The best mobile device management software provides a simple way to manage security across all of your mobile devices.
Managing a fleet of devices across multiple departmental disciplines is not for the faint-hearted. The solution is MDM software, but what does it bring to your organization, is it worth the money, and will you get to exercise the level of control you need?
Strictly speaking, Mobile Device Management – usually referred to as MDM – is all about administering mobile devices. Smartphones, tablets, and increasingly laptops come under MDM control. More recently, with the arrival of Bring Your Own Device, Enterprise Mobility Management (EMM) tools have been incorporated into MDM.
What can you expect from an MDM application? Various core functions of MDM ensure that devices are remotely available for auditing, updating over the air (OTA), that software runs effectively, and devices are available for remote diagnosis and troubleshooting. MDM software runs on a server or administrator system and can be used to oversee a wide range of devices. The Open Mobile Alliance has issued a protocol called OMA Device Management, a specification that most MDM tools use. It can be found on several smartphones, PDAs, and other mobile devices.
While usage of MDM software might be considered a recent development, Mobile Device Management goes back years. Key MDM features could be found in BlackBerry Enterprise Server 10 during that platform's popular years.
TechRadar recently reviewed the key features of a range of Mobile Device Management software to help you choose from the best MDM suites available. We've looked at several Mobile Device Management suites that offer the common features of MDMs across a range of scalable price points.
But which of these should you consider for managing mobile phones, tablets, laptops, and other devices in your organization? Here we feature the best MDM solutions currently available.
We've also featured the best endpoint protection software.
Reader Offer: Book a demo for a free 14-day trial
Kandji is an Apple-centric MDM solution that connects device security and device management. Kandji offers complimentary automated migration and a unique trial process, building a personalized environment to test drive the features that matter most to your business.
Preferred partner (What does this mean?)
The best MDM solutions of 2024 in full:
Why you can trust TechRadar
Reasons to buy
Reasons to avoid
Top of our list is Miradore, a feature-packed MDM with free and premium options. With comprehensive functionality, straightforward UI, and easy device enrollment, Miradore feels like the complete MDM experience. Shortcomings include a lack of support for Chrome OS and Linux, and while the free version misses some features of the premium option, this should come as no surprise.
What is most striking about Miradore is how the product straddles the gap between free and premium features. Upgrading obviously costs, but there is no premium feature that feels as if it should be free.
Overall, as Mobile Device Management products go, Miradore is up there with the best. Offering comprehensive MDM functionality, an easy user interface, and priced lower than any of the competitors we've seen (at around $3 per device, per month). Miradore even offers a free package.
Read our full Miradore review.
Reasons to buy
Reasons to avoid
Kandji is a comprehensive mobile device management suite with a smooth and responsive user interface and an unmatched set of features. It is an excellent option for organizations prioritizing MDM over the race toward UEM, providing top-notch management capabilities for Apple devices.
However, one significant drawback of Kandji is its licensing structure. While the standard price of $3.99 per month for a single device is comparable to other MDM suites, paying the same amount for 50 or 100 devices may seem odd, which could be a significant issue for many MDM customers.
Overall, Kandji could be an excellent fit for organizations that rely on Apple devices, but its licensing structure could be a turnoff for some.
Reasons to buy
Reasons to avoid
Supporting both major mobile operating systems, Hexnode has the option of local or remote cloud management, with a UEM upgrade if necessary for static hardware and IoT.
Hexnode features include "zero-touch enrolment" which enables devices to be added to the MDM environment automatically via certificates. This is a massive advantage that saves time for manual enrolment and avoids the pain of end-user enrolment errors. Hexnode supports all the common mobile OS administration frameworks, but admins also have the option to flash custom Android ROMs with Hexnode preinstalled and preconfigured.
One of the cheapest MDMs available, Hexnode is at the affordable end of the market. Hexnode's 30-day free trial is the best way to try it out on your organization's Android and iOS devices.
Overall, Hexnode is a flexible MDM solution that supports both major mobile operating systems. With the option of hosting on your own server or relying on a cloud instance, Hexnode provides a wide selection of tools to manage software, patching, security, and more. If you want to go beyond MDM, UEM packages are also available for desktops and other endpoints.
Their cheapest Express plan includes the basic MDM Suite and basic Kiosk, and only costs around $1 per device, per month.
Read our full Hexnode review.
Reasons to buy
Reasons to avoid
The only entry in our top five MDMs from an established name in the IT industry, Citrix Endpoint Manager mixes MDM with UEM functionality.
The MDM dimension of Citrix Endpoint Manager handles all the usual operating systems, along with Chrome OS and Linux (for Raspberry Pi thin clients).
Beyond the pricing, Citrix Endpoint Manager also requires Citrix Workspaces, which is an additional expense. In short, if your organization uses Citrix already, Citrix Endpoint Manager will be straightforward to implement, and therefore ideal. If not, this solution is best avoided.
Overall, a competent and wide-ranging MDM solution as expected from Citrix, but unless your organization is already relying on Citrix Workspaces and the associated hardware requirement, adoption of Citrix Endpoint Management could prove more expensive than competitor MDMs.
Read our full Citrix Endpoint Management review.
Reasons to buy
Reasons to avoid
Fourth in our list of the best MDMs, ManageEngine supports on-premise and cloud hosting, with a comprehensive set of features. In addition to the usual Android, iOS, Windows, and macOS, ManageEngine also supports Chrome OS.
A key aspect of this software is its security management, which can detect compromised devices, rooting, and even jailbreak on iPhones and iPads. As is standard, remote wipes can be initiated, and mobile-based threats to a corporate network shielded by granular permissions by device or user.
Overall, ManageEngine Mobile Device Manager Plus provides comprehensive mobile and desktop management across multiple operating systems. On-premises and cloud options are available.
Read our full ManageEngine MDM review.
Reasons to buy
Reasons to avoid
SOTI MobiControl is bursting with features and can be considered a complete suite of tools for Android, Apple, Windows, macOS, and even Linux device management. In addition, Zebra mobile computer enterprise devices are also supported.
On-premises and cloud installation options are available for administrators, and SOTI integrates with SOTI Hub and SOTI Surf if required for remote access to files from anywhere.
Overall, a complete mobile device management system, SOTI MobiControl boasts vast device compatibility and can be hosted on-premises or in the cloud. Various license options are available to keep your MDM in-budget, and the software is also available with a 28-day free evaluation period.
SOTI MobiControl's free trial, meanwhile, lasts 28 days but freezes after 7 days of inactivity.
Read our full SOTI MobileControl review.
Testing and rating MDM Software
Over the course of our feature reviews of MDM software, the various suites – including those from notable names such as VMWare, Microsoft, Citrix, and VMWare – were judged on the following criteria:
Did the suite match the basic requirements of an MDM? Did it include the common features (see below) or offer any enhancements?
Ease of Installation and Setup
How easy is it to set up the MDM, both on the host computer/server and on individual devices?
Are any devices incompatible? Are features missing on some platforms? Does the MDM target a specific platform?
The price of the MDM is a vital consideration. Often this is based on the number of users, although evaluation versions are usually available to assist in decision making. If an MDM is free, its features should match the common features expected from such software (see below).
Who uses an MDM?
In most cases an MDM would be used by a sysadmin or any trusted colleague. Of course, this depends entirely on the scale of the organization concerned. In some cases, MDM use might be outsourced, or it might fall to an office manager or logistics specialist to mastermind.
The most important aspect of Mobile Device Management software is that it should be easy to use. Information about devices, their status, whereabouts, and availability should be instantly accessible, preferably using mouse-driven menus, tiles, and windows. Some MDM suites offer mobile management consoles, a meta development that nevertheless maximises the control possibilities.
Most importantly, MDM software usually – and should – features granular account control, enabling the sysadmin in charge of mobile devices to create and configure one or more accounts with narrower, more specific purposes. So, an account dedicated to logging device types might be made available to an in-house or external auditor; an account purely for managing users or device passwords might be assigned to help desk personnel.
How to buy an MDM suite
The most important rule for buying MDM software is to take your time and consider all options. You'll need to understand the scope of the software, its ease of use for admin teams, as well as how simple it is for the end user to enroll their devices. Price will also be a major consideration, with MDM solutions typically based on an annual all-in-one price or a per-user license.
If the software is to be hosted remotely then the price will include that, but if an in-house solution is preferable, there might be further budgeting required to ensure the server hardware is up to scratch. Remote hotfix rollouts and even inventory audits, meanwhile, might have an impact on network bandwidth, so cover this eventuality in your planning.
Buying an MDM is a straightforward case of heading to the website of the service you choose and signing up for an evaluation or trial. From this point assess the software. If deemed successful, you can sign up to the MDM long-term. If the solution seems good but doesn't match the scale of your organization, most providers offer tailored pricing for enterprise.
What are the common features of an MDM?
Mobile Device Management software comes in various shapes and sizes, supporting a variety of device types and platforms. However, they all satisfy specific basic features.
Support for mobile security frameworks: Apple DEP, Android Enterprise ZTE, and Samsung Knox (for Samsung Android devices) are all necessary for an MDM to run effectively. As such, these systems are all fully supported by the MDMs we looked at.
Easy enrolment: while manual enrolment is an option, easy automated enrolment for end users to set up via an onboarding portal saves time for IT technicians.
Profiles for fast onboarding: whether required by device, user group, location, department, etc., profiles that preconfigure email accounts, Wi-Fi access, and more can be automatically applied at enrolment.
Browser based administration console: while some MDMs offer a desktop/server application for administration, all have a browser-based option, ideal for remote management.
Device feature management: device hardware can be locked or restricted, such as the iPhone camera.
Application management: similarly, apps can be restricted to those approved by organization policy. A sound recorder might be blocked, for example.
Kiosk mode: this is the ability to restrict use of a mobile device or computer to such an extent that all but one or two specified software applications can run.
GPS location and remote wipe: vital for device security, these tools can find lost or stolen phones, missing employees, and wipe corporate data completely (often leaving personal data intact, particularly on BYOD phones and tablets).
Other notable features that aren't available with all MDMs include integration with Active Directory, enhanced options for end users, and extension of MDM functionality into full endpoint management. Many MDMs also provide functionality to create curated app stores to replace the default stores.
Managing mobile devices for your organization? You need MDM software
Maybe you've just got a couple of laptops and iPhones to deal with. In that case, you probably don't need to worry about MDM software. But in a growing organization with an increasing number of phones and tablets of all models, MDM software is vital.
A vast selection of MDM software is available. The five examples highlighted above were rated in a series of reviews focused on their features and pricing. We think they're the best Mobile Device Management solutions in the marketplace right now, suitable for all scales of operation.
Which MDM solution is best for you?
When deciding which MDM solution to use, first consider what your actual needs are, as budget options may look enticing for cost-effectiveness but miss out on useful tools. Additionally, higher-end software can really cater for every need, so do ensure you have a good idea of which features you think you may require from your MDM solution.
How we tested the best MDM solutions
To test for the best MDM solutions we first set up an account with the relevant software platform, then we tested the service to see how the software could be used for various purposes and situations, using a range of mobile devices such as different smartphones and tablets. The aim was to push each MDM platform to see how useful its basic features were and also how easy it was to get to grips with any more advanced tools.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Dave is a freelance tech journalist who has been writing about gadgets, apps and the web for more than two decades. Based out of Stockport, England, on TechRadar you'll find him covering news, features and reviews, particularly for phones, tablets and wearables. Working to ensure our breaking news coverage is the best in the business over weekends, David also has bylines at Gizmodo, T3, PopSci and a few other places besides, as well as being many years editing the likes of PC Explorer and The Hardware Handbook.