Hey everyone,
I’m currently exploring how IT teams address mobile device management (MDM) in 2025, especially given the evolving and complex enterprise demands, such as managing hybrid workforces, securing multi-OS environments, enabling Zero Trust models, and improving user onboarding.
I’m really curious to hear from this community:
- What MDM or UEM solution are you using today?
- What made you choose it over others?
- Any limitations, missing features, or frustrations?
- What features matter most to your org?
- Are you managing multiple OSes? If so, how well does your tool handle cross-platform management?
- What’s one thing you wish your MDM handled better in 2025?
I work with a UEM vendor (Scalefusion) but I’m here mostly to learn from the community (not pitch). Would love to hear your thoughts and real-world experiences—what’s working and what’s not!
Your honest feedback (good, bad, or brutal) is welcome—it’ll help inform how we all build or choose better tools for the future.
Looking forward to hearing from you, & thanks in advance!! 
Choose MDM/UEM solution you are currently using:
- Microsoft Intune
- Jamf
- Workspace ONE
- SOTI
- Scalefusion
- Something else (comment below)
neal2314
(Neal2314)
2
Using Sophos. It works well with Android and iFruit, and is integrated with Sophos Antivirus.
Thanks for your response. Interesting that you’ve got Sophos for both MDM and antivirus—are you finding the integration between device management and endpoint security smooth in practice? Especially curious how it handles Android vs iFruit—any major differences in capabilities or restrictions you’ve run into?
Also, do you use it primarily for corporate-owned devices or BYOD too?
neal2314
(Neal2314)
4
The integration is very smooth. While the whole “single pain of glass” thing is overrated, in this case it works well.
The only restrictions we hit are in the nature of the devices. Apple’s walled garden approach allows for a more secure device, but if we use the container feature we can make a very secure Android for corporate data.
We mainly use it for corporate devices, although we do install it on BYOD devices to protect ourselves.
That’s really helpful context—thanks for the detailed breakdown 
Totally agree on the “single pane of glass” buzzword fatigue 
, but glad to hear Sophos lives up to it in your environment. Your point about Apple’s security vs. Android containerization is spot on—seems like you’ve struck a good balance.
re-boot
(Re-boot)
6
We’re already using ManageEngine Endpoint Central for our windows desktops so that’s our default choice for MDM. Just getting into the MDM side of it, deployed several Android tablets locked down to our payroll vendor to be used as time clocks. Another team member is currently working on iphone integration. Literally just getting started on it this week so too soon to comment.
My only complaint about the Android side is I would like to be able to do unattended remote access. Only option I currently see is a remote view-only and even with that it requires user acceptance at the device. Haven’t had a chance to dig in to see if we can get unattended full control working or not.
1 Spice up
Hey! Just circling back here — sounds like you were right at the start of your MDM rollout when you posted this. Hope things have progressed smoothly over the past week or so.
Curious — how did the iPhone integration go? And did you face any roadblocks with locking down those Android tablets for time clock use? Always insightful to learn how teams are managing real-world deployments across different OSes.
Appreciate any updates if you get a chance!
shnool
(SHNOOL)
8
We use Intune, and we have a pretty tight handle on our winders devices. Our corporate owned iphones are OK, but its more an us not forcing things (yet). Android we could do better, but it is in our rollout to fix the iOS and Android device compliance in the coming weeks.
We use a different tool for RMM, so that’s not really an issue for us. We don’t typically do a lot of direct management of corporate iOS or android devices so RMM for those devices is not on our radar. Generally though we are satisfied with what we can do with inTune.
We are still running hybrid AD/Entra so we’re migrating GPOs to Intune policies over time.
Shortly we’re stepping up from E3 to E5 so we will likely focus more and more on this in the coming months.
Thanks for the detailed breakdown—really appreciate it!
Sounds like you’ve got a solid handle on Windows via Intune, and it’s great that you’re actively working on tightening up compliance for iOS and Android. That phased rollout approach makes a lot of sense, especially when juggling hybrid AD/Entra setups and GPO migrations.
Out of curiosity—how has the transition from GPOs to Intune policies been so far? Any lessons learned or unexpected hiccups during that migration?
Also interesting to hear you’re moving from E3 to E5. Are you planning to take advantage of any of the advanced compliance or security features with that upgrade?
shnool
(SHNOOL)
10
E3-E5
We will actually be looking to dramatically tighten our Identity and conditional access policies first. Then we will be finishing our MDM of android/iOS. Concurrently migrating the rest of our policies from GPO to Intune (where it makes sense)
The compliance side will pickup probably mid way on the above work. We are looking at focusing on data compliance/exfiltration protection in a big way, likely mid fiscal year this year. Our environment has finally started to homogenize (for lack of a better description), using the same tools (this is a big deal with two disparate forests for us), so it is logical we can finally start to focus on data retention, risk evaluations, security, and general compliance.
It is ironic as to date I’ve not actually stated that was the goal, but of course that is the goal.
