Jamf Blog
Six things you need from a mobile device management tool.
January 5, 2016 by Jen Kaplan

Six things you need from an MDM tool

Read how to seamlessly pair native Apple tools with mobile device management to make it safe and easy for personal and work data to co-exist on one device.

Today's world is mobile and the line between personal and business lives becomes blurrier each day. When looking at mobile device management (MDM), organizations need a solution that seamlessly pairs with the native Apple tools to make it safe and easy for our personal and work functions to co-exist on one device. Here are six critical elements to consider when managing your iOS devices. 

1. Security with Native Encryption
With the rise in high-profile hacks, we don't need to remind you of the importance of security and the necessity to encrypt data on mobile devices. And, because iOS on both iPad and iPhone comes with built in passcode functionally, these devices are already encrypted. It's an Apple standard. The same can’t be said for Android. 

When choosing an MDM solution, enforcing a passcode policy on devices is all your organization needs to do in order to take advantage of iOS's native encryption. An MDM tool needs to force additional passcode standards, including passcode length and how often they should be changed. Apple's security functionality is strong enough as long as you can enforce it among your users. 

Read our MDM e-book

2. App Management 
With iOS comes a world of apps. While apps give users the tools they need to be productive and efficient, IT administrators are left dealing with assigning and deploying apps, worrying about app data, and the distractions caused by non-sanctioned apps. 

Have no fear! With native iOS and an MDM solution with app management capabilities, organizations can easily deploy, inventory, monitor, and keep app data safe. If apps are managed, you can restrict backups to protect valuable data. If a device is lost or stolen—or an MDM profile is removed—you can remove managed apps automatically. This keeps app data safe and gives IT admins the ability to only offer the apps that end users truly need to do their work.

3. Data Security with Managed Open-In  
When it comes to Bring Your Own Device programs, organizations are tasked with making a clear distinction between personal data and organization data. For example, you wouldn't want an employee to store proprietary company plans to a personal Dropbox account.

Apple's native iOS tools solve this issue by allowing MDM solutions with managed open-in settings to only allow app data to be shared in certain places. Meaning, corporate email can only be shared to the Box app and not texted. Or, data can only be shared between managed applications pre-approved by the organization. It's the easiest way to control the flow of data on mobile devices. 

4. App Configurations 
Many of the apps deployed at schools and businesses require users to fill out profiles or lengthy credentials. However, organizations can help pre-populate some of the set up and data needed on apps to save time and provide users with access to the tools they need faster than ever.

With native iOS apps and an MDM solution with configuration profiles, organizations can pre-populate apps with data, making it easier for the end user to log in, access, or create content—without delay or hesitation. 

5. App Restrictions
While Apple devices provide a wealth of beneficial features, sometimes schools and organizations need to limit access to iOS tools such as the camera, FaceTime, iMessages, or iCloud. Luckily, Apple allows organizations to apply a number of restrictions to iOS devices. However, it's a common misconception that some apps can be removed, such as Settings, Maps, Notes, and other pre-installed apps. 

Understanding Apple's MDM parameters will allow you to better define your deployment restrictions. Your MDM vendor should know the ins and outs of Apple's parameters, giving you a realistic view of what's possible.

6. Per App VPN
VPN (Virtual Private Network) is commonplace for many commercial organizations, but VPN connections can be cumbersome—not to mention their strain on bandwidth. Not every user needs VPN access for every application. Instead of having to turn on VPN globally for all users and all apps, organizations with an MDM solution and native iOS can enable VPN on a per app basis. Only VPN when you really need it. 

Bonus section: What you DON'T need from an MDM solution  

Containers or apps that replace native functionality 
An MDM solution should manage the native iOS email client and other functionality leveraging configuration profiles. Adding additional mail clients or other containers often leads to a bad user experience. If your users choose Apple, let them use the Apple devices as they’re intended to be used. 

At JAMF Software, we keep the iOS experience native, allowing our customers to benefit from Apple’s innovative technology. We built the mobile device management solutions within the Casper Suite based on Apple's MDM framework, meaning that all organizations need to enroll, deploy, secure, and manage devices is Apple hardware and the Casper Suite.

Want to learn more and see how iOS, apps, and MDM are transforming business processes?

Read our MDM e-book

Jen Kaplan
Subscribe to the Jamf Blog

Have market trends, Apple updates and Jamf news delivered directly to your inbox.

To learn more about how we collect, use, disclose, transfer, and store your information, please visit our Privacy Policy.