Choosing the Right MDM Strategy.
Your Google Workspace/G Suite Edition
Not all editions allow advanced device management. You may only enable advanced device management if your organization uses one of the following editions: G Suite Basic, G Suite Business, G Suite Enterprise, Google Workspace Business Plus, Education Fundamentals/Education Plus, or Cloud Identity Premium. Learn more about Google Workspace/G Suite editions here.
Your Organization’s Goals
If core security measures such as hijacking protection and password requirements are enough for your organization, basic device management will be enough for you. However, if your organization needs more strict security measures like requiring stronger passwords, the ability to wipe devices remotely, iOS apps management, and Android work profiles, advanced endpoint management is an excellent option.
Level of User Involvement
With no need for action on the user’s part, basic mobile security is an ideal option when minimal end user involvement is a priority. Contrarily, enabling advanced mobile security will send users a prompt to install a Device Policy app. Android users may also choose to set up a work profile on their device.
Mobile Device Management Options.
Basic Mobile Security
Basic mobile management is on by default and provides core security, such as hijacking protection. Your users don’t need to install a device management app with this option.
This feature provides the fundamental tools you need to let people in your organization access their work accounts from mobile devices while keeping your organization’s data more secure.
Products supported: Android devices, iPhones, and iPads.
Setup: Unless an admin at your organization has previously disabled basic MDM, there is no action needed to start using this. You can let users know that the mobile devices they use for work are managed and there is no action required for them.
Regardless of your overall security settings, we highly recommend enforcing 2-Step Verification (also called multi-factor authentication) for your Google Workspace users. This is the single most important step you can take to protect your organization’s data.
Please see Google Workspace Device Management for information regarding other devices, such as laptops, desktop computers, and Chromebooks.