Breaking Down Gartner’s 2019 Critical Capabilities for Unified Endpoint Management (UEM) Tools

October 23, 2019
| |
5 min read

Business begins at the endpoint. Cheap puns aside, nearly all business processes, from employee collaboration to customer interaction, require the use of endpoints, whether they be smartphones, tablets, kiosks or virtual reality (VR) headsets. In this increasingly connected world, each of these endpoints align with complex use cases that have quickly gone from niche or enterprise-specific to commonplace for most modern businesses.

In its “2019 Critical Capabilities for Unified Endpoint Management (UEM) Tools” report, Gartner laid out four distinct capabilities to consider when developing a UEM strategy:

  1. PC management
  2. Nontraditional device management
  3. Highly secure and regulated industries
  4. Unmanaged devices/bring-your-own-device (BYOD)

Let’s dissect each of these use cases in detail and offer perspectives surrounding the criteria used to score UEM vendors under each one.

Download the report

PC Management Gets Modernized

The single use case that may not seem to fit the mold of “niche to commonplace” is PC management. Ultimately, the need to manage PCs has been widespread for nearly two decades, but as this writer sees it, Gartner did not outline the future of client management tools (CMTs) in this report — rather, it highlighted how organizations will look to migrate from a CMT to manage all devices via UEM in “three to five years.”

Many of the critical capabilities necessary for a UEM platform to score high in this use case revolve around the breadth and depth of functions directly related to the control of the most common PC operating systems: macOS and Windows 10. Not only is it imperative for a UEM solution to be capable of replicating traditional Windows management tasks such as patch and life cycle management, it is just as vital to support the modern management of macOS, Windows and Chrome OS — controlling native APIs and pushing policy configurations.

We believe PCs, however, are not — as this report illustrated — the only endpoints expanding the overall management scope. In fact, the next critical capability is explicitly stated to be a break from the typical.

Forming New Traditions: Nontraditional Device Management

As far as device management goes, the industry began with the management of smartphones and tablets. Endpoint management — which is quickly becoming synonymous with device management — revolved around PCs. But even far outside of the corporate environment, the world at large is undergoing a digital transformation. Anywhere a screen can exist, one will exist. As such, be it a factory floor monitoring system or a shared device in a laboratory clean room, the internet of things (IoT) is an ever-growing ecosystem. No longer can we joke about connected toasters when the reality is that most major enterprises are adapting “things” for just about any purpose.

To add to the urgency of securing and managing IoT devices, consider that Gartner reported that, this year, 2019, will see 14.2 billion connected “things.” With that in mind, what are the critical functions a UEM solution must be able to support when it comes to nontraditional devices?

The answer is broad, ranging from the ability to manage Google Chromebooks and wearables to rugged, special purpose or kiosk devices locked into specific configurations. A nontraditional device can be any of the above and include desktop Linux and server endpoints. It is a category that will, according to Gartner in the “2019 Critical Capabilities for Unified Endpoint Management Tools,” grow to 21 billion devices by 2021.

This can bring about management headaches, especially when it comes to high-security use cases or in highly regulated industries. With that, let’s explore the next use case.

Opening the Vault on Highly Secure and Regulated Industries

Government, finance and healthcare. When thinking in terms of high security, these are no doubt the industries that most often come to mind. But as this writer understands it upon reading Gartner’s report, these use cases can cover everything from government operations and healthcare data to retail and the safeguarding of intellectual property in highly competitive spaces.

This being the case, a UEM provider must be able to produce evidence, such as government certifications and awards, that reflects its ability to support strict protection rules and legal compliance. Outside of the isolation of sensitive apps and data through wrapping or containerization, additional capabilities Gartner recognized as important to this use case range from geofencing and strong authentication to threat defense and attack surface reduction.

Additionally, identity and access management (IAM) tools are specifically outlined as a useful security component found out of the box in a growing number of UEM solutions. Beyond high-security use cases, in fact, IAM lends itself well to the final use case in Gartner’s report: unmanaged and BYOD devices.

Getting Personal and Learning to Share: BYOD and Unmanaged Devices

As every human on the planet quickly becomes equipped with a smartphone, tablet, laptop and smartwatch, infrastructure and operations (I&O) professionals must keep up with employee demand when it comes to using these personal devices for work purposes.

The BYOD use case, as defined by Gartner, puts forward the need for UEM vendors to support data- and app-centric security with minimal focus on the device itself. This ultimately means that content and application management, as well as identity and access management, become foundational building blocks of an effective BYOD/unmanaged device program.

If a device cannot accept a management agent or the user refuses to allow their device to be managed, the next step is to control access to corporate data. Especially on a personal device, it is not important what the user does on the personal side of the device, as long as a conditional access policy is in place to limit the ability of a risky user to view and interact with sensitive data and corporate applications.

Device manufacturers themselves are beginning to expand this trend through the implementation of programs aimed at eliminating the need for a privileged identity management (PIM) container or an additional application to be installed once a device is enrolled in a UEM program. Examples of this include Apple’s newly released User Enrollment and Google Android’s Profile Owner and Device Owner modes.

BYOD and unmanaged device use cases, similar to the previous three, are pervasive in that they can apply to all industries and company sizes. The difference in this final use case is that while PC management and nontraditional devices typically pertain to a corporate-owned environment and high-security use cases are most often entrenched in the purpose of a business itself, BYOD is largely an outside risk. It is based on the trust placed in employees and requires a flexible but robust UEM solution to support it.

Get Critical With UEM From IBM

IBM was recognized in the 2019 Gartner Critical Capabilities for Unified Endpoint Management Tools for its IBM Security MaaS360 solution. MaaS360 has been helping customers solve complex endpoint and mobility challenges for over a decade, and in this writer’s view, satisfies all four of these use cases.

Beginning with PC management, IBM feels it is integral for a UEM platform to support the migration from traditional CMTs to a UEM platform as the largest deployment of devices in most organizations are PCs, making the effective, granular management of such machines imperative. MaaS360 supports these efforts via native PC management controls coupled with CMT migration features aimed at allowing organizations to move from co-existence to an eventual single console approach.

Speaking on high-security use cases, Gartner further explains what contributed to IBM’s score. As this writer understands it, MaaS360’s focus on bolstering native security capabilities and obtaining special certifications such as the US government’s FedRAMP program, have led to increased adoption in regulated industries.

Beyond this, MaaS360 has proven an effective platform for non-traditional and BYO devices, as demonstrated in a recent Fortune 500 pharmaceutical case study, where a client used MaaS360 to manage over 80,000 endpoints, many of them nonstandard, employee-owned, or IoT devices. Furthermore, IBM was recently named a Leader in the “2019 Gartner Magic Quadrant for Unified Endpoint Management Tools,” being positioned furthest for completeness of vision among analyzed vendors.

To learn more about how IBM compares to the rest of the market in the 2019 Gartner Critical Capabilities for UEM Tools, please download your copy here!

Download the report

 

Gartner, Critical Capabilities for Unified Endpoint Management Tools, Chris Silva, Rich Doheny, Bryan Taylor, Rob Smith, Manjunath Bhat, 10 October 2019

Gartner, Magic Quadrant for Unified Endpoint Management Tools, Chris Silva, Manjunath Bhat, Rich Doheny, Rob Smith, 6 August 2019

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

Ryan Schwartz
Product Marketing Manager - Mobile Security

Ryan is a product marketer but has spent the better part of his 2+ years with IBM as a seller, working directly with the market to understand how IBM can bes...
read more