Best MCM Clients

Mobile Content Management (MCM) is becoming increasingly important, thanks to BYOD strategies and the proliferation of business apps for mobile devices

Being able to provide your sales and distribution teams with full access to business systems helps with a range of functions, such as sales presentations and delivery scheduling, but it also provides a potential point of data leakage.

Here is our list of the best Mobile Client Management Clients:

  1. ManageEngine Mobile Device Manager Plus (FREE TRIAL) This system will manage devices running Windows, macOS, Chrome OS, Android, iOS, and tvOS and it offers a range of options for content delivery strategies in conjunction with a MAM. Offered as a SaaS package or for installation on Windows Server. Start a 30-day free trial.
  2. BlackBerry Unified Endpoint Management This package covers desktops as well as mobile devices and it can be used to synch storage, making content available across devices. This is a SaaS platform but the software is also available for installation on Windows Server.
  3. Cisco Meraki Systems Manager This cloud-based package offers mobile device management with an option to deliver content through containerization.
  4. SOTI MobiControl This MDM is part of the SOTI One SaaS platform and implements a range of content delivery and protection strategies for mobile and IoT devices. Also available for installation on Windows Server.
  5. Citrix Endpoint Management MDM with MAM and MCM delivered from a cloud platfor4m and catering to devices running Windows, macOS, iOS, tvOS, Android, ChromeOS, and Citrix.

You can read more about these options in the following sections.

BYOD policies help peripatetic employees seamlessly move from the office to the worksite and switch to the home office whenever necessary. However, a lost phone can mean disaster for your data protection policy.

The solution to securing data on mobile devices has multiple layers and needs to take into account the differences in operation between corporate fleet devices and user-owned devices. Control of content starts with control of the device and involves Mobile Device Management (MDM) functions that include tracking, locking, and wiping. Mobile Application Management (MAM) also plays a role because applications very often control access to backend data stores.

Mobile content management lets you control where documents go and who can access raw data. Depending on your corporate infrastructure, you might opt for a full unified endpoint management system that covers desktops, IoT devices, and wearables as well as laptops, smartphones, and tablets. Other options just allow users to access a portal to see data rather than possessing it in file formats.

Content security challenges

Mobile devices create security weaknesses because they are outside of the controlled environment of business premises. At the company offices, a degree of discretion can be ensured by controlling who has access through the lobby. Outside of that environment, there are no physical blocks to strangers getting at your data.

It has to be noted that many of the risks of data disclosure that are encountered with mobile devices are also possible with the home-based PC of work-from-home employees. As businesses have managed to cope with that risk, there should be a greater acceptance of the risk that mobile access to data represents.

The extra problem that mobile devices present is that they are out in the big wide world and so can be lost or pilfered when a user is distracted. These scenarios should be addressed by the tracking, locking, and wiping capabilities of a mobile device management package and therefore should be put to one side when examining MCM systems.

Mobile content delivery

The choice of a mobile content management client is inextricably linked with the selection of the mobile content management system and mobile device management package that is to be used. So, when considering the best mobile content management client, we are examining the mobile content management system as a whole.

The method of delivery that is used for mobile content management greatly influences how access to that content is permitted. Options include:

  • Portal access through a private Web system
  • Containerization, which works well for BYOD devices
  • Kiosk systems, which disable many key functions

A kiosk delivery service is best suited for display devices, such as tablets that are used in a salesroom or as input devices for order input in restaurants or stores. Kiosk displays are closely tied to MAM, which delivers a tightly controlled interface, reducing the ability of the user to break through to the operating system of the device.

Portal access systems function in the same ways as SaaS packages, such as Google Workspace or Microsoft 365, only set up only for corporate access. These Web-based solutions can be delivered across the internet but are protected with access credentials. Saving to local drives can be blocked and all data access is performed through Web-based applications that have copy functions blocked.

Containerization provides local storage for data but this is kept separate from the operating system. Access to the container’s functions can be controlled by credentials and idle-time locking can be implemented. This is a good solution for employees who want to use their own devices for work because it keeps business and leisure use of the device separate.

The best MCM clients

In this review, we will look at a range of MCM solutions that cater to different mobile asset strategies. We will also address the needs of a range of company types and sizes. The structure of the client used on mobile devices depends on which control and delivery system you prefer.

What should you look for in an MCM client for your business?  

We reviewed the market for mobile content management systems and analyzed the tools based on the following criteria:

  • Containerization options
  • Copy watermarking and tracking
  • Kiosk mode possibility
  • Portal content delivery
  • Linked MAM
  • A free trial or a demo system for a no-obligation assessment opportunity
  • Value for money from a solution that prevents data theft and if offered at a good price

With these criteria in mind, we identified several suitable mobile content management solutions. There are many ways to approach content control on mobile devices but a very important factor is to ensure that the MCM system doesn’t drain device batteries too quickly or force heavy processing on the device’s CPU.

1. ManageEngine Mobile Device Manager Plus (FREE TRIAL)

ManageEngine Mobile Device Manager Plus

ManageEngine Mobile Device Manager Plus is a full mobile management system that includes device security, mobile application management, and mobile content management.

Key Features:

  • Multi-Platform App Support: Compatible with iOS, Android, and Windows devices.
  • Secure Transfers: Ensures safe and encrypted data transfers.
  • Document Viewer: Allows viewing documents directly within the app.
  • Content Restrictions: Blocks forwarding or copying of sensitive content.
  • Automatic Content Updates: Keeps all managed content up-to-date automatically.

Why do we recommend it?

ManageEngine Mobile Device Manager Plus offers a comprehensive mobile management solution, ideal for businesses looking to secure and manage a variety of devices efficiently. It combines robust security features with user-friendly management tools.

The MDM client for the system is called the ME MDM app. The app is an agent that is resident on the device and acts as a client for connection security with the MDM server system. The app also includes a menu of data access options, such as the MDM Document Viewer.

BYOD devices can be enrolled in the MDM service on demand through a self-service portal. Business fleet devices can be set up in bulk by the administrator. Delivery and security policies can be defined for each group, enabling each type of device ownership to get a different treatment. BYOD devices can be enrolled in the network through a containerized delivery, keeping corporate utilities and data separate from the device’s operating system.

The central administrator can access each enrolled device, even getting a view of the screen. This is a great tool for remote support. Security measures enable the administrator to track all devices and lock and wipe those that are lost or stolen.

The suite of administration tools that are accessible in the Web-based console system includes security scans that examine all devices for malware and misuse, such as jailbreaking. The package also includes a mobile email management module.

Who is it recommended for?

This tool is perfect for IT administrators managing a fleet of mobile devices, especially in environments that support BYOD policies. It’s also suitable for MSPs needing a scalable solution to manage multiple clients’ devices.


  • Efficient BYOD Management: Provides containerization to securely separate corporate data on personal devices.
  • Remote Support Access: Allows administrators to remotely access and troubleshoot devices.
  • Device Security: Features for tracking, locking, and wiping lost or stolen devices enhance security.
  • Secure Connectivity: Ensures all connections between devices and servers are secure.
  • Malware Protection: Regular scans for malware and unauthorized modifications.


  • No Cross-Device Continuity: Lacks seamless continuity features across different devices.

ManageEngine Mobile Device Manager Plus can be installed on Windows Server or accessed as a cloud service. The full package can be used for free forever to manage up to 25 mobile devices and there is an edition for MSPs. You can access either the SaaS version or use the Windows Server edition on a 30-day free trial.


ManageEngine Mobile Device Manager Plus is our top mobile device management tool because it offers a comprehensive solution for managing, securing, and supporting mobile devices. Its combination of device security, mobile application management, and mobile content management makes it ideal for various business environments.

The flexibility of being installable on Windows Server or accessible as a cloud service allows it to cater to different organizational needs. The user-friendly interface, robust security measures, and advanced features like BYOD containerization, remote support, and malware scanning provide excellent control over both personal and corporate devices.

ManageEngine Mobile Device Manager Plus stands out for its ability to efficiently manage up to 25 devices for free indefinitely, making it a cost-effective choice for small to medium-sized businesses. Its extensive features ensure that IT administrators can maintain high security and productivity across all managed devices.

Official Site:

OS: Windows Server, Cloud-Based

2. BlackBerry Spark UEM Suite

BlackBerry UEM

BlackBerry Spark UEM Suite is a package of mobile device management systems that includes a secure mobile content management bundle. The main MCM concept in the package is implemented with encryption that is implemented on connections and individual files. These enable document owners to set access rights and permission levels for other team members. Access to data is also restricted through the use of a suite of BlackBerry-created productivity tools, called BlackBerry Workspaces.

Key Features:

  • App-Based Data Access Control: Manages access to data through BlackBerry’s suite of apps.
  • BYOD Containerization: Provides secure separation of corporate data on personal devices.
  • Activity Logging: Records all user activities for auditing purposes.
  • Digital Rights Management: Manages permissions and access rights to documents.

Why do we recommend it?

BlackBerry Spark UEM Suite excels in secure mobile content management with strong encryption and digital rights management. Its integration with productivity tools like DocuSign adds extra value for secure document handling.

The MDM can run devices with iOS, Android, Windows, macOS, BlackBerry, Linux, and Samsung Knox. Fleet devices can be accessed remotely and user-owned devices can be included in the network through the creation of an access app. This amounts to a containerized locker of access and tools. The Spark UEM administrator controls don’t include a tracking service and, other than remote access, there is no utility for locking or wiping a device.

Data controls include a DRM system and the package also includes integration with DocuSign, which includes copy tracking.

Who is it recommended for?

This suite is ideal for organizations that prioritize high-level security for mobile content management, especially those needing detailed access controls and document tracking. It’s also suitable for businesses using a diverse range of devices, including Linux and BlackBerry.


  • Robust Access Controls: Document owners can set detailed access permissions.
  • Enhanced Document Security: Features document signing and copy tracking with DocuSign integration.
  • Comprehensive Encryption: Uses file-based encryption to secure individual files.
  • DocuSign Integration: Streamlines secure document signing and tracking.


  • Lacks Tracking Functionality: No device tracking features in the console, limiting remote management options.

BlackBerry Spark UEM Suite is a SaaS platform but it is also available for installation on Windows Server. The BlackBerry Spark UEM Suite is available for a free trial.

3. Cisco Meraki System Manager

Cisco Meraki System Manager

Cisco Meraki is a unified endpoint management system that covers office endpoints, mobile devices, and IoT equipment. The MDM package within this cloud-based package can monitor and manage devices running Windows, macOS, Windows Phone, iOS, Android, Chrome OS, and Samsung Knox operating systems.

Key Features:

  • BYOD Containerization: Separates corporate data from personal device data.
  • Standard Device Configuration: Allows administrators to set up devices with predefined configurations.
  • Role-Based Menus: Customizes application menus based on user roles.

Why do we recommend it?

Cisco Meraki System Manager offers a comprehensive, cloud-based endpoint management solution, excelling in device tracking, logging, and secure content management. It’s particularly strong in managing a variety of device types and operating systems.

System administrators can set up a fleet of mobile devices en masse by setting up a standard configuration that follows specific security and content delivery policies by the group. So, you can vary the app library added to each type of device and also create work-level groups that provide access to job-specific applications and data.

User-owned devices can be added to the network through a self-service portal. This adds an MDM app to the device, which also acts as a MAM and MCM client. This package of services is then delivered as a locker, which loads onto the device through containerization and keeps corporate functions and data separate from the device’s operating system.

The Web-based Meraki administrator dashboard includes a great map-based device tracker. There are also straightforward device locking and wiping commands available in the system. Call and data activity is logged per device and it is possible to put a limit on the amount of each that a specific device can use on the corporate account.

Who is it recommended for?

This system is ideal for organizations with diverse device fleets needing centralized management and strong security controls. It’s also suitable for businesses implementing BYOD policies and requiring robust tracking and logging features.


  • Detailed Usage Logging: Tracks call and data activity per device.
  • Comprehensive Device Control: Includes tracking, locking, and wiping capabilities.
  • Cloud-based Management: Offers a web-based console for easy remote management.


  • Weaker Content Management: Focuses more on device management than content management.

The Meraki system includes a service called Backpack. This is a containerization service and it allows files to be made available to mobile devices without them becoming accessible to the device’s operating system. Thus, any native or alternative apps for viewing various document types cannot be used with these files, and access to them is limited to authorized applications with disabled copy and forwarding functions.

Cisco Meraki is available for a 14-day free trial.

4. SOTI MobiControl

SOTI MobiControl

SOTI MobiControl is an on-premises software package that runs on Windows Server. It is also available as a SaaS package from the SOTI One cloud platform. The tool enables you to manage mobile devices running You can manage Windows, iOS, and Android devices plus IoT devices running Linux.

Key Features:

  • Deployment Flexibility: Available as on-premises software or SaaS.
  • Comprehensive Device Control: Manages both mobile and IoT devices.
  • BYOD Support: Allows for secure use of personal devices.

Why do we recommend it?

SOTI MobiControl stands out for its flexibility in deployment options and its robust management capabilities for both mobile and IoT devices. The secure content distribution through SOTI Xtreme Hub enhances its appeal.

All enrolled devices are listed in the administrator dashboard, which also shows their locations on a map. In the case of fleet devices, the entire device can be set up and controlled by the administrator and it is also possible to allow BYOD owners to install an app, which is containerized and gives access to business data.

The MAM and MCM client is implemented as a secure browser, which connects through to a content distribution network, called SOTI Xtreme Hub. This distribution system controls access to corporate documents and also speeds up delivery. All file activity is logged.

Who is it recommended for?

SOTI MobiControl is ideal for enterprises needing a versatile device management solution that supports both on-premises and cloud deployment. It’s particularly suited for organizations with diverse device types, including IoT devices and those supporting BYOD policies.


  • Secure Applications: Uses a secure browser for MAM and MCM functions.
  • Containerized Solutions: Offers containerized applications for secure data access on BYOD devices.
  • Efficient Content Delivery: Utilizes a content delivery network to speed up access to corporate documents.


  • Limited On-Premises Trial: No free trial available for the on-premises version, limiting initial evaluation options.

The administrator dashboard enables remote access to devices, including a remote screen viewer. Locking and wiping are also possible. The Saas version of SOTI MobiControl on the SOTI One platform is available for a 30-day free trial.

5. Citrix Endpoint Management

Citrix Endpoint Management

Citrix Endpoint Management uses virtualization in its MCM client, which capitalizes on this provider’s core technology. The MAM strategy of the Citrix system provides proprietary email, messaging, collaboration, and file-sharing utilities. System administrators can make third-party or in-house tools available to mobile devices through a system called “wrapping.” This is an encryption service that protects the communication between the device and the server and also controls access to apps on the device.

Key Features:

  • Enhanced App Security: Uses encryption to secure app communication and access.
  • Proprietary File Access Apps: Provides secure, proprietary apps for email, messaging, and file sharing.
  • BYOD Support: Accommodates personal devices with secure access.

Why do we recommend it?

Citrix Endpoint Management excels in secure, virtualized workspace management, allowing users to access their workspace from any device without compromising security. Its “wrapping” encryption service enhances the protection of third-party and in-house applications.

Applications are not loaded onto each device. Instead, the device gets a network access app. This app works for both BYOD and fleet devices and it requires a sign-in. So, if the device gets lost, those who discover the device can’t get to any corporate apps or data because they are hosted on the company server and nothing, other than the secure app, is on the device. This strategy also means that users can access their workspace from any device and continue where they left off.

Who is it recommended for?

This solution is ideal for enterprises that prioritize security and flexibility, especially those needing to support a mobile workforce. It’s particularly suited for organizations with BYOD policies and those requiring seamless cross-device continuity.


  • Universal Workspace Access: Users can access their hosted workspace from any device, ensuring flexibility and productivity.
  • Seamless Cross-Device Continuity: Maintains a continuous user experience across multiple devices.
  • Minimal Device Software: Reduces security risks by minimizing software installation on devices.


  • Complex Access Management: Requires detailed planning for access rights, which can be time-consuming.

The Citrix system gives users views on their server-hosted workspace wherever they are, so it is also great for delivering access to WFH employees. Request a demo to see the Citrix system.