What did information technology (IT) and security leaders do when they needed a simple, effective means to manage and secure their mobile devices — and provide secure access to enterprise data? They devised and implemented mobile device management (MDM) and enterprise mobility management (EMM) solutions.

But modern IT teams are responsible for accommodating a vast range of endpoints and enterprise use cases. They now need a platform that offers total visibility and control over their entire endpoint and mobile environment.

Fortunately, a unified endpoint management (UEM) solution delivers on the promise of bringing it all together under one management console: smartphones, tablets, laptops, desktops, wearables and the Internet of Things (IoT).

Watch the on-demand webinar: Announcing IBM MaaS360 with Watson — Business Dashboards for Apps & Cognitive Policy Recommendation Engine

UEM: Spot Your App Gap

With UEM’s all-encompassing support considered, it might seem to cover all the bases on the surface. However, there are two significant gaps that, if ignored, can hold organizations back from capturing its true benefits: inadequate visibility into the app deployment life cycle and lack of insight into real-world security policy recommendations.

It remains a challenge to discern which enterprise apps are being used and whether they are delivering a return on investment (ROI). For example, IT teams would love the answers to these common questions:

  • Which apps do mobile workers find useful?
  • How many individuals open the apps?
  • How long are apps being used?
  • Is an app update causing crashes?

With this sizable knowledge gap, IT teams are forgoing making informed decisions. They may be investing in all the apps equally — but, in actuality, one app may need more investment and resources while another may need to be decommissioned. These are the types of decisions that can be made when the right data is available to IT teams.

Configuration Confidence Goes a Long Way

Policy management is yet another fundamental component of a UEM solution where adequate guidance is lacking, and a large gap exists. If your IT team is like most, it relies heavily on internal collaboration to decide what goes into its security policy configurations.

There may be templates at your disposal, but they may be step-by-step, one-size-fits-all guides that aren’t geared toward your organization and its individual needs. There’s no clear-cut way to know what your peers are doing — or whether there are better methods and approaches you should be following.

Ideally, your UEM would give you an easy way to understand how to configure common policies, including:

  • Best practices you should consider when creating a passcode policy
  • How others in your industry have configured their secure corporate container
  • Various restrictions that a company of your size and within your region should enforce

Imagine a way to configure your policies with guidance that is dynamically presented every step of the way, catered to your organization and the size of your deployment. Whether you’re new to the game — or have been managing policies for years — a little confidence in your configurations goes a long way.

Overcoming UEM App and Policy Gaps

As both examples demonstrate, UEM does not offer a clear indication of whether your configurations are netting a positive impact — nor does it show whether they’re in alignment with best practices.

Luckily, innovation in the UEM market is helping to narrow the gaping gaps that exist in UEM. IBM MaaS360 with Watson, for example, has announced the availability of two new features that take these challenges head-on: Business Dashboards for Apps and Policy Recommendation Engine.

Graphs for Your Apps

With Business Dashboards for Apps, IBM MaaS360 UEM administrators gain robust app intelligence and reporting capabilities, which helps them understand the full assortment of enterprise apps deployed and a means to determine which ones need attention and prioritization.

Enterprise app analytics available via the MaaS360 UEM portal.

The dashboards are organized to help you get a full understanding of your enterprise app deployments across several key categories, including:

  • Installs: By platform, manufacturer and ownership
  • Usage: Installs, popularity and session length
  • Performance: Crashes, network requests and data usage
  • Trends: Six-month trends across usage and performance data

You can also apply filters across data sets to identify gaps and subscribe to reports that allow you to analyze data across specific apps or collections of apps.

Get It, Don’t Guess It

The Policy Recommendation Engine eliminates the guessing game that IT teams normally play when configuring their security policies with real-time cognitive templates based on industry, region and deployment size. As policies are being configured, recommendations will be dynamically displayed that clearly indicate how current inputs match up to peers. If administrators choose to apply the recommendations, they can do so with the simple click of a button.

Example of a Cognitive Recommendation displayed during MaaS360 passcode policy configuration process.

Watch the on-demand IBM Security webinar, “Announcing IBM MaaS360 with Watson: Business Dashboards for Apps & Cognitive Policy Recommendation Engine,” to see IBM MaaS360 experts demonstrate each of these new features. Experience a better way to manage your endpoints and mobile devices, and gain a better understanding about your app deployments, which could help you take an informed approach to policy management.

More from Endpoint

Patch Tuesday -> Exploit Wednesday: Pwning Windows Ancillary Function Driver for WinSock (afd.sys) in 24 Hours

‘Patch Tuesday, Exploit Wednesday’ is an old hacker adage that refers to the weaponization of vulnerabilities the day after monthly security patches become publicly available. As security improves and exploit mitigations become more sophisticated, the amount of research and development required to craft a weaponized exploit has increased. This is especially relevant for memory corruption vulnerabilities.Figure 1 — Exploitation timelineHowever, with the addition of new features (and memory-unsafe C code) in the Windows 11 kernel, ripe new attack surfaces can…

When the Absence of Noise Becomes Signal: Defensive Considerations for Lazarus FudModule

In February 2023, X-Force posted a blog entitled “Direct Kernel Object Manipulation (DKOM) Attacks on ETW Providers” that details the capabilities of a sample attributed to the Lazarus group leveraged to impair visibility of the malware’s operations. This blog will not rehash analysis of the Lazarus malware sample or Event Tracing for Windows (ETW) as that has been previously covered in the X-Force blog post. This blog will focus on highlighting the opportunities for detection of the FudModule within the…

Cybersecurity in the Next-Generation Space Age, Pt. 3: Securing the New Space

View Part 1, Introduction to New Space, and Part 2, Cybersecurity Threats in New Space, in this series. As we see in the previous article of this series discussing the cybersecurity threats in the New Space, space technology is advancing at an unprecedented rate — with new technologies being launched into orbit at an increasingly rapid pace. The need to ensure the security and safety of these technologies has never been more pressing. So, let’s discover a range of measures…

Backdoor Deployment and Ransomware: Top Threats Identified in X-Force Threat Intelligence Index 2023

Deployment of backdoors was the number one action on objective taken by threat actors last year, according to the 2023 IBM Security X-Force Threat Intelligence Index — a comprehensive analysis of our research data collected throughout the year. Backdoor access is now among the hottest commodities on the dark web and can sell for thousands of dollars, compared to credit card data — which can go for as low as $10. On the dark web — a veritable eBay for…