When it comes to Windows device management, PC administrators have traditionally relied on tools that use agent-based technology to deliver security. Beyond laptops and desktops, IT teams have long had access to mobile device management (MDM), which enables simple and robust administration of smartphones and tablets. Helping IT bridge the gap across all device form factors, Microsoft built application programming interfaces (APIs) into Windows 10 that allow security teams to manage laptops and desktops the same way they’ve managed smartphones and tablets for years.

With Windows 7’s end of life (EOL) set for 2020, Windows 10 is the Microsoft operating system (OS) of the future. Organizations that haven’t completed their migration will soon have to make the move. As you transition your laptops and desktops, you also need to continue supporting legacy platforms. Fortunately for IT, it is possible to achieve this goal, and there are different ways of getting there beyond a traditional Windows MDM.

Windows Device Management Made Easy

IT’s habitual reliance on point solutions is cumbersome, costly and outdated. It’s important to invest in a solution that can manage all devices from a single console.

That’s why the traditional Windows device management solutions that IT admins have used for years are evolving to fit the needs of today’s IT landscape. What was simply MDM is becoming unified endpoint management (UEM), giving security teams an all-encompassing solution for devices, applications and content. In fact, IDC estimated that two-thirds of Windows 10 PCs and tablets will be managed via UEM by 2019.

View the infographic: Managing Microsoft Windows 10

Much like the capabilities for iOS and Android, Microsoft’s APIs make Windows 10 management comparable in its functionality and deployment. The integration between the APIs and UEM solution enables security teams to:

  • Manage devices using MDM APIs and agent-based techniques.
  • Streamline deployment by shipping hardware running Windows 10 to users without imaging.
  • Roll out over-the-air (OTA) updates to security and networking configurations.
  • Consolidate post-deployment management of Windows 10 and legacy systems.
  • Integrate with Microsoft stores for new apps and legacy software, such as Win32 apps.

Although UEM solutions make device, user and content management much easier than before, it is vital to consider how you can secure your Windows environment. The Windows 10 APIs now leverage policy-based security controls much like iOS and Android, giving you more consistency across all platforms.

Bolt Your Doors and Lock Your Windows Devices

According to Forrester, 53 percent of global enterprise infrastructure decision-makers cited security and privacy as key reasons to upgrade to Windows 10. Many Windows-based security and management functions that were only supported by group policy objects (GPOs) now have API support, bridging the management gap that once existed.

UEM solutions allow organizations to leverage Windows 10 APIs to establish the same device and app security policies across laptops and desktops as they have for smartphones and tablets. With this technology, security teams can:

  • Enforce encryption across operating systems and apps.
  • Locate, lock or wipe devices remotely.
  • Configure passcodes and other security policies.
  • Whitelist or blacklist apps.
  • Institute Windows Information Protection (WIP) for data loss prevention.

View the infographic: CMT vs. MDM/EMM — Who Will Win?

Bringing It All Together

IBM MaaS360 with Watson offers a combination of traditional client management and modern API management that can enable you to manage all Windows devices in one place. For example, you can manage a Windows 10 laptop by using the Windows MDM APIs to lock, locate and wipe the device, and a MaaS360 agent for patching and software management.

By adding the management capabilities of traditional MDM to Windows 10 APIs, your IT team can keep track of all its devices more effectively and efficiently. Gone are the days where you have to use multiple tools to achieve the same functionality as a UEM solution.

Register for a 30 day free trial of IBM MaaS360

More from Endpoint

Patch Tuesday -> Exploit Wednesday: Pwning Windows Ancillary Function Driver for WinSock (afd.sys) in 24 Hours

‘Patch Tuesday, Exploit Wednesday’ is an old hacker adage that refers to the weaponization of vulnerabilities the day after monthly security patches become publicly available. As security improves and exploit mitigations become more sophisticated, the amount of research and development required to craft a weaponized exploit has increased. This is especially relevant for memory corruption vulnerabilities.Figure 1 — Exploitation timelineHowever, with the addition of new features (and memory-unsafe C code) in the Windows 11 kernel, ripe new attack surfaces can…

When the Absence of Noise Becomes Signal: Defensive Considerations for Lazarus FudModule

In February 2023, X-Force posted a blog entitled “Direct Kernel Object Manipulation (DKOM) Attacks on ETW Providers” that details the capabilities of a sample attributed to the Lazarus group leveraged to impair visibility of the malware’s operations. This blog will not rehash analysis of the Lazarus malware sample or Event Tracing for Windows (ETW) as that has been previously covered in the X-Force blog post. This blog will focus on highlighting the opportunities for detection of the FudModule within the…

Cybersecurity in the Next-Generation Space Age, Pt. 3: Securing the New Space

View Part 1, Introduction to New Space, and Part 2, Cybersecurity Threats in New Space, in this series. As we see in the previous article of this series discussing the cybersecurity threats in the New Space, space technology is advancing at an unprecedented rate — with new technologies being launched into orbit at an increasingly rapid pace. The need to ensure the security and safety of these technologies has never been more pressing. So, let’s discover a range of measures…

Backdoor Deployment and Ransomware: Top Threats Identified in X-Force Threat Intelligence Index 2023

Deployment of backdoors was the number one action on objective taken by threat actors last year, according to the 2023 IBM Security X-Force Threat Intelligence Index — a comprehensive analysis of our research data collected throughout the year. Backdoor access is now among the hottest commodities on the dark web and can sell for thousands of dollars, compared to credit card data — which can go for as low as $10. On the dark web — a veritable eBay for…