MDM Primer: How to Compare & Select an MDM

Written by Leia Schultz on August 23, 2020

Share This Article

IT teams use mobile device management (MDM) to remotely secure and manage enrolled devices. Once enrolled, administrators deliver MDM payloads to devices over the network to configure settings and perform other tasks on the devices without any end user interaction. 

Like your IT infrastructure, there are a variety of possibilities for what an MDM service can do. When you’re looking for an MDM to implement, or want to find a new MDM to adopt, there are a few primary factors to consider:

  • What challenges can an MDM help solve?
  • What devices and OSs do you need to manage? 
  • Do you want to add on an MDM point tool or find a more comprehensive device management solution? 

MDM doesn’t look the same in every environment. Read this primer on MDM to understand how to approach comparing and selecting an MDM. 

What Challenges Does MDM Help Solve? 

MDM is a service that makes it possible to manage end user devices with minimal interruption to their workflow. When you need to make sure employee devices meet your company’s device configuration and security specifications, at onboarding and over the course of their employment, your MDM feature can deliver an efficient experience for you and end users. 

Distributed workforces are the new norm: Employees may be based in a headquarters office or they could be working from home, wherever that may be. When you oversee employee onboarding or provide someone with a new device, you can use MDM for zero-touch enrollment. This lets you send a user a device that will configure itself during activation with the user identity, security policies, and the applications installed — no end user set up needed before they can log on and start being productive. 

Your company’s security perimeter doesn’t look the same as it used to. MDM software offers a way to enforce security in distributed and remote workplaces that may still have on-premises domains, operate entirely in the cloud, or are a hybrid of both. When a device is enrolled in MDM, you enforce your organization’s security posture by applying conditional access policies, and protect a device from being accessed when it’s misplaced or stolen with commands like shut down, wipe, and lock. 

What Devices Do You Need to Manage? 

MDM-enrolled devices can include laptops, smartphones, and tablets. Some MDMs are designed specifically to support Android® or iOS® devices. Microsoft® and Apple® both allow MDM providers to exist and enable device management in their ecosystems, and Apple’s MDM protocol extends device management to enrolled iPhones®, iPads®, and even Apple TV®.

Your end users at work are likely on Mac®, Windows®, or Linux® devices. Your MDM needs to work for your users and your IT environment, whether that’s a heterogenous OS mix or Mac-only shop.

This is a factor that immediately differentiates MDM vendors. Jamf is an excellent MDM option if you only need to manage Apple® devices. Look to Microsoft Intune® if you have enough budget and are managing Windows-centric IT environments. The decision becomes more nuanced when you’re trying to find a purse-friendly solution that’ll cover more than one OS, or offer more functionality for the best bang for your buck.  

Now you must weigh: Do you want to add an MDM point tool or a more comprehensive device management solution? 

Standalone MDM or IT Platform to Unify Endpoints?

The MDM services you evaluate won’t offer the same benefits for environments with Macs, Windows, and Linux. Depending on the full picture of solutions you’re looking for, you might consider a more holistic offering that includes MDM as part of an IAM or UEM platform.

MDM point tools are additive to your tech stack and can help address a specific need, like Mac security, while a unified IT platform lets you streamline operations. Directory services, IAM (identity and access management), and UEM (unified endpoint management) platforms consolidate capabilities that IT pros need to do their jobs. 

When MDM is part of an IT platform, IT teams are able to simplify daily operations with a single software console that extends beyond just MDM. For instance, Apple MDM is one part of JumpCloud’s device deployment and management capabilities — on top of that, the identity, device, and access management platform also lets admins manage Windows and Linux along with virtually every IT resource and endpoint. 

Whichever route you choose, consider your budget and your top business priorities to achieve with the solution you’ll implement. 

Try JumpCloud MDM Free

screenshot of JumpCloud Apple MDM enrollment configuration

There’s no shortage of reading material when you’re evaluating MDMs. If you prefer to get hands-on with a solution before buying, JumpCloud’s platform can be tested end-to-end when you set up a JumpCloud Free account. There’s no time limit to your free use, and you can manage up to 10 users and 10 devices, plus free in-app chat support with real technology experts for your first 10 days as a JumpCloud admin. 

JumpCloud currently supports more than 200,000 devices for global customers, including macOS machines that admins secure and configure from their JumpCloud Admin Portal. Learn more about JumpCloud MDM and how we’re working with organizations to prepare for Big Sur’s release at JumpCloud Office Hours on Aug. 28 (and join future Office Hours editions on rotating topics about using JumpCloud at your organization).  

Continue Learning with our Newsletter