Endpoint units have develop into so ubiquitous, attached, and data-intensive that they’re some of the most beneficial generation property a company has these days. They’re additionally one of the greatest safety dangers. It’s no wonder, then, that managing the huge and rising collection of smartphones, laptops, drugs, desktops, and different end-user merchandise is a prime precedence for IT.
For a rising collection of enterprises, unified endpoint control (UEM) is the process of selection for conserving control of endpoints from descending into chaos. UEM platforms are designed to simplify the control of units and toughen the safety of heterogeneous environments.
A number of the key promoting issues of UEM is that it’s preferable to the usage of a large number of disparate mobility control equipment that may finally end up expanding prices and lowering potency for firms.
UEM platforms are principally instrument suites that supply a unmarried control interface for endpoint units inside of a company. The generation developed from and in lots of circumstances is changing cell machine control (MDM) and endeavor mobility control (EMM) equipment.
MDM merchandise keep an eye on cell machine capability and come with options equivalent to machine enrollment, far flung keep an eye on, machine lockdown, and placement monitoring; EMM supplies the ones options in addition to cell knowledge control, cell utility control, and cell content material control.
UEM broadens the endeavor control spectrum to incorporate now not solely cell units, but additionally desktop and computer computer systems, printers, wearables, and web of items (IoT) units by way of a unmarried control console.
As extra other people paintings remotely or in hybrid paintings environments — in lots of circumstances the usage of non-public units — and as extra firms release IoT and edge computing projects, UEM has develop into much more treasured for enterprises.
How to make a choice UEM instrument
Even though UEM platforms from main distributors would possibly have so much in commonplace, no two choices are totally alike. Enterprises want to do their homework when comparing the choices to be had — and it is important to understand that UEM is a moderately new generation thought that is nonetheless evolving.
Given how necessary endpoint control is to a company, it could be a good suggestion to habits an explanation of thought or a pilot check earlier than committing to a huge rollout. Creating a shift in distributors later within the procedure may well be tough and expensive. Maximum primary UEM distributors be offering 30-day unfastened trials in their instrument.
A pilot program could also be a great way to decide which options and functions are maximum important to the corporate. Checking out out more than one platforms, if imaginable, supplies a option to make direct comparisons.
10 standards for opting for a UEM platform
When comparing UEM choices, you should definitely pay specific consideration to those key elements:
1. Running device beef up. This offers a way of the breadth of the UEM device throughout Home windows, iOS, macOS, Android, and Chrome working programs, says Andrew Hewitt, a senior analyst at Forrester Analysis. “Enterprises are increasingly more having a look to fulfill the will for worker selection, particularly relating to machine working programs,” he says. “The extra a UEM helps, the much more likely the endeavor can fulfill that want.”
Sure platforms beef up more than a few working programs with various ranges of granularity and contours, says Phil Hochmuth, program vice chairman, endeavor mobility, at IDC. “Some distributors center of attention particularly on a definite working device, equivalent to Apple or Android,” he says.
2. Reinforce for bring-your-own-device (BYOD) methods. This capacity supplies a sign of explicit investments the UEM supplier has made in iOS Consumer Enrollment or Android Endeavor, Hewitt says.
“As a result of shortages in units during the last yr, we now have noticed a upward thrust in BYOD deployments,” he says. “The local enrollment fashions for BYOD from each Apple and Google supply a baseline of safety in an easy-to-enroll type, making it a lot smoother for organizations to get units into the arms of staff.”
three. Integration with different IT merchandise. Partnerships a supplier has with different platforms used to beef up IT or finish customers usually is every other key attention. “How smartly does the UEM platform combine along with your ticketing device or your safety knowledge and login platform, or your endpoint safety product?” Hochmuth asks. “Lots of the greater distributors now provide you with UEM together with different merchandise equivalent to those, and feature sturdy integration tales there.”
four. Instrument safety insurance policies. Firms want so to set insurance policies referring to such things as jailbreaking, root detection, password atmosphere, cell risk detection, malware detection, anti-phishing, and so forth, Hewitt says. “As a result of information now lives out of doors the 4 partitions of the endeavor, making sure machine safety for cell units is much more necessary,” he says. A majority of these options permit organizations to be sure that there’s no compromise in cell safety.
Additionally necessary from a safety point of view is integration with identification and get right of entry to control, far flung get right of entry to, and endpoint safety equipment “to beef up dynamic coverage and contextual get right of entry to in addition to novel authentication strategies,” says Dan Wilson, senior director analyst at Gartner.
five. Control automation. Organizations are increasingly more having a look to save lots of on prices relating to deploying units, as it’s an undifferentiated task inside of their aggressive environments, Hewitt says. Those functions permit an absolutely computerized deployment to happen briefly, this means that staff get units sooner and directors spend much less time on deployment.
6. Cellular utility control (MAM)-only beef up. Can the seller beef up a non-MDM deployment, the place an organization solely manages apps? “No longer each and every group can get all of its staff to sign up an MDM, for each privateness and technical causes,” Hewitt says. “MAM is a great possibility for privacy-minded staff, for the reason that group has no get right of entry to to their machine, simply company apps.”
The facility to supply standalone control of programs on unmanaged units, in addition to utility and information containment, is necessary, Wilson says. This comprises “functions to segregate or isolate non-public and company information,” he says.
7. Pricing. Pricing is at all times a key attention for any generation funding, particularly one that is affecting such a lot of customers. “Some UEM platforms can also be had for moderately low price if bundled with different [products] bought via the seller, or relying at the licensing style for positive instrument merchandise,” Hochmuth says.
“On the whole, search for a per-user pricing style versus a per-device pricing style, as maximum finish customers are having access to more than one units to do paintings and can want multiple machine controlled and secured,” Hochmuth advises.
eight. Regulatory compliance certifications. Providing certifications for projects such because the Federal Chance and Authorization Control Program (FedRAMP), which gives a standardized option to safety authorizations for cloud carrier choices, is necessary for presidency shoppers and others in regulated industries. Some organizations have distinctive necessities for compliance with laws such because the Normal Knowledge Coverage Law (GDPR), Well being Insurance coverage Portability and Duty Act (HIPAA), and FedRAMP, Hewitt says.
“Shoppers in executive and fiscal products and services most often search for these kinds of certifications, as a result of they check that the UEM in query has been examined and secured,” he says.
nine. Conditional get right of entry to. Can the UEM put in force conditional get right of entry to insurance policies throughout units, apps, networks, and many others? Conditional get right of entry to is the basis of any mobility technique, Hewitt says. It permits organizations to appear throughout a large number of prerequisites to come to a decision whether or not person staff can get right of entry to a useful resource. If any of the prerequisites are noncompliant, get right of entry to is blocked.
10. Reinforce for far flung environments. Many of us will proceed to make money working from home or different far flung places, no less than a part of the time, for the foreseeable long run. So it’s necessary that UEM platforms can beef up a far flung and hybrid staff. This allows IT directors to troubleshoot each conventional and cell endpoints in far flung places, making improvements to person enjoy and proscribing downtime for workers, Hewitt says.
13 key UEM distributors
The key gamers within the UEM marketplace are in large part the similar ones that experience held management positions within the MDM/EMM section. They come with one of the greatest instrument firms on the planet.
To get you began for your analysis, listed below are transient descriptions of the foremost platforms to be had. You’ll additionally obtain an in depth comparability chart appearing the options and purposes presented via 8 main EMM/UEM distributors.
42Gears: 42Gears UEM helps Android, iOS, MacOS, Home windows, and Linux, and is designed to make it more uncomplicated for enterprises emigrate from legacy platforms equivalent to Home windows 7 to an EMM-compliant model equivalent to Home windows 10. It gives a unmarried platform to control all endpoints, together with desktops/laptops, employee-owned units, IoT units, sensors and gateways, ruggedized units, wearables, and printers.
BlackBerry: BlackBerry UEM is a multi-platform device that gives machine, app, and content material control with built-in safety and connectivity, and is helping organizations set up iOS, macOS, Android, Home windows 10, and BlackBerry 10 units. Key options come with a unmarried person interface, safe IP connectivity, person self-service, role-based management, and corporate listing integration.
Cisco Meraki: Methods Supervisor, Meraki’s cloud-based UEM platform, supplies central provisioning, tracking, and securing of all endpoint units inside of a company, whilst conserving the endeavor community conscious about continuously converting units. The platform helps control of iOS, Android, Home windows, macOS, Chrome OS, and tvOS environments. The Meraki cloud dashboard permits configuration and tracking from a unmarried console.
Citrix: Citrix Endpoint Control (previously XenMobile) permits organizations to stock, set up, and safe a variety of machine sorts with a unmarried control console. Along with iOS and Android, Citrix supplies control and controls for Home windows 10, macOS, Chrome OS, skinny purchasers, and Workspace Hub machine sorts, the usage of XenMobile as its basis. It gives endpoint provisioning and configuration controls for machine enrollment, coverage utility, and get right of entry to privileges.
HCL Applied sciences: The seller’s BigFix 10 endpoint control platform permits organizations to completely automate discovery, control, and remediation of endpoint problems, without reference to location or connectivity. Options come with BigFix Insights, which shall we organizations briefly visualize dangers in addition to prices, and multicloud control, which provides directors 360-degree visibility, keep an eye on, and compliance enforcement of each cloud and on-premises endpoints.
IBM: IBM Safety MaaS360 with Watson is a cloud-based UEM platform that permits organizations to safe smartphones, drugs, laptops, desktops, wearables, and IoT units. Watson synthetic intelligence (AI) and predictive analytics supply signals to attainable endpoint threats and remediation to keep away from safety breaches and disruptions. MaaS360 protects apps, content material, and information.
Ivanti: Ivanti Unified Endpoint Supervisor is designed to simplify endeavor mobility, making use of insurance policies and personalization throughout all units. (Ivanti bought MobileIron, every other main EMM/UEM supplier, in 2020.) Firms can use the device’s synthetic intelligence to decide which customers and units get what form of get right of entry to. The platform helps Home windows, macOS, Linux, Unix, iOS, and Android working programs. Directors can accumulate detailed machine information, automate instrument and working device deployments, personalize workspace environments, and deal with person problems.
ManageEngine: ManageEngine Desktop Central, a UEM platform from the IT control department of Zoho Corp., is helping organizations set up servers, laptops, desktops, smartphones, and drugs from a central location. Enterprises can automate endpoint control routines equivalent to putting in patches, deploying instrument, and imaging and deploying working programs. The platform additionally supplies control of IT property and instrument licenses, far flung desktop keep an eye on, and instrument utilization tracking. It helps Home windows, macOS, Linux, Chrome OS, Android, iOS, iPadOS, and tvOS.
Matrix42: Matrix42 Unified Endpoint Control helps Home windows, macOS, Chrome OS, Android, iOS, and iPadOS and can also be accessed from the cloud, on-premises, or in a hybrid setting. The platform supplies automated deployment of units and programs, real-time stories and research on utilization, and get right of entry to keep an eye on for programs and delicate information. Knowledge is encrypted on cell units, and private and industry information are separated on BYOD units.
Microsoft: Microsoft Endpoint Supervisor comprises each Configuration Supervisor and Microsoft Intune, a cloud-native control device for Home windows and macOS desktops and cell units that gives MDM and MAM. Enterprises can configure explicit insurance policies to keep an eye on programs, equivalent to combating emails from being despatched to other people out of doors the group. On non-public units, Intune is helping be sure that a company’s information remains secure and will isolate group information from non-public information.
Sophos: Sophos Cellular helps the control of Home windows 10, macOS, iOS, and Android units, offering configuration and insurance policies, stock and asset control, and detailed reporting on machine utilization. Organizations can set up, take away and consider apps, use bins to control content material, supply compliance laws and remediation, and offer protection to in opposition to threats equivalent to malware and phishing.
SOTI: The SOTI One Platform permits firms to safely set up any machine or endpoint, together with IoT units, with any shape issue all the way through its whole lifecycle. Supported OSes come with Home windows 10, macOS, Linux, Android, iOS, iPadOS, Home windows Cellular, Zebra, and extra. The platform options SOTI Lend a hand, a diagnostic assist table device that shall we technicians analyze, troubleshoot, and unravel cell machine and app problems from any place at any time.
VMware: VMware Workspace ONE is a cloud-based platform for managing desktop, cell, rugged, wearable, and IoT units. It helps working environments together with Android, iOS, Home windows 10, macOS, and Chrome OS. The platform gives information coverage in opposition to safety threats with conditional get right of entry to and compliance insurance policies, with a Privateness Guard characteristic designed to control privateness insurance policies.
Comparable: Obtain our 2021 EMM/UEM supplier comparability chart
Copyright © 2021 IDG Communications, Inc.