1.3 Configure basic mobile device network connectivity and application support
📘CompTIA A+ Core 1 (220-1201)
What is Mobile Device Management (MDM)?
Mobile Device Management (MDM) is a centralized system that allows an organization’s IT department to manage, secure, monitor, and control mobile devices.
These mobile devices include:
- Smartphones (Android, iOS)
- Tablets
- Company-issued laptops (in some cases)
MDM is used in organizations to:
- Apply security rules
- Configure device settings
- Control which apps can be installed
- Protect company data
- Remotely manage lost or stolen devices
MDM is especially important when employees use mobile devices to access:
- Corporate email
- Company files
- Internal applications
- Cloud services
Why MDM Is Important for the Exam
For the CompTIA A+ exam, you must understand:
- What MDM is
- How devices are configured using MDM
- Differences between Corporate and BYOD
- How policies are enforced
- How corporate applications are managed
Device Configurations in MDM
MDM allows IT administrators to push configurations to devices automatically.
Common Device Configurations Managed by MDM
- Wi-Fi settings
- VPN settings
- Email account setup
- Password requirements
- Screen lock settings
- Encryption settings
- Camera and Bluetooth permissions
- App installation rules
These settings are applied without manual setup by the user.
Corporate Devices (Company-Owned Devices)
What Are Corporate Devices?
Corporate devices are:
- Owned by the company
- Issued to employees
- Fully controlled by IT
Examples in an IT environment:
- A company-issued Android phone for support staff
- A tablet used by warehouse inventory teams
- A smartphone issued to managers for email and internal apps
MDM Control on Corporate Devices
Because the company owns the device, IT has full control.
MDM can:
- Enforce strong passwords
- Enable full device encryption
- Block app stores or limit app downloads
- Disable features like camera or USB file transfer
- Automatically install company apps
- Monitor device compliance
- Lock or wipe the device remotely
Key Exam Point (Corporate Devices)
✔ Company has full control
✔ IT can wipe entire device
✔ Highest level of security
✔ Used when data protection is critical
Bring Your Own Device (BYOD)
What Is BYOD?
BYOD (Bring Your Own Device) means:
- Employees use their personal devices
- Devices access company email, files, or apps
- The company does not own the device
Examples in an IT environment:
- Employee uses their personal smartphone for company email
- Employee accesses company cloud apps from their own tablet
MDM Control on BYOD Devices
Because the device is personal:
- IT control is limited
- User privacy must be respected
MDM usually manages only corporate data, not personal data.
Common BYOD MDM Features
- Create a secure work profile or container
- Separate corporate apps from personal apps
- Enforce passwords only for work data
- Allow selective wipe (remove company data only)
- Prevent copying company data to personal apps
- Control access to corporate email and VPN
Key Exam Point (BYOD)
✔ Device is personally owned
✔ IT control is limited
✔ Corporate data is separated
✔ Selective wipe instead of full wipe
Corporate vs BYOD (Exam Comparison)
| Feature | Corporate Device | BYOD |
|---|---|---|
| Device ownership | Company | Employee |
| IT control | Full | Limited |
| Data separation | Not required | Required |
| Remote wipe | Full device wipe | Selective wipe |
| Privacy concerns | Low | High |
Policy Enforcement (Very Important for Exam)
What Is Policy Enforcement?
Policy enforcement means using MDM to force rules on devices so they meet company security standards.
These policies are automatically applied and monitored by MDM.
Common MDM Policies
Security Policies
- Strong password (PIN, password, biometrics)
- Auto-lock after inactivity
- Encryption required
- Disable jailbroken or rooted devices
Access Policies
- VPN required for internal access
- Email access only if device is compliant
- Block access if OS version is outdated
Usage Policies
- Block unknown app installations
- Restrict Bluetooth, USB, or hotspot usage
- Disable screenshots for secure apps
What Happens If a Device Breaks Policy?
MDM can:
- Block corporate email
- Remove access to internal apps
- Notify IT administrators
- Lock the device
- Wipe corporate data
Exam Tip
CompTIA A+ often tests:
MDM enforces security policies automatically and centrally
Corporate Applications
What Are Corporate Applications?
Corporate applications are apps used specifically for business purposes.
Examples in an IT environment:
- Corporate email apps
- Internal chat apps
- Inventory management apps
- CRM or ERP mobile apps
- Secure document access apps
How MDM Manages Corporate Apps
MDM allows IT to:
- Push required apps automatically
- Block unapproved apps
- Update apps remotely
- Remove apps if employee leaves
- Restrict app features (copy, paste, screenshots)
App Distribution Methods
- Managed App Store (private app store)
- Automatic installation during device enrollment
- Required apps cannot be removed by users
Corporate Apps in BYOD
- Installed inside a secure work container
- Data cannot be shared with personal apps
- Removed automatically if employee leaves
Remote Management Features (Exam Focus)
MDM supports:
- Remote lock
- Remote wipe
- Location tracking (if allowed)
- Device compliance reporting
- Remote configuration updates
Key Exam Keywords to Remember
- MDM (Mobile Device Management)
- Corporate device
- BYOD
- Policy enforcement
- Selective wipe
- Device enrollment
- Managed applications
- Work profile / container
- Remote wipe
- Security compliance
Exam Summary (Quick Review)
✔ MDM centrally manages mobile devices
✔ Corporate devices allow full IT control
✔ BYOD devices allow limited control
✔ Policies enforce security automatically
✔ Corporate apps are managed and protected
✔ Selective wipe protects personal data
