{"id":30299,"date":"2026-07-01T16:23:48","date_gmt":"2026-07-01T15:23:48","guid":{"rendered":"https:\/\/www.riskinsight-wavestone.com\/?p=30299"},"modified":"2026-07-01T16:24:27","modified_gmt":"2026-07-01T15:24:27","slug":"securing-mobile-devices-introduction-to-mdm-mobile-device-management","status":"publish","type":"post","link":"https:\/\/www.riskinsight-wavestone.com\/en\/2026\/07\/securing-mobile-devices-introduction-to-mdm-mobile-device-management\/","title":{"rendered":"Securing mobile devices : Introduction to MDM (Mobile Device Management)\u00a0"},"content":{"rendered":"\n<p style=\"text-align: justify;\"><span data-contrast=\"auto\">The increased professional use of mobile devices, mobile\u00a0phones\u00a0and tablets, as well as the forced adoption of remote work during the Covid crisis, have led to a multiplication of mobile work situations in companies. Two cases can be distinguished: remote work situations (at home, in a coworking space, etc.) and nomadic work situations (while travelling, in an airport, train, hotel, etc.).<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559740&quot;:278}\">\u00a0<\/span><\/p>\n<p style=\"text-align: justify;\"><span data-contrast=\"auto\">These new mobile uses, increasingly based on smartphones and tablets, introduce\u00a0<\/span><b><span data-contrast=\"auto\">new risks<\/span><\/b><span data-contrast=\"auto\">\u00a0that must be controlled. Indeed, the company\u2019s\u00a0<\/span><b><span data-contrast=\"auto\">attack surface<\/span><\/b><span data-contrast=\"auto\"> increases considerably because of the very nature of these devices. The main risks associated with the use of mobile devices include :<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559740&quot;:278}\">\u00a0<\/span><\/p>\n<ul style=\"text-align: justify;\">\n<li><span data-contrast=\"auto\">Theft or loss of the device, and therefore in particular of locally stored data, which may lead to remote access to company data<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559740&quot;:278}\">\u00a0<\/span><\/li>\n<li><span data-contrast=\"auto\">The use of unmanaged mobile devices. This lack of control may enable risky behaviours such as the use of uncontrolled networks (e.g., public Wi-Fi), the installation of unmanaged third-party applications, delays in\u00a0O\/S\u00a0security updates, or even mobile device jailbreaking<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559740&quot;:278}\">\u00a0<\/span><\/li>\n<li><span data-contrast=\"auto\">Risky wired or wireless data exchange with other devices (e.g., USB synchronisation with a computer,\u00a0AirDrop, etc.)<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559740&quot;:278}\">\u00a0<\/span><\/li>\n<\/ul>\n<p>\u00a0<\/p>\n<p style=\"text-align: justify;\"><span data-contrast=\"auto\">The observations below confirm the reality of these threats. Indeed :<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559740&quot;:278}\">\u00a0<\/span><\/p>\n<ul style=\"text-align: justify;\">\n<li><span data-contrast=\"auto\">53% of mobile devices have access to more sensitive data than a year ago\u00a0<\/span><i><span data-contrast=\"auto\">(source: Akamai)<\/span><\/i><span data-contrast=\"auto\">,<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559740&quot;:278}\">\u00a0<\/span><\/li>\n<li><span data-contrast=\"auto\">45% of organisations have recently faced a mobile-related compromise\u00a0<\/span><i><span data-contrast=\"auto\">(source: CTM)<\/span><\/i><span data-contrast=\"auto\">,<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559740&quot;:278}\">\u00a0<\/span><\/li>\n<li><span data-contrast=\"auto\">85% of\u00a0mobile\u00a0phishing attacks occur outside email\u00a0apps, through other vectors linked to mobile uses\u00a0<\/span><i><span data-contrast=\"auto\">(source: Verizon)<\/span><\/i><span data-contrast=\"auto\">.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559740&quot;:278}\">\u00a0<\/span><\/li>\n<\/ul>\n<p style=\"text-align: justify;\">\u00a0<\/p>\n<p style=\"text-align: justify;\"><i><span data-contrast=\"auto\">Securing mobile devices cannot be effective without a clear corporate strategy defining authorised uses, control\u00a0levels\u00a0and associated responsibilities.<\/span><\/i><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:2,&quot;335551620&quot;:2,&quot;335559685&quot;:864,&quot;335559737&quot;:864,&quot;335559738&quot;:200,&quot;335559740&quot;:278}\">\u00a0<\/span><\/p>\n<p>\u00a0<\/p>\n<p style=\"text-align: justify;\"><span data-contrast=\"auto\">Mobile security has been postponed\u00a0for\u00a0a few years, with efforts focused on workstations, even though it can directly threaten the security of the information\u00a0system. Thus, while GPOs (<\/span><i><span data-contrast=\"auto\">Group Policy Objects<\/span><\/i><span data-contrast=\"auto\">) were commonly used to manage computer fleets, mobile devices did not simply inherit this approach.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559740&quot;:278}\">\u00a0<\/span><\/p>\n<p style=\"text-align: justify;\"><span data-contrast=\"auto\">To meet this need, historical providers of computer security solutions (Microsoft, Ivanti, IBM, etc.), as well as new players (ManageEngine), offer SaaS or\u00a0on-premises\u00a0software to address the need to manage and secure mobile devices: MDM solutions (<\/span><i><span data-contrast=\"auto\">Mobile Device Management<\/span><\/i><span data-contrast=\"auto\">).<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559740&quot;:278}\">\u00a0<\/span><\/p>\n<p style=\"text-align: justify;\"><span data-contrast=\"auto\">Beyond actively contributing to securing a company\u2019s mobile fleet, MDM improves the user experience by ensuring that users have an up-to-date device that continuously\u00a0complies with\u00a0company requirements.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559740&quot;:278}\">\u00a0<\/span><\/p>\n<p style=\"text-align: justify;\"><span data-contrast=\"auto\">In this article, we explain how to secure\u00a0<\/span><span data-contrast=\"auto\">corporate mobile devices<\/span><span data-contrast=\"auto\">\u00a0using an MDM solution, which is a\u00a0<\/span><i><span data-contrast=\"auto\">must-have<\/span><\/i><span data-contrast=\"auto\">\u00a0in the race to secure information systems, and share recommendations on\u00a0their\u00a0configuration.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559740&quot;:278}\">\u00a0<\/span><\/p>\n<p style=\"text-align: justify;\">\u00a0<\/p>\n<h1 style=\"text-align: justify;\" aria-level=\"1\"><span data-contrast=\"none\">Mobile usage policies : a corporate strategy to define<\/span><span data-ccp-props=\"{&quot;134245418&quot;:true,&quot;134245529&quot;:true,&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559738&quot;:240,&quot;335559739&quot;:0,&quot;335559740&quot;:278}\">\u00a0<\/span><\/h1>\n<p style=\"text-align: justify;\">\u00a0<\/p>\n<p style=\"text-align: justify;\"><span data-contrast=\"auto\">In companies, mobile device usage policies have evolved significantly.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559740&quot;:278}\">\u00a0<\/span><\/p>\n<p style=\"text-align: justify;\"><span data-contrast=\"auto\">Today, we distinguish three of the most common usage models in organisations (detailed at the end of this section in Figure 1):<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559740&quot;:278}\">\u00a0<\/span><\/p>\n<ul style=\"text-align: justify;\">\n<li><span data-contrast=\"auto\">COBO \u2013\u00a0<\/span><i><span data-contrast=\"auto\">Corporate-owned, business only<\/span><\/i><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559740&quot;:278}\">\u00a0<\/span><\/li>\n<li><span data-contrast=\"auto\">COPE \u2013\u00a0<\/span><i><span data-contrast=\"auto\">Corporate-owned, personal enabled<\/span><\/i><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559740&quot;:278}\">\u00a0<\/span><\/li>\n<li><span data-contrast=\"auto\">BYOD \u2013\u00a0<\/span><i><span data-contrast=\"auto\">Bring your own device<\/span><\/i><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559740&quot;:278}\">\u00a0<\/span><\/li>\n<\/ul>\n<p style=\"text-align: justify;\">\u00a0<\/p>\n<p style=\"text-align: justify;\"><span data-contrast=\"auto\">First, it is necessary to define the company\u2019s strategy for these mobile uses: are mobile accesses authorised and legitimate from a business perspective? If so, many\u00a0additional\u00a0questions must be addressed when defining the corporate strategy:<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559740&quot;:278}\">\u00a0<\/span><\/p>\n<ul style=\"text-align: justify;\">\n<li><span data-contrast=\"auto\">Which users are authorised (VIPs only, all internal users, external users as well, etc.)?<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559740&quot;:278}\">\u00a0<\/span><\/li>\n<li><span data-contrast=\"auto\">Which types of mobile devices are authorised (company-owned, personal, or both)?<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559740&quot;:278}\">\u00a0<\/span><\/li>\n<li><span data-contrast=\"auto\">Which applications or data may be accessed (email only, the full\u00a0collaborative\u00a0suite, etc.)?<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559740&quot;:278}\">\u00a0<\/span><\/li>\n<\/ul>\n<p style=\"text-align: justify;\">\u00a0<\/p>\n<p style=\"text-align: justify;\"><span data-contrast=\"auto\">This strategy is central to provide\u00a0direction and guide\u00a0the\u00a0subsequent\u00a0security efforts. It will make it possible to better target the risks applicable to the company, better control its information system and define rules that are consistent with authorised or unauthorised uses, while providing users with clarity on accepted and prohibited practices.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559740&quot;:278}\">\u00a0<\/span><\/p>\n<p style=\"text-align: justify;\"><span data-contrast=\"auto\">\u00a0<\/span><span data-ccp-props=\"{&quot;134245418&quot;:true,&quot;201341983&quot;:0,&quot;335551550&quot;:2,&quot;335551620&quot;:2,&quot;335559740&quot;:278}\"> <img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-30305\" src=\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2026\/07\/Image4.png\" alt=\"\" width=\"801\" height=\"499\" srcset=\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2026\/07\/Image4.png 801w, https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2026\/07\/Image4-307x191.png 307w, https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2026\/07\/Image4-63x39.png 63w, https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2026\/07\/Image4-768x478.png 768w\" sizes=\"auto, (max-width: 801px) 100vw, 801px\" \/><\/span><\/p>\n<p style=\"text-align: center;\"><strong><i>Figure 1 : Mobile device management profiles<\/i>\u00a0<\/strong><\/p>\n<p style=\"text-align: justify;\">\u00a0<\/p>\n<h1 style=\"text-align: justify;\" aria-level=\"1\"><span data-contrast=\"none\">Securing mobile devices through 4 tools : MDM, MAM, EMM and MTD<\/span><span data-ccp-props=\"{&quot;134245418&quot;:true,&quot;134245529&quot;:true,&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559738&quot;:240,&quot;335559739&quot;:0,&quot;335559740&quot;:278}\">\u00a0<\/span><\/h1>\n<p style=\"text-align: justify;\">\u00a0<\/p>\n<p style=\"text-align: justify;\"><span data-contrast=\"auto\">Before going into detail on MDM-like\u00a0tools, it\u00a0is worth\u00a0to remind\u00a0that several complementary solutions exist for securing mobile devices. These tools\u00a0operate\u00a0at several\u00a0stages:<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559740&quot;:278}\">\u00a0<\/span><\/p>\n<ul style=\"text-align: justify;\">\n<li><strong>MDM (<i>Mobile Device Management<\/i><\/strong><span data-contrast=\"auto\"><strong>) :<\/strong> fleet management and corporate device security tool (mainly at OS level)<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559740&quot;:278}\">\u00a0<\/span><\/li>\n<li><strong>MAM (<i>Mobile Application Management<\/i><\/strong><span data-contrast=\"auto\"><strong>) :<\/strong> application management and security tool (mainly at application level)<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559740&quot;:278}\">\u00a0<\/span><\/li>\n<li><strong>EMM (<i>Enterprise Mobility Management<\/i><\/strong><span data-contrast=\"auto\"><strong>) :<\/strong> a tool centralising MDM and MAM functionalities<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559740&quot;:278}\">\u00a0<\/span><\/li>\n<li><span data-contrast=\"auto\"><strong>MTD (Mobile Threat Detection) :<\/strong> a tool for detecting attacks on mobile devices, similar to Endpoint Detection &amp; Response (EDR) for laptops (OS and application layers)<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559740&quot;:278}\">\u00a0<\/span><\/li>\n<\/ul>\n<p style=\"text-align: justify;\">\u00a0<\/p>\n<p style=\"text-align: justify;\"><span data-contrast=\"auto\">The figure below illustrates this ecosystem within a mobile device:<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559740&quot;:278}\">\u00a0<\/span><\/p>\n<p style=\"text-align: justify;\"><span data-ccp-props=\"{&quot;134245418&quot;:true,&quot;201341983&quot;:0,&quot;335551550&quot;:2,&quot;335551620&quot;:2,&quot;335559740&quot;:278}\"> <img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-30307\" src=\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2026\/07\/Image3.png\" alt=\"\" width=\"903\" height=\"570\" srcset=\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2026\/07\/Image3.png 903w, https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2026\/07\/Image3-303x191.png 303w, https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2026\/07\/Image3-62x39.png 62w, https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2026\/07\/Image3-768x485.png 768w\" sizes=\"auto, (max-width: 903px) 100vw, 903px\" \/><\/span><\/p>\n<p style=\"text-align: center;\"><strong><i>Figure 2 : The enterprise mobility security ecosystem<\/i><\/strong><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:2,&quot;335551620&quot;:2,&quot;335559739&quot;:200,&quot;335559740&quot;:240}\">\u00a0<\/span><\/p>\n<p style=\"text-align: justify;\">\u00a0<\/p>\n<p style=\"text-align: justify;\"><span data-contrast=\"auto\">An MDM, MAM or MTD does not address the same needs and secures the mobile fleet at\u00a0different levels. The\u00a0next\u00a0sections\u00a0of this article focus only on MDM.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559740&quot;:278}\">\u00a0<\/span><\/p>\n<p style=\"text-align: justify;\"><span data-contrast=\"auto\">MDM solutions address the need to secure devices\u00a0<\/span><b><span data-contrast=\"auto\">owned by the company<\/span><\/b><span data-contrast=\"auto\">, and therefore the\u00a0<\/span><b><span data-contrast=\"auto\">COBO<\/span><\/b><span data-contrast=\"auto\">\u00a0and\u00a0<\/span><b><span data-contrast=\"auto\">COPE<\/span><\/b><span data-contrast=\"auto\">\u00a0policies described above.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559740&quot;:278}\">\u00a0<\/span><\/p>\n<p style=\"text-align: justify;\"><span data-contrast=\"auto\">A\u00a0key consideration\u00a0on BYOD: it is important to keep in mind that devices not owned by the company cannot be fully configured by\u00a0the company.\u00a0To secure the BYOD use case, i.e. access to company data and applications from an unmanaged device, MAM solutions can address the need by securing applications and creating a professional container.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559740&quot;:278}\">\u00a0<\/span><\/p>\n<p style=\"text-align: justify;\"><span data-contrast=\"auto\">In the rest of this article, the BYOD case is considered out of scope. Since the device belongs to the user or to a partner company, the company does not truly control the configuration and security of these devices, as it can hardly require the user to install certain configurations or applications, or to share certain device data. However, it is possible to harden access to the information system to make BYOD usage impossible, but this requires an in-depth impact analysis, considering all use cases (multi-factor authentication on mobile, management of partners and external providers, conflicts between fleet management tools, access to training, etc.).<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559740&quot;:278}\">\u00a0<\/span><\/p>\n<p style=\"text-align: justify;\">\u00a0<\/p>\n<h1 style=\"text-align: justify;\" aria-level=\"1\"><i><span data-contrast=\"none\">Mobile Device Management<\/span><\/i><span data-contrast=\"none\">\u00a0at the heart of securing corporate mobile devices<\/span><span data-ccp-props=\"{&quot;134245418&quot;:true,&quot;134245529&quot;:true,&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559738&quot;:240,&quot;335559739&quot;:0,&quot;335559740&quot;:278}\">\u00a0<\/span><\/h1>\n<p style=\"text-align: justify;\">\u00a0<\/p>\n<p style=\"text-align: justify;\"><i><span data-contrast=\"auto\">Mobile Device Management<\/span><\/i><span data-contrast=\"auto\">\u00a0tools make it possible to effectively administrate\u00a0and secure a complete fleet of mobile devices through three core functions, which are detailed below:<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559740&quot;:278}\">\u00a0<\/span><\/p>\n<ul style=\"text-align: justify;\">\n<li><b><span data-contrast=\"auto\">Fleet management :<\/span><\/b><span data-contrast=\"auto\">\u00a0know and configure the devices accessing the information\u00a0system, and\u00a0deploy company or third-party applications.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559740&quot;:278}\">\u00a0<\/span><\/li>\n<li><b><span data-contrast=\"auto\">Compliance control :<\/span><\/b><span data-contrast=\"auto\">\u00a0ensure that devices\u00a0comply with\u00a0the company\u2019s security policies and standards.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559740&quot;:278}\">\u00a0<\/span><\/li>\n<li><b><span data-contrast=\"auto\">Security and hardening :<\/span><\/b><span data-contrast=\"auto\">\u00a0implement security measures on devices to strengthen protection against threats.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559740&quot;:278}\">\u00a0<\/span><\/li>\n<\/ul>\n<p style=\"text-align: justify;\"><strong><i>Note:<\/i><\/strong><i><span data-contrast=\"auto\"> The following paragraphs aim to present features offered by most MDM solutions; the availability of the desired features\u00a0should be verified before subscribing to any MDM solution.<\/span><\/i><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559740&quot;:278}\">\u00a0<\/span><\/p>\n<p style=\"text-align: justify;\">\u00a0<\/p>\n<h2 style=\"text-align: justify;\" aria-level=\"2\"><span data-contrast=\"none\">Administering the corporate mobile device fleet: inventory,\u00a0administration\u00a0and provisioning<\/span><span data-ccp-props=\"{&quot;134245418&quot;:true,&quot;134245529&quot;:true,&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559738&quot;:40,&quot;335559739&quot;:0,&quot;335559740&quot;:278}\">\u00a0<\/span><\/h2>\n<p style=\"text-align: justify;\">\u00a0<\/p>\n<p style=\"text-align: justify;\"><span data-contrast=\"auto\">In response to security and regulatory requirements for device management, MDM centralises many mobile device management features in a single interface:<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559740&quot;:278}\">\u00a0<\/span><\/p>\n<ul style=\"text-align: justify;\">\n<li><b><span data-contrast=\"auto\">Deploy\/remove :<\/span><\/b><span data-contrast=\"auto\">\u00a0MDM facilitates the provisioning of new corporate devices for IT teams, potentially remotely with installation of company configurations and business applications, as well as the removal of these configurations and the deletion of company-related data when needed, for example at end of device life, in case of suspected compromise or theft (wipe-out function).<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559740&quot;:278}\">\u00a0<\/span><\/li>\n<li><b><span data-contrast=\"auto\">Manage :<\/span><\/b><span data-contrast=\"auto\">\u00a0MDM inventories all corporate mobile devices and presents their key attributes, for example OS type, OS version, owner name, encryption status, IMEI, last connection date, etc., while ensuring compliance with the General Data Protection Regulation (GDPR).<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559740&quot;:278}\">\u00a0<\/span><\/li>\n<li><b><span data-contrast=\"auto\">Monitor :<\/span><\/b><span data-contrast=\"auto\">\u00a0alerts can be configured in MDM solutions to\u00a0monitor\u00a0the health of the fleet and\u00a0identify\u00a0any deviation from the rules previously defined by the company.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559740&quot;:278}\">\u00a0<\/span><\/li>\n<li><b><span data-contrast=\"auto\">Support :<\/span><\/b><span data-contrast=\"auto\">\u00a0MDM includes remote-control and device diagnostic features to\u00a0facilitate\u00a0interventions by IT teams.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559740&quot;:278}\">\u00a0<\/span><\/li>\n<\/ul>\n<p style=\"text-align: justify;\">\u00a0<\/p>\n<p style=\"text-align: justify;\"><span data-contrast=\"auto\">By providing up-to-date data on the mobile fleet, MDM can help meet various\u00a0<\/span><b><span data-contrast=\"auto\">regulatory requirements<\/span><\/b><span data-contrast=\"auto\">, particularly\u00a0regarding\u00a0knowledge of and ability to manage the fleet, as well as reaction capability\u00a0in the event of\u00a0compromission. Several regulations, for example ISO 27002 (section 5.9 Inventory of\u00a0Information\u00a0&amp;\u00a0Other\u00a0Associated\u00a0Assets), require companies to\u00a0identify\u00a0and manage their devices.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559740&quot;:278}\">\u00a0<\/span><\/p>\n<p style=\"text-align: justify;\"><span data-contrast=\"auto\">This centralisation\u00a0provides\u00a0an overall view of the fleet, while also enabling classification for better administration.\u00a0In particular, device\u00a0tagging or grouping systems make it easy to manage subsets of devices that may have configuration variations or exceptions (depending on business needs, for example network teams, VIP users, etc.).<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559740&quot;:278}\">\u00a0<\/span><\/p>\n<p style=\"text-align: justify;\">\u00a0<\/p>\n<h2 style=\"text-align: justify;\" aria-level=\"2\"><span data-contrast=\"none\"><strong>Compliance policies :<\/strong> assessing the compliance of mobile devices accessing company data and applications<\/span><span data-ccp-props=\"{&quot;134245418&quot;:true,&quot;134245529&quot;:true,&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559738&quot;:40,&quot;335559739&quot;:0,&quot;335559740&quot;:278}\">\u00a0<\/span><\/h2>\n<p style=\"text-align: justify;\">\u00a0<\/p>\n<p style=\"text-align: justify;\"><span data-contrast=\"auto\">More than just fleet management software, MDM solutions can assess the mobile fleet against corporate security policies, known as compliance policies.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559740&quot;:278}\">\u00a0<\/span><\/p>\n<p style=\"text-align: justify;\"><span data-contrast=\"auto\">Highlighting non-compliant devices can be essential\u00a0in order to\u00a0take targeted action: for example, removing their access to the information system through conditional access if the device is jailbroken or does not\u00a0run\u00a0the latest OS versions. Since this assessment can be performed at each device connection, fleet compliance can be considered continuously up to date.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559740&quot;:278}\">\u00a0<\/span><\/p>\n<p style=\"text-align: justify;\"><span data-contrast=\"auto\">This major MDM feature should be fully\u00a0leveraged. A non-compliant device\u00a0represents\u00a0a risk to the company and its information system (presence of unpatched vulnerabilities, etc.). To avoid harming team productivity, the user can be notified as soon as non-compliance is detected, and access rights to company data can be removed through conditional access if the non-compliance is not resolved, by adjusting the compliance status validity period.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559740&quot;:278}\">\u00a0<\/span><\/p>\n<p style=\"text-align: justify;\">\u00a0<\/p>\n<h2 style=\"text-align: justify;\"><a name=\"_Toc232070766\"><\/a>Configuration profiles : configuring devices deployed by the company<\/h2>\n<p style=\"text-align: justify;\">\u00a0<\/p>\n<p style=\"text-align: justify;\"><span data-contrast=\"auto\">When corporate mobile devices are provided to employees, a configuration should be applied to protect these devices and align them with a predefined baseline: this is made possible through configuration profiles.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559740&quot;:278}\">\u00a0<\/span><\/p>\n<p style=\"text-align: justify;\"><span data-contrast=\"auto\">To secure mobile devices, it is possible to\u00a0<\/span><i><span data-contrast=\"auto\">customise<\/span><\/i><span data-contrast=\"auto\">\u00a0the baseline\u00a0in order to\u00a0<\/span><i><span data-contrast=\"auto\">professionalise<\/span><\/i><span data-contrast=\"auto\">\u00a0the device, across various platforms (iOS, Android). Common baseline hardening measures include:<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559740&quot;:278}\">\u00a0<\/span><\/p>\n<ul style=\"text-align: justify;\">\n<li><span data-contrast=\"auto\">Hardening of security configurations and feature restrictions;<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559740&quot;:278}\">\u00a0<\/span><\/li>\n<li><span data-contrast=\"auto\">Deployment of company configuration;<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559740&quot;:278}\">\u00a0<\/span><\/li>\n<li><span data-contrast=\"auto\">Restriction of third-party application installation outside the application store.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559740&quot;:278}\">\u00a0<\/span><\/li>\n<\/ul>\n<p style=\"text-align: justify;\">\u00a0<\/p>\n<p style=\"text-align: justify;\"><span data-contrast=\"auto\">Devices\u00a0can then check\u00a0for the latest configuration profile updates and apply them (frequency to be defined &#8211;\u00a0recommendation: once\u00a0a\u00a0day). This setting helps ensure the device\u00a0remains\u00a0as close as possible to security best practices at all times.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559740&quot;:278}\">\u00a0<\/span><\/p>\n<p style=\"text-align: justify;\"><span data-contrast=\"auto\">We recommend the following\u00a0<\/span><b><span data-contrast=\"auto\">measures<\/span><\/b><span data-contrast=\"auto\">\u00a0when using an MDM solution:<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559740&quot;:278}\">\u00a0<\/span><\/p>\n<ul style=\"text-align: justify;\">\n<li><b><span data-contrast=\"auto\">Push the security configuration during device enrolment<\/span><\/b><span data-contrast=\"auto\">, including at least:<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559740&quot;:278}\">\u00a0<\/span><\/li>\n<li><b><span data-contrast=\"auto\">Hard drive\u00a0encryption<\/span><\/b><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559740&quot;:278}\">\u00a0<\/span><\/li>\n<li><b><span data-contrast=\"auto\">Hardened authentication policy<\/span><\/b><span data-contrast=\"auto\">\u00a0(six-digit passcode or biometrics, with simple passcodes blocked)<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559740&quot;:278}\">\u00a0<\/span><\/li>\n<li><span data-contrast=\"auto\">Deploy\u00a0<\/span><b><span data-contrast=\"auto\">OS and application patches<\/span><\/b><span data-contrast=\"auto\">\u00a0directly<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559740&quot;:278}\">\u00a0<\/span><\/li>\n<li><b><span data-contrast=\"auto\">Detect and block non-compliant devices<\/span><\/b><span data-contrast=\"auto\">\u00a0(at minimum, jailbroken devices)<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559740&quot;:278}\">\u00a0<\/span><\/li>\n<li><b><span data-contrast=\"auto\">Deploy an action plan<\/span><\/b><span data-contrast=\"auto\">\u00a0for non-compliant devices\u00a0(alerts, blocking, etc.)<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559740&quot;:278}\">\u00a0<\/span><\/li>\n<\/ul>\n<p style=\"text-align: justify;\">\u00a0<\/p>\n<h1 style=\"text-align: justify;\" aria-level=\"1\"><span data-contrast=\"none\">In summary, MDM is a fundamental building block and a prerequisite for securing access to the information system<\/span><span data-ccp-props=\"{&quot;134245418&quot;:true,&quot;134245529&quot;:true,&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559738&quot;:240,&quot;335559739&quot;:0,&quot;335559740&quot;:278}\">\u00a0<\/span><\/h1>\n<p style=\"text-align: justify;\">\u00a0<\/p>\n<p style=\"text-align: justify;\"><span data-contrast=\"auto\">MDM solutions offer\u00a0numerous\u00a0interfaces, particularly with other security tools.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559740&quot;:278}\">\u00a0<\/span><\/p>\n<p style=\"text-align: justify;\"><span data-contrast=\"auto\">In particular, to\u00a0fully\u00a0benefit\u00a0from MDM, it is common and recommended to\u00a0interface it with\u00a0the company\u2019s\u00a0<\/span><i><span data-contrast=\"auto\">Identity Provider<\/span><\/i><span data-contrast=\"auto\">\u00a0(<\/span><i><span data-contrast=\"auto\">IDP<\/span><\/i><span data-contrast=\"auto\">). Integrating MDM with the identity and access management solution for the information system enables conditional access based on device compliance or attributes (for example, removing remote access to company data for mobile devices that do not comply with the compliance policies defined in the MDM). This contributes\u00a0to\u00a0Zero Trust strategies by strengthening the company\u2019s posture through greater control over access to its information system.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559740&quot;:278}\">\u00a0<\/span><\/p>\n<p style=\"text-align: justify;\"><span data-contrast=\"auto\">It is also possible to connect the MDM tool with\u00a0<\/span><i><span data-contrast=\"auto\">Mobile Threat\u00a0Defense<\/span><\/i><span data-contrast=\"auto\">\u00a0(<\/span><i><span data-contrast=\"auto\">MTD<\/span><\/i><span data-contrast=\"auto\">)\u00a0solution. This interface with a complementary mobile device protection tool enables information to\u00a0send back\u00a0device compliance and health\u00a0information\u00a0to the MDM,\u00a0or\u00a0whether it presents compromise risks (malware, connection to an unsecured network, etc.). This analysis of the device and its risks can then condition access to the\u00a0corporate\u00a0information system.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559740&quot;:278}\">\u00a0<\/span><\/p>\n<p style=\"text-align: justify;\"><span data-contrast=\"auto\">Finally, although accumulating MDM solutions is not recommended, it is sometimes necessary to\u00a0interface the MDM solution with\u00a0other\u00a0MDM\u00a0solutions\u00a0in order to\u00a0centralise information and manage the entire fleet centrally. For example, it is common to interface Microsoft Intune with Apple Business Manager MDM, which may\u00a0contain\u00a0the full database of iOS devices.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559740&quot;:278}\">\u00a0<\/span><\/p>\n<p style=\"text-align: justify;\">\u00a0<\/p>\n<h1 style=\"text-align: justify;\" aria-level=\"1\"><span data-contrast=\"none\">Conclusion : key elements to effectively secure a mobile device fleet<\/span><span data-ccp-props=\"{&quot;134245418&quot;:true,&quot;134245529&quot;:true,&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559738&quot;:240,&quot;335559739&quot;:0,&quot;335559740&quot;:278}\">\u00a0<\/span><\/h1>\n<p style=\"text-align: justify;\">\u00a0<\/p>\n<p style=\"text-align: justify;\"><span data-contrast=\"auto\">In a context of increasing mobility in companies, MDM clearly stands out as a\u00a0<\/span><i><span data-contrast=\"auto\">must-have<\/span><\/i><span data-contrast=\"auto\">\u00a0in the race to secure access to corporate information systems.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559740&quot;:278}\">\u00a0<\/span><\/p>\n<p style=\"text-align: justify;\"><span data-contrast=\"auto\">More than a simple centralised inventory of mobile devices, this solution also simplifies the end-user experience by providing a hardened and secure turnkey device that\u00a0complies with\u00a0corporate policies.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559740&quot;:278}\">\u00a0<\/span><\/p>\n<p style=\"text-align: justify;\"><span data-contrast=\"auto\">To implement an MDM solution effectively, organisations should :<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559740&quot;:278}\">\u00a0<\/span><\/p>\n<ul style=\"text-align: justify;\">\n<li><b><span data-contrast=\"auto\">Cover all mobile devices<\/span><\/b><span data-contrast=\"auto\">\u00a0in the fleet (all types, brands,\u00a0platforms\u00a0and business functions): the robustness of an information system is assessed by its weakest links<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559740&quot;:278}\">\u00a0<\/span><\/li>\n<li><span data-contrast=\"auto\">Formalise a\u00a0<\/span><b><span data-contrast=\"auto\">mobile device management policy<\/span><\/b><span data-contrast=\"auto\">\u00a0adapted to the company\u2019s needs, without major constraints for end users,\u00a0in order to\u00a0avoid user\u00a0misbehaviours\u00a0and reduce business impact<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559740&quot;:278}\">\u00a0<\/span><\/li>\n<li><span data-contrast=\"auto\">Translate this policy into\u00a0<\/span><b><span data-contrast=\"auto\">configuration profiles<\/span><\/b><span data-contrast=\"auto\">\u00a0and\u00a0<\/span><b><span data-contrast=\"auto\">compliance policies, and keep them up to date<\/span><\/b><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559740&quot;:278}\">\u00a0<\/span><\/li>\n<li><span data-contrast=\"auto\">Raise\u00a0<\/span><b><span data-contrast=\"auto\">user awareness<\/span><\/b><span data-contrast=\"auto\">\u00a0of the chosen corporate policy by sharing a corporate mobile device usage charter with users, explaining the benefits of centralised management and respect for user privacy, which requires a clear corporate strategy<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559740&quot;:278}\">\u00a0<\/span><\/li>\n<li><span data-contrast=\"auto\">Consider\u00a0<\/span><b><span data-contrast=\"auto\">mobile\u00a0security as a whole<\/span><\/b><span data-contrast=\"auto\">, and\u00a0in particular\u00a0<\/span><b><span data-contrast=\"auto\">address\u00a0BYOD in parallel<\/span><\/b><span data-contrast=\"auto\">\u00a0to avoid workarounds through this channel, by combining MDM deployment with MAM deployment,\u00a0in order to\u00a0cover, for example:<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559740&quot;:278}\">\u00a0<\/span><\/li>\n<li><span data-contrast=\"auto\">The risk of data leakage (local storage on an unmanaged device, synchronisation with personal cloud services such as Google Drive, unintentional sharing via unsecured applications)<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559740&quot;:278}\">\u00a0<\/span><\/li>\n<li><span data-contrast=\"auto\">The risk of data interception over unsecured connections (caf\u00e9s, hotels, transport)<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559740&quot;:278}\">\u00a0<\/span><\/li>\n<li><span data-contrast=\"auto\">The risk of malware propagation across the information system<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559740&quot;:278}\">\u00a0<\/span><\/li>\n<li style=\"text-align: justify;\"><span data-contrast=\"auto\">In summary, while MDM is now an essential foundation for securing corporate mobile devices, its effectiveness depends\u00a0above all on\u00a0a clear corporate strategy and a sufficient level of device hardening.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559740&quot;:278}\">\u00a0<\/span><\/li>\n<\/ul>\n<p style=\"text-align: justify;\">\u00a0<\/p>\n<p style=\"text-align: justify;\"><span data-contrast=\"auto\">The most mature organisations can then complement this foundation with MAM and MTD solutions, following a progressive approach adapted to their challenges (in particular, deploying MAM to enable BYOD use cases). It should be noted that MTD solutions are currently not widely deployed, with priority given to implementing the MDM and MAM combination which, when properly configured, can cover a large majority of mobile use cases, from managed corporate phones to personal phones.<\/span><span data-ccp-props=\"{&quot;201341983&quot;:0,&quot;335551550&quot;:6,&quot;335551620&quot;:6,&quot;335559740&quot;:278}\">\u00a0<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>The increased professional use of mobile devices, mobile\u00a0phones\u00a0and tablets, as well as the forced adoption of remote work during the Covid crisis, have led to a multiplication of mobile work situations in companies. Two cases can be distinguished: remote work&#8230;<\/p>\n","protected":false},"author":1442,"featured_media":30322,"comment_status":"open","ping_status":"closed","sticky":true,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[2777,3977],"tags":[5114,5113,5112,5115,5111],"coauthors":[4096,4097,5116,5117],"class_list":["post-30299","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity-digital-trust","category-focus","tag-enterprise-mobility-management","tag-mobile-application-management","tag-mobile-device-management","tag-mobile-threat-detection","tag-securing-mobile-devices"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.0 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Securing mobile devices : Introduction to MDM (Mobile Device Management)\u00a0 - RiskInsight<\/title>\n<meta name=\"description\" content=\"The increased professional use of mobile devices, mobile\u00a0phones\u00a0and tablets, as well as the forced adoption of remote work during the Covid crisis, have led to a multiplication of mobile work situations in companies. Two cases can be distinguished: remote work situations (at home, in a coworking space, etc.) and nomadic work situations (while travelling, in an airport, train, hotel, etc.).\u00a0These new mobile uses, increasingly based on smartphones and tablets, introduce\u00a0new risks\u00a0that must be controlled. Indeed, the company\u2019s\u00a0attack surface\u00a0increases considerably because of the very nature of these devices.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.riskinsight-wavestone.com\/en\/2026\/07\/securing-mobile-devices-introduction-to-mdm-mobile-device-management\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Securing mobile devices : Introduction to MDM (Mobile Device Management)\u00a0 - RiskInsight\" \/>\n<meta property=\"og:description\" content=\"The increased professional use of mobile devices, mobile\u00a0phones\u00a0and tablets, as well as the forced adoption of remote work during the Covid crisis, have led to a multiplication of mobile work situations in companies. Two cases can be distinguished: remote work situations (at home, in a coworking space, etc.) and nomadic work situations (while travelling, in an airport, train, hotel, etc.).\u00a0These new mobile uses, increasingly based on smartphones and tablets, introduce\u00a0new risks\u00a0that must be controlled. Indeed, the company\u2019s\u00a0attack surface\u00a0increases considerably because of the very nature of these devices.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.riskinsight-wavestone.com\/en\/2026\/07\/securing-mobile-devices-introduction-to-mdm-mobile-device-management\/\" \/>\n<meta property=\"og:site_name\" content=\"RiskInsight\" \/>\n<meta property=\"article:published_time\" content=\"2026-07-01T15:23:48+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2026-07-01T15:24:27+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2026\/07\/6f6d6c25-12e4-4023-a2d1-de2b925c23da.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1536\" \/>\n\t<meta property=\"og:image:height\" content=\"1024\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Sebastien Corradini, Valentin Picard, Nathan Meyer, Youssef SAADE\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Sebastien Corradini, Valentin Picard, Nathan Meyer, Youssef SAADE\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"13 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2026\/07\/securing-mobile-devices-introduction-to-mdm-mobile-device-management\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2026\/07\/securing-mobile-devices-introduction-to-mdm-mobile-device-management\/\"},\"author\":{\"name\":\"Sebastien Corradini\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/person\/10c6fd13c98b6346fc487808301e733d\"},\"headline\":\"Securing mobile devices : Introduction to MDM (Mobile Device Management)\u00a0\",\"datePublished\":\"2026-07-01T15:23:48+00:00\",\"dateModified\":\"2026-07-01T15:24:27+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2026\/07\/securing-mobile-devices-introduction-to-mdm-mobile-device-management\/\"},\"wordCount\":2247,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2026\/07\/securing-mobile-devices-introduction-to-mdm-mobile-device-management\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2026\/07\/6f6d6c25-12e4-4023-a2d1-de2b925c23da.png\",\"keywords\":[\"Enterprise Mobility Management\",\"Mobile Application Management\",\"Mobile Device Management\",\"Mobile Threat Detection\",\"Securing mobile devices\"],\"articleSection\":[\"Cybersecurity &amp; Digital Trust\",\"Focus\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.riskinsight-wavestone.com\/en\/2026\/07\/securing-mobile-devices-introduction-to-mdm-mobile-device-management\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2026\/07\/securing-mobile-devices-introduction-to-mdm-mobile-device-management\/\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2026\/07\/securing-mobile-devices-introduction-to-mdm-mobile-device-management\/\",\"name\":\"Securing mobile devices : Introduction to MDM (Mobile Device Management)\u00a0 - RiskInsight\",\"isPartOf\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2026\/07\/securing-mobile-devices-introduction-to-mdm-mobile-device-management\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2026\/07\/securing-mobile-devices-introduction-to-mdm-mobile-device-management\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2026\/07\/6f6d6c25-12e4-4023-a2d1-de2b925c23da.png\",\"datePublished\":\"2026-07-01T15:23:48+00:00\",\"dateModified\":\"2026-07-01T15:24:27+00:00\",\"description\":\"The increased professional use of mobile devices, mobile\u00a0phones\u00a0and tablets, as well as the forced adoption of remote work during the Covid crisis, have led to a multiplication of mobile work situations in companies. Two cases can be distinguished: remote work situations (at home, in a coworking space, etc.) and nomadic work situations (while travelling, in an airport, train, hotel, etc.).\u00a0These new mobile uses, increasingly based on smartphones and tablets, introduce\u00a0new risks\u00a0that must be controlled. Indeed, the company\u2019s\u00a0attack surface\u00a0increases considerably because of the very nature of these devices.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2026\/07\/securing-mobile-devices-introduction-to-mdm-mobile-device-management\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.riskinsight-wavestone.com\/en\/2026\/07\/securing-mobile-devices-introduction-to-mdm-mobile-device-management\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2026\/07\/securing-mobile-devices-introduction-to-mdm-mobile-device-management\/#primaryimage\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2026\/07\/6f6d6c25-12e4-4023-a2d1-de2b925c23da.png\",\"contentUrl\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2026\/07\/6f6d6c25-12e4-4023-a2d1-de2b925c23da.png\",\"width\":1536,\"height\":1024},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/2026\/07\/securing-mobile-devices-introduction-to-mdm-mobile-device-management\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Accueil\",\"item\":\"https:\/\/www.riskinsight-wavestone.com\/en\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Securing mobile devices : Introduction to MDM (Mobile Device Management)\u00a0\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#website\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/en\/\",\"name\":\"RiskInsight\",\"description\":\"The cybersecurity &amp; digital trust blog by Wavestone&#039;s consultants\",\"publisher\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.riskinsight-wavestone.com\/en\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#organization\",\"name\":\"Wavestone\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/en\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/08\/Monogramme\u2013W\u2013NEGA-RGB-50x50-1.png\",\"contentUrl\":\"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/08\/Monogramme\u2013W\u2013NEGA-RGB-50x50-1.png\",\"width\":50,\"height\":50,\"caption\":\"Wavestone\"},\"image\":{\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/person\/10c6fd13c98b6346fc487808301e733d\",\"name\":\"Sebastien Corradini\",\"url\":\"https:\/\/www.riskinsight-wavestone.com\/en\/author\/sebastien-corradiniwavestone-com\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Securing mobile devices : Introduction to MDM (Mobile Device Management)\u00a0 - RiskInsight","description":"The increased professional use of mobile devices, mobile\u00a0phones\u00a0and tablets, as well as the forced adoption of remote work during the Covid crisis, have led to a multiplication of mobile work situations in companies. Two cases can be distinguished: remote work situations (at home, in a coworking space, etc.) and nomadic work situations (while travelling, in an airport, train, hotel, etc.).\u00a0These new mobile uses, increasingly based on smartphones and tablets, introduce\u00a0new risks\u00a0that must be controlled. Indeed, the company\u2019s\u00a0attack surface\u00a0increases considerably because of the very nature of these devices.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.riskinsight-wavestone.com\/en\/2026\/07\/securing-mobile-devices-introduction-to-mdm-mobile-device-management\/","og_locale":"en_US","og_type":"article","og_title":"Securing mobile devices : Introduction to MDM (Mobile Device Management)\u00a0 - RiskInsight","og_description":"The increased professional use of mobile devices, mobile\u00a0phones\u00a0and tablets, as well as the forced adoption of remote work during the Covid crisis, have led to a multiplication of mobile work situations in companies. Two cases can be distinguished: remote work situations (at home, in a coworking space, etc.) and nomadic work situations (while travelling, in an airport, train, hotel, etc.).\u00a0These new mobile uses, increasingly based on smartphones and tablets, introduce\u00a0new risks\u00a0that must be controlled. Indeed, the company\u2019s\u00a0attack surface\u00a0increases considerably because of the very nature of these devices.","og_url":"https:\/\/www.riskinsight-wavestone.com\/en\/2026\/07\/securing-mobile-devices-introduction-to-mdm-mobile-device-management\/","og_site_name":"RiskInsight","article_published_time":"2026-07-01T15:23:48+00:00","article_modified_time":"2026-07-01T15:24:27+00:00","og_image":[{"width":1536,"height":1024,"url":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2026\/07\/6f6d6c25-12e4-4023-a2d1-de2b925c23da.png","type":"image\/png"}],"author":"Sebastien Corradini, Valentin Picard, Nathan Meyer, Youssef SAADE","twitter_misc":{"Written by":"Sebastien Corradini, Valentin Picard, Nathan Meyer, Youssef SAADE","Est. reading time":"13 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2026\/07\/securing-mobile-devices-introduction-to-mdm-mobile-device-management\/#article","isPartOf":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2026\/07\/securing-mobile-devices-introduction-to-mdm-mobile-device-management\/"},"author":{"name":"Sebastien Corradini","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/person\/10c6fd13c98b6346fc487808301e733d"},"headline":"Securing mobile devices : Introduction to MDM (Mobile Device Management)\u00a0","datePublished":"2026-07-01T15:23:48+00:00","dateModified":"2026-07-01T15:24:27+00:00","mainEntityOfPage":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2026\/07\/securing-mobile-devices-introduction-to-mdm-mobile-device-management\/"},"wordCount":2247,"commentCount":0,"publisher":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#organization"},"image":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2026\/07\/securing-mobile-devices-introduction-to-mdm-mobile-device-management\/#primaryimage"},"thumbnailUrl":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2026\/07\/6f6d6c25-12e4-4023-a2d1-de2b925c23da.png","keywords":["Enterprise Mobility Management","Mobile Application Management","Mobile Device Management","Mobile Threat Detection","Securing mobile devices"],"articleSection":["Cybersecurity &amp; Digital Trust","Focus"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.riskinsight-wavestone.com\/en\/2026\/07\/securing-mobile-devices-introduction-to-mdm-mobile-device-management\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2026\/07\/securing-mobile-devices-introduction-to-mdm-mobile-device-management\/","url":"https:\/\/www.riskinsight-wavestone.com\/en\/2026\/07\/securing-mobile-devices-introduction-to-mdm-mobile-device-management\/","name":"Securing mobile devices : Introduction to MDM (Mobile Device Management)\u00a0 - RiskInsight","isPartOf":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2026\/07\/securing-mobile-devices-introduction-to-mdm-mobile-device-management\/#primaryimage"},"image":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2026\/07\/securing-mobile-devices-introduction-to-mdm-mobile-device-management\/#primaryimage"},"thumbnailUrl":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2026\/07\/6f6d6c25-12e4-4023-a2d1-de2b925c23da.png","datePublished":"2026-07-01T15:23:48+00:00","dateModified":"2026-07-01T15:24:27+00:00","description":"The increased professional use of mobile devices, mobile\u00a0phones\u00a0and tablets, as well as the forced adoption of remote work during the Covid crisis, have led to a multiplication of mobile work situations in companies. Two cases can be distinguished: remote work situations (at home, in a coworking space, etc.) and nomadic work situations (while travelling, in an airport, train, hotel, etc.).\u00a0These new mobile uses, increasingly based on smartphones and tablets, introduce\u00a0new risks\u00a0that must be controlled. Indeed, the company\u2019s\u00a0attack surface\u00a0increases considerably because of the very nature of these devices.","breadcrumb":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2026\/07\/securing-mobile-devices-introduction-to-mdm-mobile-device-management\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.riskinsight-wavestone.com\/en\/2026\/07\/securing-mobile-devices-introduction-to-mdm-mobile-device-management\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2026\/07\/securing-mobile-devices-introduction-to-mdm-mobile-device-management\/#primaryimage","url":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2026\/07\/6f6d6c25-12e4-4023-a2d1-de2b925c23da.png","contentUrl":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2026\/07\/6f6d6c25-12e4-4023-a2d1-de2b925c23da.png","width":1536,"height":1024},{"@type":"BreadcrumbList","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/2026\/07\/securing-mobile-devices-introduction-to-mdm-mobile-device-management\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Accueil","item":"https:\/\/www.riskinsight-wavestone.com\/en\/"},{"@type":"ListItem","position":2,"name":"Securing mobile devices : Introduction to MDM (Mobile Device Management)\u00a0"}]},{"@type":"WebSite","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#website","url":"https:\/\/www.riskinsight-wavestone.com\/en\/","name":"RiskInsight","description":"The cybersecurity &amp; digital trust blog by Wavestone&#039;s consultants","publisher":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.riskinsight-wavestone.com\/en\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#organization","name":"Wavestone","url":"https:\/\/www.riskinsight-wavestone.com\/en\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/logo\/image\/","url":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/08\/Monogramme\u2013W\u2013NEGA-RGB-50x50-1.png","contentUrl":"https:\/\/www.riskinsight-wavestone.com\/wp-content\/uploads\/2021\/08\/Monogramme\u2013W\u2013NEGA-RGB-50x50-1.png","width":50,"height":50,"caption":"Wavestone"},"image":{"@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.riskinsight-wavestone.com\/en\/#\/schema\/person\/10c6fd13c98b6346fc487808301e733d","name":"Sebastien Corradini","url":"https:\/\/www.riskinsight-wavestone.com\/en\/author\/sebastien-corradiniwavestone-com\/"}]}},"_links":{"self":[{"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/posts\/30299","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/users\/1442"}],"replies":[{"embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/comments?post=30299"}],"version-history":[{"count":7,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/posts\/30299\/revisions"}],"predecessor-version":[{"id":30325,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/posts\/30299\/revisions\/30325"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/media\/30322"}],"wp:attachment":[{"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/media?parent=30299"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/categories?post=30299"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/tags?post=30299"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.riskinsight-wavestone.com\/en\/wp-json\/wp\/v2\/coauthors?post=30299"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}