Endpoint devices have become so ubiquitous, connected, and data-intensive that they are among the most valuable technology assets an organization has today. They’re also some of the biggest security risks. It’s no surprise, then, that managing the large and growing number of smartphones, laptops, tablets, desktops, and other end-user products is a high priority for IT.
For a growing number of enterprises, unified endpoint management (UEM) is the method of choice for keeping management of endpoints from descending into chaos. UEM platforms are designed to simplify the management of devices and enhance the security of heterogeneous environments.
Among the key selling points of UEM is that it’s preferable to using a multitude of disparate mobility management tools that can end up increasing costs and decreasing efficiency for companies.
UEM platforms are basically software suites that offer a single management interface for endpoint devices within an organization. The technology evolved from and in many cases is replacing mobile device management (MDM) and enterprise mobility management (EMM) tools.
MDM products control mobile device functionality and include features such as device enrollment, remote control, device lockdown, and location tracking; EMM provides those features as well as mobile information management, mobile application management, and mobile content management.
UEM broadens the enterprise management spectrum to include not only mobile devices, but also desktop and laptop computers, printers, wearables, and internet of things (IoT) devices via a single management console.
As more people work remotely or in hybrid work environments — in many cases using personal devices — and as more companies launch IoT and edge computing initiatives, UEM has become even more valuable for enterprises.
How to choose UEM software
Although UEM platforms from leading vendors might have a lot in common, no two offerings are completely alike. Enterprises need to do their homework when evaluating the options available — and it’s important to keep in mind that UEM is a relatively new technology concept that’s still evolving.
Given how important endpoint management is to an organization, it might be a good idea to conduct a proof of concept or a pilot test before committing to a broad rollout. Making a shift in vendors later in the process could be difficult and costly. Most major UEM vendors offer 30-day free trials of their software.
A pilot program is also a good way to determine which features and capabilities are most vital to the company. Testing out multiple platforms, if possible, provides a way to make direct comparisons.
10 criteria for choosing a UEM platform
When evaluating UEM options, be sure to pay particular attention to these key factors:
1. Operating system support. This gives a sense of the breadth of the UEM tool across Windows, iOS, macOS, Android, and Chrome operating systems, says Andrew Hewitt, a senior analyst at Forrester Research. “Enterprises are increasingly looking to satisfy the need for employee choice, especially when it comes to device operating systems,” he says. “The more a UEM supports, the more likely the enterprise can satisfy that need.”
Certain platforms support various operating systems with varying levels of granularity and features, says Phil Hochmuth, program vice president, enterprise mobility, at IDC. “Some vendors focus specifically on a certain operating system, such as Apple or Android,” he says.
2. Support for bring-your-own-device (BYOD) programs. This capability provides an indication of specific investments the UEM provider has made in iOS User Enrollment or Android Enterprise, Hewitt says.
“Because of shortages in devices over the past year, we’ve seen a rise in BYOD deployments,” he says. “The native enrollment models for BYOD from both Apple and Google provide a baseline of security in an easy-to-enroll fashion, making it much smoother for organizations to get devices into the hands of employees.”
3. Integration with other IT products. Partnerships a vendor has with other platforms used to support IT or end users in general is another key consideration. “How well does the UEM platform integrate with your ticketing system or your security information and login platform, or your endpoint security product?” Hochmuth asks. “Many of the larger vendors now offer you UEM along with other products such as these, and have strong integration stories there.”
4. Device security policies. Companies need to be able to set policies regarding things like jailbreaking, root detection, password setting, mobile threat detection, malware detection, anti-phishing, and so on, Hewitt says. “Because data now lives outside the four walls of the enterprise, ensuring device security for mobile devices is even more important,” he says. These types of features enable organizations to ensure that there is no compromise in mobile security.
Also important from a security standpoint is integration with identity and access management, remote access, and endpoint security tools “to support dynamic policy and contextual access as well as novel authentication methods,” says Dan Wilson, senior director analyst at Gartner.
5. Management automation. Organizations are increasingly looking to save on costs when it comes to deploying devices, because it’s an undifferentiated activity within their competitive environments, Hewitt says. These capabilities allow a fully automated deployment to occur quickly, which means employees get devices faster and administrators spend less time on deployment.
6. Mobile application management (MAM)-only support. Can the vendor support a non-MDM deployment, where a company only manages apps? “Not every organization can get all of its employees to enroll an MDM, for both privacy and technical reasons,” Hewitt says. “MAM is a good option for privacy-minded employees, because the organization has no access to their device, just corporate apps.”
The ability to provide standalone management of applications on unmanaged devices, as well as application and data containment, is important, Wilson says. This includes “capabilities to segregate or isolate personal and corporate data,” he says.
7. Pricing. Pricing is always a key consideration for any technology investment, especially one that affects so many users. “Some UEM platforms can be had for relatively low cost if bundled with other