The “2018 Forrester Wave: Unified Endpoint Management, Q4 2018” has arrived. Although this is the first-ever Wave to cover this segment, unified endpoint management (UEM) is already ubiquitous.

For any I&O pro well-versed in the world of mobile device management (MDM) and enterprise mobility management (EMM), UEM is the next phase of the evolution. It’s being touted by analysts and insiders alike.

But for the uninitiated, what is UEM?

Forrester defines UEM as: “Products that provide a centralized policy engine for managing and securing employee laptops and mobile devices from a single console.”

In short, a UEM platform is one that converges client-based management techniques with MDM application programming interfaces (APIs). With the workforce — and the operating systems (OS) supporting it — becoming increasingly mobile, going the traditional route of placing Windows PCs, Apple Macs, and smartphones and tablets in separate silos hinders productivity. It’s not uncommon for workers to use up to three device types a day to complete their work. Managing each of those via disparate platforms provides a fractured view of the user, increases expenditures and consumes more IT support resources than necessary.

Read the report

Analyzing the Analysts: Breaking Down the 2018 Forrester Wave

In the inaugural 2018 report, Forrester found that I&O professionals are geared toward finding the most comprehensive management and security platforms for all OSs. These platforms not only perform the functions of a typical CMT or EMM tool, but also include additional controls for managing the end users themselves — identity and access management (IAM), mobile threat detection (MTD), and a wide range of supported OSs.

In short, it is Forrester’s opinion that UEM is critical to strike the balance between security and employee experience. Employees want anytime, anywhere access to mission-critical data — such as email and internal applications — but this cannot compromise data security.

This move toward a wholly mobile workforce could be due to the advent of Windows 10. In this year’s Wave Report, Forrester found that 47 percent of global IT decision-makers report implementing a UEM thanks to Microsoft’s simplification of Windows 10 management. Sixty percent of respondents also agreed with the statement that “we will manage Windows 10 devices with the same tools we use to manage mobile devices.”

Digging Into the Vendor Scorecard

The vendor landscape in 2018 has remained constant, but the platforms have made significant advancements. It is an evolution driven by four key differentiators Forrester defines:

  1. Support traditional and modern management techniques.
  2. Offer contextual IAM.
  3. Use analytics to help guide decision-making.
  4. Effectively serve the needs of highly regulated customers.

This year’s report evaluates 12 vendors against 28 criteria across Forrester’s typical categories:

  • Current Offering — Key criteria include OS support, update management, enterprise app store and more.
  • Strategy — Overall growth, road map execution and product vision.
  • Market Presence — Client base, devices-under-management and revenue.

The group of 12 was selected by having mind share among Forrester enterprise clients, among other factors. This indicates that moving forward, solutions offering this holistic, UEM approach will be the standard as providers continue to enhance and innovate their respective platforms.

How IBM Stacks Up: Top Score in Current Offering

So, where did IBM land in the first-ever Forrest UEM Wave? Consistent with past reports related to the industry, IBM’s MaaS360 with Watson was positioned as a Leader. And IBM’s MaaS360 received the highest score in the Current Offering category in the evaluation.

As mentioned, Forrester defines a leading UEM platform as one incorporating analytics, threat detection, identity and access management, and robustness of OSs supported. Let’s dive into some of our key takeaways around how IBM fits those criteria.

Isn’t It MaaS360 with Watson?

MaaS360’s integration with Watson delivers Advisor for cognitive analytics to notify IT administrators in real time of potential risks to their environment, from old OSs to malware that may affect enrolled devices and users.

Threat Detection is the Name of the Game

IBM’s MaaS360 bakes in the ability to detect and automate remediation of threats at the device, app and network levels — everything from jailbroken or rooted machines to malicious applications. Furthermore, MaaS360 has teamed up with Wandera to deliver visibility, policy and protection that satisfies the modern requirements of chief information officers (CIOs) and chief information security officers (CISOs).

Identity Is Integral to UEM

IBM’s MaaS360 provides out-of-the-box IAM capabilities, as well as integration with third-party identity providers, to allow organizations already working with an IAM provider an enhanced experience.

It’s Not Just a Smartphone and Tablet World

MaaS360 is device-agnostic, and it is now operating system-agnostic as well. Be it legacy Windows, Windows 10, iOS, ChromeOS, or any flavor of Android across ruggedized, standard, and Internet of Things (IoT) devices, MaaS360 is there to support.

Check Out the Report for Yourself!

The goal of a strong unified endpoint management platform is simplifying management, enhancing security and providing a positive end-user experience. IBM is proud to be recognized as a Leader in this space, but don’t just take my word for it. Download the report to learn for yourself why many in IT and security have turned to UEM for their device and user management needs.

Read the report

More from Endpoint

The Needs of a Modernized SOC for Hybrid Cloud

5 min read - Cybersecurity has made a lot of progress over the last ten years. Improved standards (e.g., MITRE), threat intelligence, processes and technology have significantly helped improve visibility, automate information gathering (SOAR) and many manual tasks. Additionally, new analytics (UEBA/SIEM) and endpoint (EDR) technologies can detect and often stop entire classes of threats. Now we are seeing the emergence of technologies such as attack surface management (ASM), which are starting to help organisations get more proactive and focus their efforts for maximum…

5 min read

X-Force Identifies Vulnerability in IoT Platform

4 min read - The last decade has seen an explosion of IoT devices across a multitude of industries. With that rise has come the need for centralized systems to perform data collection and device management, commonly called IoT Platforms. One such platform, ThingsBoard, was the recent subject of research by IBM Security X-Force. While there has been a lot of discussion around the security of IoT devices themselves, there is far less conversation around the security of the platforms these devices connect with.…

4 min read

X-Force Prevents Zero Day from Going Anywhere

8 min read - This blog was made possible through contributions from Fred Chidsey and Joseph Lozowski. The 2023 X-Force Threat Intelligence Index shows that vulnerability discovery has rapidly increased year-over-year and according to X-Force’s cumulative vulnerability and exploit database, only 3% of vulnerabilities are associated with a zero day. X-Force often observes zero-day exploitation on Internet-facing systems as a vector for initial access however, X-Force has also observed zero-day attacks leveraged by attackers to accomplish their goals and objectives after initial access was…

8 min read

Patch Tuesday -> Exploit Wednesday: Pwning Windows Ancillary Function Driver for WinSock (afd.sys) in 24 Hours

12 min read - ‘Patch Tuesday, Exploit Wednesday’ is an old hacker adage that refers to the weaponization of vulnerabilities the day after monthly security patches become publicly available. As security improves and exploit mitigations become more sophisticated, the amount of research and development required to craft a weaponized exploit has increased. This is especially relevant for memory corruption vulnerabilities.Figure 1 — Exploitation timelineHowever, with the addition of new features (and memory-unsafe C code) in the Windows 11 kernel, ripe new attack surfaces can…

12 min read