MDM (Mobile Device Management) is a corporate IT system that enrols devices with a centrally-managed configuration server. MDM-enrolled phones, tablets, and laptops require the original organisation's credentials at first setup, even after factory reset, before the device can be activated for normal use.
Major MDM platforms include Jamf, Mosyle, Kandji, Microsoft Intune, VMware Workspace ONE, Cisco Meraki, and Google Workspace device management. On Apple devices, MDM enrolment is reinforced by Apple's Device Enrolment Program (DEP), which baked the enrolment into Apple's activation servers. Samsung's equivalent is Knox Configure / Knox Mobile Enrolment.
MDM-locked devices cannot be removed from the organisation's account by anyone except the original organisation's IT administrator. For wholesale buyers, this is a critical risk in three categories of stock:
- Education refresh, iPad and Galaxy Tab fleets from school districts. MDM rates of 70-90 percent are typical.
- Enterprise leasing returns, Lenovo and Dell laptops, corporate iPhones. Most are wiped properly but a percentage retain MDM enrolment.
- Field-service tablets, logistics, healthcare, retail deployments.
Always verify MDM status by booting through the activation flow on a sample unit before purchasing former-corporate or former-education stock.