By Bob Violino
Unified endpoint management (UEM), a strategic approach that unifies and centralizes the way enterprises manage their deployed devices, is finally becoming a reality.
Over the past decade, enterprise mobility platform vendors have been evolving mobility management tools from simple mobile device management (MDM) through mobile application management (MAM) and enterprise mobility management (EMM) into UEM, which encompasses phones, tablets, PCs, and even IoT devices. The market has arrived at the point where companies can use the latest mobility software to manage their mobile environments in perhaps the most comprehensive and effective way ever.
“A few key vendors have made UEM technically possible, with solutions mature enough to support enterprise-level UEM deployments,” says Andrew Hewitt, an analyst at Forrester Research. Those vendors include VMware, Microsoft, IBM, Citrix, and MobileIron, which can all technically manage the main mobile operating systems, Hewitt says. VMware and Microsoft have the most customers using their offerings for full UEM, he adds.
“We’ve even seen some larger companies successfully move to a fully unified model, inclusive of Windows 10 management,” Hewitt says. “It’s no longer just vendor and analyst driven.”
However, “there are still notable gaps in many of the vendors, in particular with macOS and Windows,” Hewitt says. “The vast majority of companies are still using multiple management platforms, with less than 5% actually using UEM.”
Many of the mobile platform providers are partnering with hardware OEMs such as Dell and Lenovo to develop joint solutions leveraging UEM software, Hewitt says. One example is the Dell Unified Workspace, which he says essentially enables IT teams to automate the provisioning of PCs. “That’s been a huge area of interest for our clients,” he says.
Interest in UEM is being driven by a need to embrace a more modern endpoint management approach, says Adam Holtby, a research analyst at Ovum.
Companies want a more streamlined, centralized, consolidated, and better-integrated technology platform for mobility, and this will drive
investment in UEM capabilities, Holtby says. The interest in UEM signals an intention to move away from the traditional management divide of fixed and mobile devices, he says.
“The ability to create and enforce one policy across the enterprise has become critical,” Holtby noted in a November 2018 report on enterprise mobility trends. “The use cases are becoming better understood, but the pathway to a more modern and unified endpoint management approach is one that remains complex.”
Research firm Gartner thinks it will be three to five years
before most organizations with enterprise mobile platforms truly accomplish the transition to UEM. That is due to the complexity in updating staff skills and business processes and in preparing existing technology — especially legacy applications or those developed in-house — for deployment in a UEM model, says Chris Silva, research vice president at Gartner.
“The transition to UEM tools, specifically the consolidation of PC and mobile management to a single tool, is still taking shape,” Silva says.
One mobile platform provider, Microsoft, has shifted its messaging in this space over the last year to emphasize a “co-management” approach, in which Microsoft’s traditional client management tool System Center Configuration Manager (SCCM) configures and manages devices, with Microsoft Intune UEM providing some additional management of the same device, Silva says.
Integration with third-party UEM tools, which Microsoft calls “co-existence,” results in SCCM going into a state where it can take no action on a device beyond imaging the device and providing a feed or inventory information to the third-party UEM, he says. That approach might face some challenges going forward due to the need for a Microsoft tool such as Intune to be present to help enable conditional access to Microsoft resources such as Exchange and SharePoint, Silva says. That could slow the migration for companies that are not all-in on Microsoft, he says.
Indeed, many Gartner clients are tapping the brakes on their move to UEM, Silva says. Some of those organizations that had planned to be “all UEM by 2020 are realizing that this approach invites a lot of additional work” such as modernizing applications and changing deployment processes, Silva says.
“It’s not that they’re backing off [UEM] entirely, but they’ve reassessed their approach and timeline. And in many cases [they] have given themselves extra time to get to UEM, realizing that a hard cut-over from traditional and key process steps like imaging a PC are not supported natively in many UEM tools.”
As with any workplace mobility initiative, Ovum’s Holtby says, a UEM initiative benefits from being championed by a centralized steering group or center of excellence that can help businesses realize value. IT needs to involve all major business units as part of this group.
Forrester’s Hewitt says the costs of mobility management platforms has remained relatively stable, with some decline for commodity mobility management features, especially as these platforms continue to embrace Android Enterprise as a standard. At the same time, “vendors have been increasing prices for UEM-like features [such as Windows 10 management] and other items like analytics,” he says.
In terms of expanding mobile platform capabilities, feature additions at this point are largely minor “fit and finish” enhancements to handle specific capabilities or use cases for particular customer groups,” Silva says.
Gartner is seeing renewed interest from the endpoint management vendors on workplace Internet of Things (IoT), adding support for managing Raspberry Pi devices that might do anything from running a lightweight desktop thin client to acting as a DNS server or a smart appliance, Silva says.
Apple’s tvOS has also seen broader support among the platform vendors over the past year, and many might be looking to Amazon Alexa-enabled devices as the next frontier for workplace IoT, Silva says.
One expanding area of focus for mobility management platforms is analytics for functions such as app usage and security, Hewitt says. “Companies are looking for greater analytics to help guide mobility management decisions,” he says.
There’s a big focus on behavioral analytics for security reasons, Hewitt says. “Being able to baseline user behavior and track it for potential anomalies is a big target area,” he says. “Citrix has been doing this. There’s also a focus on end-user experience, usually on application usage and adoption. VMware has been doing this.”
Another area for analytics is coming from third parties such as Nexthink and Lakeside. “They do end-user experience analytics, looking at performance of devices and apps with the goal of quantifying and tracking end-user experience over time,” Hewitt says.
Another trend is toward browser-isolation technologies, which enable unmanaged devices to access software-as-a-service (SaaS) or other enterprise cloud services, Hewitt says. “We’ve also seen companies looking to use MDM-managed phones as a second [authentication] factor for [logging into] PCs and Macs,” he says.
As for what’s coming down the pipeline, “we’re starting to see more integration of dedicated threat detection capabilities for both mobile and desktop,” Hewitt says. “Mobile is farther along, but some vendors are starting to embed this for [desktop] client security too.”
Copyright © 2019 IDG Communications, Inc.