personal Devices
BYOD (bring your own device) policies are becoming increasingly popular in the business world, as employees are using their own mobile devices to access company data. This allows employees to use their personal devices for work purposes, which can save the company money on devices and software.
However, there are some security risks associated with this policy, and companies need to take steps to ensure that data is protected.
- Require employees to use a VPN when accessing company data from their personal devices.
- Require employees to install company-issued security measures—antimalware and antivirus software, firewalls, etc.
- Require secure logins and passwords to access company data.
Why Small Businesses Need MDM
A robust MDM system can help improve productivity and security, regardless of the size of the business. However, smaller businesses, in particular, benefit from it the most, as they may not have the resources or staff to manage devices themselves. An MDM solution can be even more beneficial, as small businesses will be able to access remote diagnostics and repairs, secure data storage, and more.
MDM is typically necessary for businesses that fall into any of the below categories:
- Service Industries (e.g., restaurants, retail, hospitality, maid services, hair salons)
- Tech Companies (e.g., wireless companies, IT, computer management)
- Nonprofit organizations
The Role of HR in Mobile Device Management
Businesses are increasingly reliant on mobile devices to perform their work tasks. However, managing these devices and protecting company data can be a challenge. To do so, organizations must have a solid HR strategy in place. This includes:
- Implementing policies and procedures
- Tracking usage
- Managing employee access
As mentioned before, while the more advanced technical aspects of MDM are generally completed by an IT department, HR is typically the main point of contact and project manager for getting mobile devices set up for new hires. Prior to onboarding your new employees, HR should ensure that their devices—laptops, smartphones, desktops—are fully set up and ready for use.
Use our free New Hire Checklist to ensure you have completed all steps required to hire and onboard a new employee, including mobile device management.
Mobile Device Management Software Solutions
There are many different types of MDM systems available, so it’s important to do your research and find the one that best meets your needs. Some systems are cloud-based, while others are installed on-premises.
With Rippling, you can manage your employees’ mobile devices directly from your Rippling dashboard. When you onboard a new employee through the dashboard, you can buy/reassign, set up, and ship their devices—all ready to go with necessary apps downloaded, security set up, and VPN/Wi-Fi installed. As long as all apps and security systems are added to your Rippling dashboard, there is no need for complicated IT administration.
Pricing starts at $8 per user, per month, plus a monthly platform fee, for the core workforce management platform. Then you can customize by adding the products you need, such as time and attendance, benefits administration, and device management.
Scroll through the tabs to learn more about mobile device management through Rippling.
Rippling will allow you to order Mac or PC devices (computers, smartphones, tablets, monitors, etc.) and set them up directly from your dashboard. Alternatively, you can select inventory already on hand for reassignment to a new hire.
Once you have selected the devices, you have the option to immediately install the necessary apps. Rippling will automatically create user accounts for the new employee in each app, as well as create permissions based on their user roles.
The final step is getting the device to your new employee. If you purchase a new device, you can ship and track the item directly from your Rippling dashboard. Each device will be delivered fully set up and ready to use.
When an employee leaves your company (via termination or resignation), Rippling will handle your device offboarding. From your dashboard, you can schedule a day and time to disable the device, wipe or lock the data on the device, and schedule collection for return.
Devices can be stored at your office or offsite at a Rippling warehouse, where they are held until you are ready to reassign them to a new employee. Through your dashboard, you can easily monitor your inventory—and from there, you can pick a stocked device, configure it, and ship it directly to your new hire to be used again.
Other MDM Software Solutions
While we suggest Rippling as our top candidate for mobile device management, there are other solutions out there that can match any budget.
- FileWave: Offers end-to-end mobile device management solutions. It’s custom-priced, with a free trial available.
- Kaspersky: Provides multilayered security for cellphones and tablets. The software is downloadable to your current network and ranges from $202 to $770. A 30-day free trial is available.
- MobileIron: Cloud-based MDM solution that enables secure access to data and apps on any device. It’s custom-priced with a 30-day free trial available.
Mobile Device Management Privacy Laws
Many states have specific privacy laws that apply to MDM solutions. It is important to understand these laws before purchasing or deploying an MDM solution to ensure that all users’ personal information is protected.
Any company that uses mobile device management solutions needs to be diligent in remaining compliant with privacy laws. Some specific compliance regulations include:
- Payment Card Industry Data Security Standard (PCI DSS) – This act protects private data when processing credit card payments through a mobile device.
- Health Insurance Portability and Accountability Act (HIPAA) – This act ensures that any protected health information that might be located on a mobile device is protected.
- Employee Online Privacy Act – This act protects the personal internet accounts of employees from unwarranted access by their employer.
One way to ensure data compliance is to run scheduled software audits.
GPS Tracking Laws
Many MDM systems track employees’ mobile devices using GPS tracking. While this is acceptable during working hours, employers should be mindful of their employees’ privacy outside of the workplace.
In general, it is legal for an employee to track company-owned devices such as smartphones and laptops. However, each state may have its own laws when it comes to GPS tracking. For instance, in California it is legal to monitor business calls and computer usage; however, the law doesn’t mention GPS tracking—leaving the interpretation of the law up to the employer.
Mobile device management for small businesses is a valuable tool that can help to improve productivity and security. In managing mobile devices, businesses can protect their data, manage devices remotely, and keep employees productive.
If you are looking for a way to improve your business’ security and productivity, consider using Rippling’s mobile device management solutions. Rippling allows you to remotely manage your devices right from their dashboard.