The Best Mobile Device Management (MDM) Solutions

The number of devices the average employee uses throughout the workday has multiplied over the years. Particularly in bring-your-own-device (BYOD) environments, one staffer might have a desktop PC at the office, a laptop at home, and more than one smartphone or tablet. Any or all of these might be used for work, which means they probably contain sensitive business data. How can IT administrators hope to keep tabs on such a complex potpourri of equipment?

The answer is mobile device management (MDM) software. These tools let admins remotely provision, monitor, manage, service, secure, and wipe devices, and they typically work across a range of platforms and form factors.

We’ve tested the top tools on the market to bring you this list of the best MDM software. Read on for our top picks, followed by what to consider when choosing the right MDM software for your workforce.

PCMag Logo

You Can Trust Our Reviews

More About Our Picks

Best for MDM With Remote Control

Bottom Line:

SOTI MobiControl does a good job of matching up with the competition on a feature-for-feature basis and even leads in areas such as remote control. Its new user interface is a significant improvement, though you’ll still need to use the old one for certain key capabilities.

Pros

  • Remote control feature for Android platform.
  • Comprehensive set of profile and rules-based device management functions.

Cons

  • Profiles must be configured by using an older user interface.
  • Azure Active Directory and SAML 2.0 also require older user interface.

Why We Picked It

No other MDM solution we tested offers a remote device control capability as sophisticated as SOTI’s. Admins can view and control users’ devices from the management console, which also provides full, two-way file transfers. You can even run macros to automate administrative tasks on like phones.

Who It’s For

If you want ultimate control over your employees’ devices, look no further than SOTI MobiControl. You’ll be able to view and grab the reins of enrolled devices as if you were holding them in your own hand. It’s also a good choice if you’re in a BYOD environment with a highly heterogeneous device fleet (it even supports Windows 10 Mobile).

Read Our SOTI MobiControl Review

Best for VMware Customers

Bottom Line:

VMware AirWatch retains its leadership position in the mobile device management (MDM) space. Combined with VMware’s Workforce One identity management platform, this combination gives users everything they need to track, manage, and grow a fast-changing device portfolio.

Pros

  • Broad product offerings to meet a variety of customer needs.
  • Visually pleasing and customizable user interface (UI).

Cons

  • A few pain points during the device registration process.
  • Limited support at this point for Windows 10 devices.

Why We Picked It

AirWatch was a popular MDM choice even before VMware acquired it in 2014. Since then, VMware has brought it under its Workspace ONE endpoint management solution, which gives administrators unified control over all the devices in an organization. That includes phones, tablets, laptops, and desktops.

Who It’s For

VMware delivers a 360-degree view of all your organization’s devices, regardless of their form factors. That’s sure to be attractive to enterprises, but it might be a bit much for smaller businesses with fewer employees, particularly if they’re not already a VMware shop.

Read Our VMware AirWatch Review

ManageEngine Mobile Device Manager Plus

Best for Large Device Portfolios

Bottom Line:

Always an efficient product, ManageEngine MDM has only improved since our previous review. While its not quite as advanced as the high-end competition, ManageEngine’s pricing and its overall feature set keep it near the top of the MDM heap.

Pros

  • Updated user interface and reporting tools
  • Easy-to-execute actions on individual devices

Cons

  • Somewhat convoluted device self registration process .
  • Customized reports require SQL knowledge

Why We Picked It

ManageEngine is a subsidiary of Zoho, a company with a broad portfolio of business software across multiple categories. That means it follows a similar pattern to other Zoho products, including offering a full-featured free tier for up to 25 devices. Overall, it delivers a good balance of features and pricing for small and large businesses.

Who It’s For

Companies that project rapid or steady growth would do well to evaluate ManageEngine. Even if you’re starting small, you can be confident that ManageEngine will scale with you, even up to enterprise size, with competitive pricing.

Read Our ManageEngine Mobile Device Manager Plus Review

Best for Reporting

Bottom Line:

IBM MaaS360 ticks all the basic boxes of a mobile management solution, and even adds some features you won’t find anywhere other than from Big Blue. It’s still got some hiccups, however, like the fact that its remote control capability requires a third-party app.

Pros

  • Comprehensive and customizable reporting capability with artificial intelligence querying
  • User-friendly management console organized around tasks

Cons

  • No native remote control
  • Limited reporting customization

Why We Picked It

IBM has plenty of financial and software muscle behind it, which means MaaS360 leverages technologies like Big Blue’s sophisticated Watson artificial intelligence (AI) that powers its security and reporting features. Also, for an enterprise-centric solution, MaaS360’s management console is surprisingly user-friendly.

Who It’s For

Let’s face it: Enterprise-sized companies will be the ones most comfortable doing business with IBM. An engagement with Big Blue can quickly become costly. That being said, MaaS360 has a fair amount to offer small businesses, particularly if they’re interested in company-wide usage and security reporting based on insights derived from machine learning.

Read Our IBM MaaS360 Review

Best for Microsoft Integration

Bottom Line:

The current version of Citrix XenMobile is a definite upgrade to the version we reviewed last year, with support for a wide array of devices, including Windows 10 tablets. Those already using Citrix products will do well with XenMobile, while those with more heterogeneous needs should explore Citrix’s new partnership with Microsoft and its EMS suite.

Pros

  • Comprehensive and configurable management console.
  • Manages all of the devices we tested, including the latest Windows 10 for Mobile devices.

Cons

  • Working with back-end systems other than Citrix can get complex.
  • No direct management of Office 365 apps.
  • Requires the extra-cost EMS connector.
  • Flat files are used for importing users and devices, not standard CSV file format.

Why We Picked It

Citrix is a venerable provider of remote-access solutions for Windows, and it brings that expertise to the MDM market. Its partnership with Microsoft means you’ll be able to manage devices with familiar tools. XenMobile also stands out in that each user can have up to 10 managed devices for a single price, making it one of the best values among the solutions we tested.

Who It’s For

In most organizations, a typical person won’t have more than three devices that need management. If your staff comes more heavily armed, however, you’d do well to look to Citrix. Microsoft shops, in particular, can benefit from Citrix’s deep expertise in device management and its strong connections in Redmond.

Read Our Citrix XenMobile Review

Best for Microsoft Customers

Bottom Line:

Microsoft Intune still represents one of the best device management options for folks running Microsoft-centric environments. The bundle options with Azure-based identity and security tools have matured and represent a powerful growth path. However, the price will be substantial and, for those running non-Microsoft platforms, there are some overlooked features, too.

Pros

  • Coverage of all three management categories.
  • Comprehensive set of policies covering a wide range of security settings.
  • Robust management bundle in EMS if you’re willing to pay.

Cons

  • No device location capability.
  • No way to customize dashboard.
  • Hard push towards other Microsoft products.

Why We Picked It

Although Microsoft’s MDM solutions aren’t quite as mature as vendors like Citrix and VMware AirWatch, it should be obvious why Redmond’s offering deserves consideration. No vendor can match Microsoft’s deep institutional knowledge of how Windows-centric environments operate. Windows 10 Mobile has all but disappeared, so Microsoft is committed to supporting both Android and iOS devices.

Who It’s For

If you’re committed to Windows, you’re likely already looking in Microsoft’s direction for device management tools. Small businesses will appreciate Intune’s integration with the cloud-based Azure Active Directory. However, you might balk at Intune’s pricing unless you’re already on a Microsoft 365 enterprise plan.

Read Our Microsoft Intune Review

AppTec360 Enterprise Mobility Management

Best for a Low-Cost, Small Business Solution

Bottom Line:

AppTec360 ticks most of the same boxes as the other products we’ve reviewed, although with a fairly unappealing design. Additionally, the platform still requires you to purchase a separate product to enable remote control.

Pros

  • Complete feature set addressing all Android and iOS versions
  • Low cost and a no-cost option for 25 users or less

Cons

  • No ability to modify dashboard or customize reports
  • Remote device control only possible with add-on product, Teamviewer, at additional cost

Why We Picked It

Although AppTec360 is a niche player with a small installed base, its offering provides most of the features you’d want from an MDM solution (except device remote control, which is available as an add-on). It’s available as a downloadable virtual machine, but its cloud-hosted version offers the lowest pricing of any solution we tested.

Who It’s For

Small businesses on a budget can find good value in AppTec360. While its UI is not particularly attractive, it gets the job done, particularly if the alternative is to operate as a BYOD environment without management or security controls. On the other hand, organizations with a growing headcount would probably benefit from a more robust solution.

Read Our AppTec360 Enterprise Mobility Management Review

Baramundi Management Suite

Best for Low-Cost, Basic Features

Bottom Line:

While you’ll find the basic features you need for mobile device management system in this platform, Baramundi really doesn’t get much beyond the basics and is missing several key features touted by the leading competitors we reviewed.

Pros

  • Can be installed into a virtual machine running in the cloud or on-premises
  • Desktop management capability at no extra charge

Cons

  • Many functions require multiple steps where other products require one
  • Static dashboards can’t be modified

Why We Picked It

Baramundi works a little differently than most of the MDM solutions we tested in that it’s an exclusively job-based affair. It’s also on the lower end when it comes to pricing, with the caveat that it needs to connect to an external relational database to store its data. In addition to Android and iOS devices, it can also manage macOS and Windows systems.

Who It’s For

The job-based approach can be a boon to companies with large device fleets, where you want to perform the same actions on all of them. On the other hand, if your most common use case is provisioning a single device or helping out a panicked user, you should look elsewhere. Also, if you plan to often use MDM, you might get more satisfaction out of some other products’ UIs.

Read Our Baramundi Management Suite Review


What Is Mobile Device Management Software?

In case you’re curious about what exactly MDM—or enterprise mobility management (EMM). as it’s often called—is, well, that’s changed a bit from our last roundup update. The biggest challenge in this refresh was drawing a line between MDM and other functionality, including app management and delivery, advanced endpoint threat management, and document protection. The featured vendors have many additional capabilities beyond basic MDM. Managing desktop computers is another area where traditional mobile management platforms are making inroads.

It’s pretty obvious that a lost corporate mobile device represents a significant threat. Providing the ability to locate, lock, and potentially wipe lost devices must be available. Automating that process is even better. Many of the products reviewed here provide a geofencing capability that generates alerts and takes action should a device cross a specific boundary. This works great for a company with a local workforce where the devices should never be more than some fixed number of miles away from the home office. This feature can be tweaked for traveling employees and, in many cases, time-restricted, as well.

Policy-based security is pretty standard across all of the products in this roundup. Configuring devices to use a personal identification number (PIN) to lock the device is just one of many policies which can be set as mandatory. Other policies to restrict behavior or to lock down specific apps are also common. The boundaries get a little blurry when you move from corporate-owned devices to the bring-your-own-device (BYOD) scenario. Having the ability to restrict the gathering of sensitive data from a BYOD helps keep employees happy, while letting them use their own devices for company work.

Enrolling lots of devices might not seem like a big deal, but it can be a showstopper without an automated process. Providing a connection to a local AD domain to process users is one method. Most of these products also offer a way to import users and devices from a flat file to streamline enrollment in the case where either users or devices aren’t identified in a directory service.


Soti


(Credit: Soti)

How to Buy Mobile Device Management Software

For this roundup, we focused on several key areas which can help with any evaluation. Enrollment can be a significant issue for a large number of devices. Any added capabilities to make that process easier goes a long way in judging a product as acceptable or not. That can spill over into the user enrollment experience, too. Making a user enter information that could be entered either by using a specific URL or a QR code scores extra points.

At the administrator level, it’s all about tracking down problems. Presenting a dashboard with easy access to key information (and using color to help you quickly identify problem areas) gets the highest marks. Another nice-to-have feature is the ability to customize the dashboard screen to present important information. The same goes for custom reports. Canned reports are all well and good, but everyone doesn’t necessarily want the same displayed information.

Easy device control is another key feature, and by that we mean being able to quickly find a device and then take action, such as locking the device or performing a secure wipe. If you get a phone call from an employee who just landed at a distant airport, and they lost their mobile device, then you must be able to take action right away. Removing devices from MDM control shouldn’t be a big deal, especially when you let employees BYOD.

Recommended by Our Editors

Data security is the final big item to evaluate, and this is where the products take different approaches. Some vendors provide secure file sharing and syncing, while others go further to protect the copying and pasting of information from corporate email to a personal account. The same goes for moving data from a corporate location to a private storage service, such as Dropbox.

For more on business software, check out The Best CRM Software and The Best Video Conferencing Software.

Facebook Comments Box

Hits: 0