What are the four big challenges IT admins face when managing enterprise mobility, and how does unified endpoint management (UEM) help?
What Is UEM?
“UEM solutions provide a holistic and user-centric approach to managing all endpoints by combining traditional client management of desktop and PC systems with a modern enterprise mobility management (EMM) framework.”
1. Manage Off Network
Legacy tools do not adequately support remote users and mobile workforces. It’s not easy managing devices that aren’t on the corporate network, and because of that, IT faces serious security risks and higher costs.
For example, operating system (OS) patching presents major pain points for remote workforces, like sales and field service teams. With a major OS-level exploit, like WannaCry, patches must be rolled out to all affected Windows PCs as soon as possible to prevent exploit.
It takes an average of 6 MONTHS OR MORE to patch at least half of a company’s PCs. Blame it on off-network devices.
Click to Tweet
However, internal VMware research (2017) revealed that, on average, for organizations patching 50 percent or more of their PCs, it takes six months or more to complete. Why? Increasingly, folks are off network, and with the rise of cloud services as a main computing platform, employees VPN into the network less and less.
With UEM, IT keeps all endpoints—in the office, remote and in the field—up to date and compliant with the latest patches and corporate policies with minimal IT involvement. VMware AirWatch leverages communication between the device agent and the cloud to push patches, configurations, policies and even large Win32 software packages over the air by IT.
2. Ensure Consistency
To manage mobile, desktop, rugged and purpose-built devices, IT typically works in silos with disparate tools. This disjointed management leads to higher costs and inconsistent security across platforms.
- PC Management Silos: Windows PC management teams, by and large, used the same tools and processes for years.
- Mobile Management Silos: In the past several years, mobile teams managed iOS and Android devices with mobile device management (MDM) and enterprise mobility management (EMM) tools.
- Mac Management Silos: Now that companies across industries use Macs more often, Mac IT specialists use another set of tools.
- Rugged & IoT Management Silos: Today, rugged device and Internet of Things (IoT) projects are emerging, often within the line of business, requiring yet another management platform.
With UEM, IT can use one, unified toolset to consistently manage any endpoint and any app—from mobile-cloud to desktops and even IoT. When evaluating UEM solutions, it’s important to ensure the solution encompasses not only today’s platforms but also those on the roadmap for the future.
However, unification for unification’s sake is not necessarily a win for IT. When migrating from legacy solutions, ensure the UEM solution offers the necessary depth of management for all platforms.
For example, when moving Windows PC management to UEM, ensure the UEM solution supports all management tasks, controls and policies. Bridging existing Windows Group Policy Objects (GPOs) to mobile management APIs is an essential for all Windows shops, but that only covers policy. Other processes, like onboarding, configuration, patching, software distribution, security management and retirement all need to be accounted for, as well.
3. Gain Full Visibility
The threat landscape evolved from mischief to targeted cybersecurity attacks. Typically, though, IT lacks endpoint and app visibility, requiring users to proactively and securely manage their own enterprise devices.
This is because PC management and security strategies are historically shaped by traditional perimeter-defense mechanisms (i.e. firewalls) and on-premises management tools that require the device to be connected to the company network. That makes remote users even more vulnerable, given it takes a long time to identify security incidents (200 days on average), remediate threats (80 days on average) and keep devices up to date and compliant.
This new age of cybersecurity requires end-to-end security, which establishes user trust; hardens the OS defense against new threats and provides work and personal data separation to protect company data at rest, in use and in transit. This approach should be independent of whether the device is on or off company premises.
One of the strongest value propositions for UEM: The ability to monitor the endpoint state and act on non-conforming devices as warranted.
UEM includes cloud-based push management capabilities that are agnostic of domain and network dependencies, for real-time visibility, compliance and endpoint remediation. For example, by leveraging UEM across mobile and desktop PCs, VMware IT reduced the average time to identify and contain security incidents, projecting $4.6 million in cost savings.
4. Support Self-Service
Often, locked-down devices offer little to no self-service for end users. For users, this means a poor experience, and for IT, this means high support costs.
For example, in the desktop world, everything from a password reset or recovery (20–50% of tickets), to new software installation (12% of tickets) and troubleshooting VPN connectivity issues (15% of tickets), is an additional help desk call and user downtime. Today, PC users experience 12 hours per year of average downtime waiting on IT for these and other tasks, such as new device requests, OS deployment and migration.
PC users experience a yearly average of 12 HOURS OF DOWNTIME waiting on IT.
Click to Tweet
UEM offers a consumer-simple, self-service experience to end users. With out-of-the-box onboarding of new PCs, a user can pretty much pick up a new device, power it on and, in a few clicks, have it fully configured for work. Users can then self-service password reset, remote wipe a lost or stolen device and even recover their encryption keys without having to wait on IT.
As organizations increasingly deploy a mix of apps to users, UEM also delivers a unified catalog for self-service access to any app—from the latest mobile-cloud apps to legacy enterprise apps—across any device. Moreover, one-touch, single sign-on (SSO) access removes the need for complex logins and remembering multiple passwords.
More Modern IT & More Efficient End Users
Enterprise mobility creates unprecedented opportunities and challenges for IT and business leaders. Without UEM, these challenges pose significant business risks, including higher costs and lower security.