We currently use MobileIron as a mobile device management tool. It is used to provide email to company phones and allows for deploying email to BYOD devices in a secure container. Company devices also gain the benefits of a 'store' of applications that users commonly consume and deployment of needed certificates for device authentication.
MobileIron has a very easy to deploy architecture. We reviewed other products before making our business decision to deploy MobileIron, and one of the reasons we selected MobileIron was due to the ease of deployment, the low footprint, and the ease of configuration.
MobileIron has a broad range of customizations and add-on products that make it an ideal product for a number of additional use cases. None of these use cases got business backing at BH Media, but Docs@Work and Apps@Work are two features that would make MobileIron an ideal tool for a customer who needs to allow BYOD or company devices the ability to access documents or applications without VPN.
MobileIron is supported by a large number of devices and their operating systems. In a company which allows BYOD devices, you can't always control what device a user is going to bring in. MobileIron has support for older devices and OS versions and is also quick to adopt newer devices, so a new device isn't shut out in the cold waiting for a vendor to update their software.
During upgrades to the Core server when a device loses contact with the Core, the MDM profile is removed from the phones and when installed back unique user customizations are lost. If a user has unique customizations this should be stored in the Core DB so that when redeployed, the customizations are added back too.
Android devices do not have the best mail container. The email+ feature is an add on. If this is selected then a user must rely on the native mail app for androids which is often difficult to use. iOS and other devices do not have this required add-on. This android add-on should be native to the software.
Android devices have a hard time handling user password changes. The passwords are cached on the android (natively) and MobileIron will quickly lock a user's AD account out. This causes our Enterprise Service Desk a headache dealing with these devices. If MobileIron flushed the credentials from an android or injected the new credentials into the android cache (which it appears to do for iOS) this would not be a headache.
The installation of MobileIron was for security compliance so we could containerize email on BYOD devices and also control who got email on company phones (to prevent hourly workers from working on emails after hours). MobileIron met this need nicely.
MobileIron allowed us to utilize device certificates to prevent unauthorized devices from joining wireless networks in our company.
MobileIron allows our sales staff to get emails on the road and many users rely on the functionality and ease of the phone for general mail communication.
We have not used the MobileIron professional services. We have used MobileIron support in the past and during the initial deployment and the staff is very knowledgeable and responsive. MobileIron support tickets are quickly handled and the online knowledge base is full of good documentation and guides. We do not have any issues getting the support we need when we need it.
MobileIron is a great tool for mobile device management. It is well suited for deploying mail to devices, as well as providing security/compliance items to a device (require a passcode, install certificates). The store app is also great for pushing users to specific, needed apps without trusting them to find the correct one in the store. MobileIron is not well suited for environments which do not restrict access to mail or use a cloud-based mail provider (such as O365) as the native apps make it easier to get mail from these sources than to manage an MDM environment.