Modern MDM/UEM Enterprise Facilities Management

Date of issue

13. 10. 2022

Are you interested in the described topic?

contact us
Modern MDM/UEM Enterprise Facilities Management

Current status and trends

The requirement of most companies is to provide their employees with a simple and user-friendly way of working and accessing company data.

This trend has greatly accelerated the adoption of cloud-based business collaboration tools that enable easy file sharing and communication between team members. From anywhere in the world and from any device. Moreover, without the need to operate a complex on-premise IT infrastructure, without complex client connection and authentication via VPN.

It is increasingly common for an employee to have their own choice of device use. For example, CYOD (Choose Your Own Device) or BYOD (Bring Your Own Device) private devices. It is also possible for one user to use multiple device types simultaneously. Studies confirm that employees are more efficient at work when they use equipment according to their knowledge and preferences.

These changes bring a high degree of flexibility to companies and employees. Abut it also brings a number of security challenges. In particular, what the security rules will be or how to determine access to the cloud. And of course how to protect company data from unauthorized access and possible leakage.

This is where today’s Unified Endpoint Management systems play a very important role.

Names of tools for bulk device management

  • MDM (Mobile Device Management)
  • EMM (Enterprise Mobility Management)
  • UEM (Unified Endpoint Management)

Development of MDM, EMM and UEM and the difference between them

Mobile Device Management

Indicates for managing mobile devices running iOS or Android. The technology includes tools for their configuration and basic security. With MDM, you are able to set up an unlock lock, Wi-Fi, email client and install apps on all devices, for example.

Enterprise mobility management

It is the next evolution of facilities management, where MDM is the cornerstone. In addition, it includes MAM (Mobile Application Management) tools for securing corporate applications and MCM (Mobile Content Management) tools for managing documents and securing access to corporate resources. Typically, EMM systems enable the security of corporate data using an encrypted container. Security gateways are available for access to internal websites or network storage. Thanks to tight integration, it is possible to allow or block access in real time based on the status of the managed device in MDM.

Unified endpoint management

UEM systems then represent the next level, extending management capabilities to all company facilities. This means not only mobile platforms, but also desktop systems and IoT solutions. Thanks to modern APIs in most current operating systems, it is possible to manage all company devices from one admin console, anywhere in the world.

This is a big advantage over the traditional way of managing Windows OS computers using Active Directory Group Policies (GPo). Alternatively, use tools such as Microsoft SCCM / ConfigMg (System Center Configuration Manager). These were designed for managing stations and servers within a local area network (LAN) and are not suitable for managing devices outside the network perimeter. Many companies are starting to take an interest in adopting modern Windows 10/11 management.

There is virtually no pure MDM tool on the market today and most solutions offer EMM functionality. Market leaders such as Microsoft, VMware, Soti or Ivanti provide comprehensive solutions in the area of Unified Endpoint Management.

In addition, a very strong position is held by e.g. Jamf as a specialized tool for managing Apple devices. Or, for example, Soti is very strong in managing rugged Android devices, widely used e.g. in logistics.

Modern security concept

Now let’s go back to the needs of businesses, cloud adoption and security aspects.

Security measures cannot be overlooked with the move to the cloud .

At the outset, every company should ask itself whether it really wants to allow uncontrolled access to company data. Regardless of whether the equipment meets at least the basic safety requirements.

  • What if the user loses it and it’s not set up with a device lock or encrypted
  • What if it uses an outdated operating system with known vulnerabilities?
  • Can a company computer accessed from the Internet be considered secure if it is away from the company for a long period of time?

It is for these reasons that modern security concepts are coming to the fore. Traditional network perimeter protection with the cloud does not work and it is not easy to distinguish which access is secure or not.

The basic premise of the  Zero Trust concept is “trust no one, always verify”.

By tightly integrating IAS (identity management), UEM and XDR (enhanced detection and response) systems, it is possible to assess user access from a given device in real time. And it’s for a specific application. And then either allow or block access.

Unified endpoint management (UEM) is a key system for modern device trust management and evaluation.

More posts

We live with digital technologies. And that’s why we write about them.

Latest Articles
More posts

Or contact us directly

Contact us

Fill out our form, we will contact you within a few days with a proposal for a non-binding consultation.