For years the buzzword war between mobile device management (MDM) and enterprise mobility management (EMM) has raged on: Which is better and why, and how do these software solutions fit into the mobile security policy of your business?
But now there’s a new acronym in play, one that’s been evolving for a few years: Unified Endpoint Management (UEM). Unlike the subtle differences between EMM and MDM, however, there’s a distinct difference with UEM — and it’s something worth paying attention to.
What Are the Choices?
To zoom back a little, MDM and EMM are tools that manage mobile devices. On-premises or cloud-based, they represent your first and most important tool for managing security and configuration of mobile devices.
At the same time, a different class of tools has been popular for managing Windows desktops and laptops. Generically called desktop management or client management tools, these products have more or less the same focus: configuration settings, security controls, and patch and update management, along with reporting.
Why You Need an Incident Response Playbook
Get this free guide on how to respond to mobile security breaches — or thwart them altogether. Download Now
Because the world of Windows is so different from the world of mobile devices, these two classes of tools have taken parallel but entirely separate paths through most enterprises. Some of that is because the teams are different — desktop and laptop support may be handled by a different team than mobile device support — but a lot of it is due to fundamental differences in the underlying technology. For example, the whole concept of Group Policy Management, though so important in Windows, has no real analog in mobile devices.
Streamlining Security Solutions
While the basic ingredients are very different, the sauces end up tasting very similar: Both classes of tools help enterprise teams manage the configuration and security of their end-user devices. And this is where UEM is coming from — the idea that we can abstract out these important concepts of configuration, patching, security settings and reporting, and have a single tool that handles both.
Why is this interesting? Well, as mobile devices get a lot more important to enterprises, bringing with them the need for enhanced security, it’s important to keep things synchronized. It doesn’t make sense to manage different patching policies for Windows and Android phones, and if you have them both in the same console, then you can easily see if there’s any divergence and manage it appropriately. That’s the idea behind UEM, which brings all of the endpoint devices together into a single pane of glass that simplifies the process and provides what enterprises need to manage across all their operating systems. When mobile devices become as important to enterprise users as their desktops and their laptops, they need to have the same attention to detail, both on the control and the reporting side.
Moving Forward With UEM
The changes that Microsoft made in Windows 10 have greatly helped to enable UEM. Microsoft has built in and documented more powerful device management protocols and moved some features from complicated group policies to a more standalone MDM-style policy management. And, with their runaway success of Azure-based services such as Office365, they’ve unbolted the Windows desktop from a behind-the-firewall LAN environment and made it more mobile-friendly. All of this has helped UEM vendors to narrow the management and technology gap between Windows and other mobile operating systems.
At the same time, mobile operating systems are moving toward enterprise-friendly management tools. Samsung’s latest Knox SDK, used by UEM vendors to manage Samsung phones, contains new and extended controls for firewalls, virtual private networks (VPNs), encryption and secure boot — all basic components needed in an enterprise-wide client management system.
The move to UEM will be a mix of real product shift and marketing hype. But the change is happening sooner or later following the “evolve or die” rules of the IT world, and this is a big win for enterprise desktop and mobile device management teams. Look for the buzzword — and eventually the software — to help bring technology in alignment with the wave of mobile devices that are augmenting, and displacing, traditional Windows desktops and laptops.