Think Your Native MDM Solution is Enough? Think Again

You don’t use just one security solution for your mobile devices, so why would you “go at it alone” with just your Mobile Device Management (MDM) solution? MDM solutions are great, but the management coverage they provide is minimal when compared to the management coverage and security you’ll find with on-premise desktops.

MDM alone simply doesn’t cover many common scenarios that on-prem admins have already completely handled.

In the same way that you want the best on-prem security tools to augment what you already have “in the box”, you’ll want to the best MDM add-on tools to augment what you already have “in the MDM box.”

How Can Admins Augment and Complete Their MDM Solution Set?

There are a lot of great MDM solutions available. Microsoft Intune, VMware Workspace One and MobileIron are all great solutions (there are other great ones too). They all provide the basics, but don’t handle the specific scenarios that you likely have right now.

Here are some ways that PolicyPak MDM can augment your existing MDM investment.

MDM + Missing Group Policy and Group Policy Preference Settings

While there are certainly important things that MDM, the new kid on the block can do, Group Policy literally delivers thousands of settings – many more than any available MDM solution.

But ask MDM to create a shortcut on the desktop, and you’ll be spending quality time building your own custom PowerShell to add (and also remove) that simple shortcut. Or take any of the thousands of missing Group Policy, Group Policy Preferences or Group Policy Security settings.

If you need to close the gap on even one setting, or maybe a hundred settings that MDM cannot do, then simply add PolicyPak MDM to your MDM. PolicyPak MDM enables you to deliver any real on-prem Group Policy, Group Policy Preferences or Group Policy Security setting … using your existing MDM service.

And just like that, you get 100% of Group Policy coverage; no need to wait years for MDM to catch up (or, never catch up). Here are some videos to check out with PolicyPak and your MDM service.

Windows Autopilot + Misbehaving Applications

Windows Autopilot is an ideal way to use the cloud to deploy, reset, repurpose and recover Windows 10 devices.

The cloud gives users the flexibility to do this on their own, and what’s more, they don’t need admin rights day-to-day. This is a key security move ensuring accidentally downloaded malware stays away from privileged access.

Except, of course, we all know there are select applications that do require admin rights for installation or operation. When that is the case, use PolicyPak Least Privilege Manager alongside your MDM to enable standard users to perform the local admin activities they need to do their jobs.

Users without local admin rights will be able to install apps from trusted sources or access admin-only control panel applets. You can see a video demonstration of PolicyPak Least Privilege Manager here.

Roaming Computers + Security Lockdown

MDM solutions can be a great way to deploy applications. For example, when a sales executive needs a different web browser for a presentation a thousand miles away, MDM can save the day.

But when you are managing more commonly used applications, like Firefox, you need PolicyPak Application Manager in conjunction with your native MDM to configure, deploy and lockdown thousands of user settings. You can see a video demonstration of Application Manager managing Firefox settings here.

Fresh Start + File Associations

Another example where PolicyPak can be a boon to a native MDM solution is when a mobile user needs a device reset while on the road. If the device has to be restored back to the factory defaults, file associations will also be restored back to defaults. PolicyPak File Association Manager can be a great supplement to the MDM because in this scenario, it ensures that users always have the same predictable desktop experience when they click on files, even when the device is reset. You can see a video demonstration of File Association Manager here. (Note: this scenario only works when the machine is hybrid joined).

Final Thoughts on MDM

Mobile computing has forever changed the way we secure and manage the enterprise.

If you have an MDM solution to manage machines which are “always on the go” you’re on the right track. You need a multi-layered approach to management which reduces the gaps.

Pair up your current Mobile Device Management solution with PolicyPak, and you get a truly Modern Device Management solution.

For example videos where you can see your MDM service alongside PolicyPak, check out this link.

Jeremy Moskowitz

Founder & CTO, Microsoft MVP in Group Policy, Enterprise Mobility, and MDM

Jeremy Moskowitz founded PolicyPak Software after working with hundreds of customers with the same problem they couldn’t manage their applications, browsers and operating systems using the technology they already utilized.

Ready to Get Started? Register for Our Demo.

Our PolicyPak Demos explain everything you need to know to get started with the software. Once you've attended the demo, you'll be provided a download link and license key to start a free trial.