What is an MDM? We explain what ONE-KEY™ configurations are possible in your mobile device management software system.
We get a lot of questions about what is possible when pulling One-Key into a mobile device management (MDM) system. E.g.,“can One-Key be configured into an MDM such that the app is preloaded onto workers’ devices, or can certain device-level One-Key features be set up by default via an MDM?”
In this article, we’ll give you some insight into what’s possible when pulling One-Key into your organization’s MDM, as well as provide some further context to the layperson what an MDM is, and why their organization’s IT department may consider using one. (Note: Feel free to skip ahead if you’re an enterprise IT stakeholder wanting to specifically know what’s possible with One-Key and your organization’s MDM).
You can select any of the below bulleted items to be taken to the corresponding section of this article where we discuss each of them:
- Mobile Device Management: Apple Devices (e.g., iOS, iPad OS, MacOS)
What Is an MDM: Mobile Device Management Definition
MDM is an acronym meaning Mobile Device Management, which refers to the (generally, corporate) administration and supervision of mobile devices, such as smartphones, tablet computers, and laptops.
When connecting to wi-fi or configuring device-level settings on company-provided cellphones, employees may see a message that seems at face value scary and ask, “Why is device management on my phone?”
In fact, device supervision (mobile device management; aka, MDM) is used by the IT department to keep users and the corporate network safe from threat actors, as well as to streamline IT processes. Example use case: If you’ve lost your company-issued cellphone, IT professionals (depending on the MDM) can remotely shut the device down and wipe it of any data (emails, apps, pictures/photos, sensitive files, etc.) to ensure it doesn’t fall into the wrong hands.
On the other hand, a more everyday example of an MDM would be app distribution on company-provided iPhones or Android smartphones. When given a company smartphone, you may notice certain apps come preinstalled. You may, too, one day notice a new app you didn’t download yourself. This didn’t happen by magic—and you don’t necessarily have to worry about your device being compromised. Rather, your IT department has likely updated their policies and has deployed a new app they’ve decided all users should have. Although, IT departments admittedly try to keep these types of events to a minimum so as not to needlessly worry employees.
Typical mobile device management features
IT departments use mobile device management software for many important reasons. Mobile device management features often include:
- Device inventorying and tracking
- Updating device configuration to consistent standards and corporate policies
- Updating equipment and applications for scalability
- Ensuring users across the organization can access applications consistently; MDMs can be used for app distribution (e.g., from Apple’s App Store or Google Play) and/or to manage a company-owned enterprise app store
- Monitoring and tracking equipment as needed (e.g., location, status, ownership, activity)
- Diagnosing and troubleshooting equipment remotely
- Securing IoT-connected devices
- Remotely wiping devices as needed
- Enforcing passwords
- Enforcing data encryption and security best practices (e.g., using a corporate virtual public network, aka VPN; requiring 2-factor-authentication adoption; etc.)
- Whitelisting or blacklisting apps
- URL filtering
Types of Mobile Device Management Solutions
As IBM highlights, multiple types of mobile device management solutions are available to IT departments:
- Bring Your Own Device (aka, BYOD), a type of MDM system that allows employees to use their personal devices for work instead of company-issued devices. BYOD MDM setups are popular among younger employees and provide advantages like overhead savings from not requiring the purchase of extra hardware. Companies can enroll devices in a slimmed down version of an enterprise mobility management system (see below), able to push updates to these devices and keep the network secure; while they can’t shut off phones, IT professionals can ensure sensitive company information isn’t compromised when devices are lost by remotely pulling apps and wiping devices of company info (such as a One-Key inventory) from those devices.
- Enterprise Mobility Management, a broader form of mobile device management that goes “beyond the device itself, its user and its data [… encompassing] application and endpoint management and BYOD.” EMM solutions offer additional security features beyond BYOD MDMs, including tighter Wi-Fi certificates, VPN access, etc. for corporate devices. As IBM notes, EMM solutions are “highly scalable, and with new security features powered by AI analytics, these solutions can offer real-time insights and alerts about thousands of behaviors and activities coming in from multiple sources at once.”
- Unified endpoint management (UEM), among the most advanced MDM solutions available, UEM helps solve difficult IT challenges like IoT, desktop, and other mobile device security, and helps the largest enterprises maintain stringent security protocols and control entire IT environments and their critical endpoints (e.g., smartphones, tablets, laptops, and desktops). It goes without saying, these solutions help secure personal user data, apps, content, and enterprise data. They also allow enterprises to choose scalable solutions based on needs—whether covering a single operating system or a full fleet of devices across different platforms (e.g., Apple including iOS, iPad OS, and macOS; Android and Chrome OS; and Microsoft Windows)—and are powered by machine learning and AI to help enterprise IT departments make quick and smart security decision backed by real-time data and analytics.
- Identity and access management (aka, identity management), an essential tool for securing hybrid, multi-cloud enterprises by ensuring individual users are assigned the appropriate access to corporate technology resources.
IT Resources for MDM Deployments
MDMs can be built out at an organization on-premises or through a cloud-based SaaS (software as a service) provider. The advantage of SaaS over on-premises solutions includes providing a quicker setup and easier maintenance—that is, SaaS MDMS require lower capital costs compared to on-premises solutions, the latter which require hardware or virtual machines, regular software maintenance, and can incur higher capital costs.
If you’re just getting started with MDMs, Comparitech lists 11 solutions in the MDM space, including on-premises and cloud-based MDM tools.
Mobile Device Management: Apple Devices (e.g., iOS, iPad OS, MacOS)
Mobile Device Management: Android Devices
Android is the dominant operating system, representing 70% market share — and the proliferation of Android hardware/app software developers, ensuing OS fragmentation which complicates matters worse, and sideloading problem all contribute to more security vulnerabilities and malware developers targeting Android devices. That’s why Android device management is crucial to keeping your network secure from potential threats.
Google has a documentation article, “Set up basic mobile device management,” which is worth consulting for your MDM IT deployment.
What Is Possible When Pulling One-Key into an MDM?
Pulling Milwaukee® Tool’s One-Key app into your company’s MDM is definitely possible, but there are limitations to what you can and cannot configure for the One-Key app with your MDM. In this section, we’ll discuss what can be done.
Can One-Key be preloaded on company-issued or BYOD devices?
Depending on the MDM you’re using, the process may be different.
Pulling One-Key into MDM scenarios:
- Apple/iOS Devices: One-Key is available to any organization that uses Apple Business Manager. Despite One-Key being a freely available app for end users, Apple requires organizations to formally obtain licenses for the app (though these licenses are at no cost to businesses); Apple uses these licenses for App Store reporting and analytics.
- 1-1 Device Setup (single user): In this scenario, you manually go through and purchase enough licenses for a group of employees that are, then, pushed over-the-air to those employees’ devices.
- Tagging (device-based): If you use a shared MDM, you can flag groups of devices; in this scenario, IT can purchase licenses for an app and assign tags to grouped devices all at once—for example, ensuring the app is automatically updated on networked devices.
- Android devices: For free Apps on Android devices, you’ll need to be approved on the Google Play store, but a precise count of license does not need to be maintained like on iOS devices. You can obtain volume purchase via the Managed Google Play Store and set the app to be required.
Can Bluetooth® and Location Services be preconfigured?
Because tool tracking functionality requires proper configuration to work, a common question we receive relates to whether Bluetooth® and Location Services can be preconfigured through an MDM. The short answer: no. Privacy settings from OS developers (Apple in particular) require end user opt-in for these device configurations.
That’s why we recommend educating employees on why proper configurations on company-issued or BYOD phones — whether Android devices (phones running Android 10 and lower, as well as Android 11 and later) or iOS devices — are crucial to improving team-wide Bluetooth tracking coverage.
Some support documentation and resources we’ve written regarding Bluetooth and Location Services app configurations to assist in employee education:
- How community Bluetooth® tracking works
- Bluetooth vs GPS for tool tracking
- Android 11 and tool tracking: Everything you need to know about location data changes
- iOS 14: What “Precise Location” means for tool tracking and why you need it toggled on
- iOS 13: How does it affect your tool tracking?
What are some of the advantages of pulling One-Key into an MDM?
Pulling One-Key into an MDM offers a number of benefits.
Examples/MDM use cases include:
- Ensuring app is preloaded on company-issued or BYOD devices.
- Ensuring app is kept up to date (in shared MDM example).
- Removing app from employee phone after employee leaves.
- Wiping app/data from employee phone when device is reported missing or stolen.
You now know what’s possible with regard to pulling the One-Key app into an MDM. If you have additional questions of a specific and technical nature, we recommend reaching out to us directly, and we can provide additional resources.
MDMs offer IT teams a better way to streamline company-wide app distribution.