1 Introduction
As mobile technology and infrastructure has evolved, businesses are seeking to improve productivity and efficiency by enabling employees to work from anywhere at any time using mobile devices to access enterprise applications and data as if they were in the office.
The introduction of 5G networks is set to take mobile working to even higher levels, but as the opportunities for business have increased, so have the opportunities for adversaries also seeking to take advantage of the new world of mobile working.
As the number of devices and threats have increased, with a growing number of employees seeking to use their personal devices for work purposes that has seen the introduction of bring your own device (BYOD) policies by many businesses, so has the need increased for enterprises to be able to manage these devices and to ensure that they are appropriately secured.
Traditional CMTs (Client Management tools), however, lacked the functionality and features required for a complete approach to endpoint management, and MDM solutions focused too narrowly on controlling mobile device functionality. Enterprise Mobility Management (EMM) solutions added mobile information as well as application and content management, but enterprises were still struggling to manage all the new types of devices and interactions within the corporate IT environment.
As a result, the market has seen the introduction of multiple mobile device management platforms that have gone through rapid evolutions in response to innovation by both the mobile technology manufacturers and the adversaries.
Given the complexity and growing number of different types of technologies involved in linking employees to corporate data both on-premise and in the cloud, mobile device management has gone through several iterations and approaches, with many enterprises now standardising on a Unified Endpoint Management (UEM) approach.
This approach enables enterprises to secure, manage and control desktop computers, laptops, smartphones, tablets, printers, IoT devices and wearables, as well as content and collaboration, in a connected, cohesive manner from a single management interface – the so-called “single pane of glass”.
UEM typically relies on the mobile device management (MDM) application program interfaces (APIs) in desktop and mobile operating systems.
A significant driver of the UEM approach was the adoption of newer enterprise friendly platforms like Windows10, Mac OS X, and iOS11. Microsoft's inclusion of MDM application programming interfaces in Windows 10, for example, made UEM practical on a large scale by enabling MDM software to access, secure and control the operating system and its applications.
Typical UEM platforms use APIs to enable enterprise IT teams to:
- Configure device VPN, email and Wi-Fi settings;
- Enforce passcode and access policies;
- Install patches and updates;
- Blacklist and whitelist applications;
- Remotely secure or wipe lost or stolen devices; and
- Add employee-owned devices to the platform.
In addition to Microsoft and Apple, vendors that support UEM include: IBM, VMware, Citrix, BlackBerry and MobileIron.
Despite wide support for the UEM approach, most UEM vendors find it challenging to keep pace with the continual updates to operating systems, new mobile capabilities and features, and new data protection and privacy legislation around the world. However, these challenges have been particularly well addressed by IBM with its MaaS360 offering, which includes built-in assistance backed by IBM’s cognitive computing capability as a key differentiator to boost user productivity and efficiency.