When helping our customers select the right mobile devices to use in the retail field environment, mobile device management (MDM) and mobile application management (MAM) stand out as two features we discuss most often with them. Both MDM and MAM provide scalable solutions for companies to manage applications and the devices on which they run.
MDM solutions typically provide managed access to the entire mobile device (smartphones and tablets), while MAM solutions provide managed access that's limited to a specific set of applications. For example, an MDM might allow you to remotely reset an entire mobile device to a factory-installed state while a MAM solution would only allow remotely wiping an individual application’s database or the uninstallation of the app itself.
Several solutions exist in the marketplace to give a company full control over the devices it uses in the field. We have either used the solutions below directly or worked with clients who have used them in their mobile operations.
These MDM solutions give administrators the ability to do manage their devices: installing and updating software remotely, locking down specific phone features, whitelisting certain applications so they're allowed to be installed on the device, and even remotely resetting the device and removing any proprietary data from it.
BYOD users, however, would likely not want their employers to have such broad control over their personal mobile devices. So an MDM package can be used to create a password-protected and encrypted sandbox on the BYOD device. This sandbox holds all the apps the user needs to do her work while creating a firewall between the encrypted company data in the sandbox and the personal data the device contains for its user.
Application-Specific MDM and MAM
Even if you don't need a full-blown MDM in your organization, you should still consider the MDM and MAM features of any app used across your enterprise and in your field team. Selectively managing phone features through application-specific MDM and MAM can deliver an efficient and robust user experience, while providing enhanced security for our customers. These features apply to both customer-owned devices and those personally owned by field reps in a bring-your-own-device (BYOD) setup.
Geolocation (MDM) - Any applications that utilize GPS to locate your employee's device are exercising limited control over the device's GPS chip and functionality. To ensure the privacy of your employee when he's off-the-clock - and to comply with various state HR regulations - the app will only pull latitude and longitude data when the user is logged into the app and on-the-clock.
User Access Controls (MAM) - To protect any of your sensitive or proprietary information, the app should automatically log a user out after a predefined length of time and require the use of a password or PIN to log back in.
Disable User Account (MAM) - Should a user leave their position with your company, any app you use should support automatically logging them out of that application and the deactivation of their user account.
Remote Application Disabling / Remote Database Wiping (MAM) - Any app holding your data should encrypt your data in rest, both on the device and on your servers in the cloud. Once a former user is logged out of the app and their account is invalidated, that means any data still on the device will be secure. Should you want to ensure data is completely removed from a former employee’s BYOD mobile device, you need to ensure any app used also has the ability to facilitate remote wiping of its local database.
Device and OS Whitelisting (MDM) - What devices and operating systems do your business apps run? Any apps you use should automatically check device and operating systems versions to ensure the application can be installed on supported hardware and software. The creators of those apps should also depreciate and delist older versions of the their app, any time they determine older devices and operating systems will no longer provide the appropriate experience for users.
No matter what devices and apps you choose for your retail field team, you should make sure that you can properly administer and manage both the devices and the apps that will run on them. Using the topics in this article, you should be able to have a much more informed conversation with your equipment or software providers.