Infosec glossary
MDM
Mobile Device Management
Organizations use mobile device management to administer smartphones, tablets, and other supported endpoints from a central system. MDM applies configuration and security policy throughout the device lifecycle. It can support organization-owned devices and approved personal devices, depending on the operating system and enrollment method.
MDM manages the mobile device lifecycle
The lifecycle begins with enrollment and assignment to a user, group, or ownership model. Administrators can then distribute settings, certificates, network profiles, applications, restrictions, and operating system requirements.
Later actions may include updating policy, checking compliance, locking a device, removing organizational data, or retiring the record. Available controls depend on the platform APIs and whether the device is fully managed, supervised, or enrolled for work access only.
MDM security controls and access checks
MDM can require a passcode, configure encryption settings, restrict applications, install certificates, and enforce supported operating system versions. It can also report whether a device meets policy so an identity or access system can permit, limit, or deny access.
MDM does not inspect every threat or replace endpoint detection. Its role is device administration and policy enforcement, with security capabilities bounded by the operating system and management mode.
- Device enrollment and inventory
- Configuration, certificate, and application delivery
- Security policy and compliance status
- Remote lock, organizational data removal, and retirement
MDM differs from UEM and EDR
Unified endpoint management extends centralized administration across mobile devices, desktops, laptops, and sometimes other endpoint types. MDM may be a component of a UEM service or a narrower deployment focused on mobile operating systems.
Endpoint detection and response monitors endpoint activity for threats and supports security investigation and containment. MDM and EDR can operate on the same device, but they collect different data and serve different administrative and security functions.
Related reading
The term is clearer when the nearby language is clear too.
Use the pages below when you need adjacent terms, category context, or a longer explanation instead of leaving the definition to stand on its own.
Adjacent terms
Further reading
Sources used to check the definition and terminology
Guides
Where the definition expands into a longer explanation
A practical guide to calibrating cybersecurity website copy so it proves competence to serious buyers without collapsing into jargon or unreadable product prose.
Cybersecurity Copywriter vs General B2B WriterHow to decide when a general B2B writer is enough and when cybersecurity copy needs category fluency, stronger terminology, and less revision risk.