Part 2 of our article on MDM covers 3 essential best practices for success: communicate changes, know compliance objectives, and pick the right tool.
March 2, 2023
In Part 1 of this post, we shared a few best practices for managing MDM at your company. In this Part 2, we’re picking up right where we left off!
Best Practice 5: Communication + Expectation Setting is Key
You’re rolling out changes for a reason. You should trust your team to support you in pursuing whatever business win you’re targeting with your MDM rollout. To build camaraderie among your users, send an email to the team before a big change that answers the following questions:
What changes are we making?
Why are we making these changes, and what business win are we targeting?
What manual action do employees need to take to support this business outcome?
What will the impact be on employees and their devices?
Be sure to leave time for people to ask questions in a dedicated forum before rolling changes.
Best Practice 6: Know your Compliance Objectives + Requirements Beforehand
MDM solutions are rich with functionality, and getting lost in the weeds is easy. Before clicking around in your MDM tool, list the security controls you want to implement. Your list might look something like this:
Deploy an antivirus solution
Ensure firewalls are enabled
Enforce disk encryption
Enforce password complexity requirements
Remember that you're probably not special when it comes to security: someone has done this before! Thankfully, you don’t need to reinvent the wheel.
Best Practice 7: Pick the Right Tool for the Job
Every company has different needs. A company with mostly Macs and only a few Windows machines is likely better off with a best-in-class tool for Macs paired with a lightweight tool for Windows machines because configuring more complex software like Intune to manage only one or two devices may not be the best use of time and money. Similarly, many companies do not want to provision company-owned phones for all of their employees, but at the same time, their employees don’t want to give their employer full management access to their phones. Fair enough. In these cases, consider some lightweight ways to enable key security properties from employee phones like OS Version, encryption status, passcode status, etc., without overdoing it.
Solving a lot of these challenges is much harder than it should be. We hope these best practices help you make the right security decisions and make it easy to achieve some basic security at your company. Don’t hesitate to contact us, or schedule a demo, if we can help!
Subscribe to our newsletter
Stay up to date with the latest and greatest in MDM, EDR, and more. Be the first to receive our newest blog posts and product updates.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.