The concept of unified endpoint management (UEM) typically implies the convergence of mobile device and PC endpoint management under a single team and management platform. But as the types of devices employees use daily expands, wearables, augmented reality (AR) and virtual reality (VR) gear, smart connected assistants, and other connected, nontraditional endpoints that fall into the internet of things (IoT) are all now part of employees’ extended digital “workspaces.” Getting control over a diverse set of devices is a challenge well-suited for UEM platforms.
An Explosion of Smart, Connected IoT Devices
The proliferation of nontraditional, connected endpoints in enterprises is exploding. According to IDC’s 2019 Enterprise Mobility and Workspace Survey, more than two-thirds (67 percent) of enterprises plan to deploy “workspace IoT” technologies, such as conference room sharing, intelligent assistants and other smart, connected endpoints, over the next 12 to 18 months. Many of these initiatives are IT-approved and corporate-backed.
However, shadow IT is persistent, and there is a trend of BYOT or bring your own “things” when it comes to smart, connected devices as well. This could include the use of a consumer smart hub plugged in on a desk for streaming music, to internet-connected consumer appliances like coffee machines and smart lighting in break rooms and offices.
New types of end user IoT devices — wearables, in particular, such as smart watches and AR glasses and headsets — are also pushing boundaries in terms of management and security. The boon in products such as the Apple Watch and others like it — IDC saw shipments grow 31 percent from 2018 to 2019 — is causing teams responsible for mobile and device management to expand their thinking and realize the broadening attack surface across the workforce.
How UEM Can Help
From the position of IT, many organizations see UEM as a key technology for controlling and managing this new wave of workspace IoT gear. Among enterprises with UEM or enterprise mobility management (EMM) technology deployed, 65 percent said they are already using, or plan to use, these platforms to manage workspace IoT equipment, according to IDC’s workspace study.
UEM technology is especially adept at managing workspace IoT devices, as many of the connected devices coming into the workplace are based on mobile-oriented operating systems. Open-source Android variants power many workspace IoT devices as well as standard operating systems, such as Windows and Linux, which many UEM platforms can handle. These management platforms can implement policies around what types of applications and data the devices can access as well as geofencing — alerting if a managed “thing” leaves a specific physical space or area.
Over-the-air software updates and configuration management is another key role for UEM in workspace IoT. Automation in this area will be critical as the growth in endpoint types goes beyond what’s manageable for an enterprise IT department. UEM platforms can also provision secure Wi-Fi and virtual private network (VPN) connections to such devices to keep them isolated from other network endpoints and ensure sensitive data accessed by the devices is secure.
The urgency to manage and secure workspace IoT devices is driven by the sensitive data these devices can access or generate. From the perspective of smart glasses, use cases in medical, manufacturing and engineering fields involve the wearer accessing data and applications regulated by compliance mandates such as HIPAA or internal controls over highly valuable intellectual property. The headsets themselves are high-value — commercial Microsoft HoloLens gear starts at $5,000 per unit, for example — and require detailed location and usage monitoring.
Ruggedized mobile devices and handheld equipment is another category of devices that require strong management and security capabilities. Rugged device management is also well-suited for UEM; endpoints such as barcode scanners, point of sale (PoS) terminals, inventory tracking devices and other field-deployed handheld devices have been based on proprietary or nonstandard device operating systems in the past. These are rapidly being replaced by standard mobile operating systems, such as Android. IDC forecasts 25 percent growth from 2018 to 2023 for such devices worldwide.
Endpoint Management Should Evolve Alongside the Growth of Nontraditional Devices
One global pharmaceutical company witnessed an explosion of new connected device types in a short period. The firm, which had used IBM Security MaaS360 UEM to manage its traditional end user computing devices, began seeing business units (not IT) roll out technologies such as Microsoft SmartHubs in conference rooms, and wearables such as Google Glass in its warehousing facilities to help workers find products more quickly. The company’s large logistics operation also operates a fleet of Zebra barcode scanning devices for supply chain tracking and inventorying. All of the data moving across these endpoints is highly sensitive — from information about new drugs shared in conference room platforms to sensitive drug supply and location data across the company’s supply chain.
The firm says it saw as many as 2,000 new devices come onto the network in a single month. The flexibility of MaaS360 — a cloud-based UEM platform — allowed the company to quickly scale up management, security and monitoring of these new device types, right alongside the traditional iOS, Android and Windows devices typically managed by the platform.
Unified endpoint management platforms should be considered the management, security and provisioning hub for all types of end user computing technologies, beyond just smartphones, tablets and PCs. Having management functions and visibility across wearables, ruggedized endpoints, specialty devices and other connected IoT equipment can give a business greater operational visibility and situational awareness when it comes to security.
Program Director, Enterprise Mobility