“The transition to UEM tools, specifically the consolidation of PC and mobile management to a single tool, is still taking shape,” Silva says.
One mobile platform provider, Microsoft, has shifted its messaging in this space over the last year to emphasize a “co-management” approach, in which Microsoft’s traditional client management tool System Center Configuration Manager (SCCM) configures and manages devices, with Microsoft Intune UEM providing some additional management of the same device, Silva says.
Integration with third-party UEM tools, which Microsoft calls “co-existence,” results in SCCM going into a state where it can take no action on a device beyond imaging the device and providing a feed or inventory information to the third-party UEM, he says. That approach might face some challenges going forward due to the need for a Microsoft tool such as Intune to be present to help enable conditional access to Microsoft resources such as Exchange and SharePoint, Silva says. That could slow the migration for companies that are not all-in on Microsoft, he says.
Indeed, many Gartner clients are tapping the brakes on their move to UEM, Silva says. Some of those organizations that had planned to be “all UEM by 2020 are realizing that this approach invites a lot of additional work” such as modernizing applications and changing deployment processes, Silva says.
“It’s not that they’re backing off [UEM] entirely, but they’ve reassessed their approach and timeline. And in many cases [they] have given themselves extra time to get to UEM, realizing that a hard cut-over from traditional and key process steps like imaging a PC are not supported natively in many UEM tools.”
As with any workplace mobility initiative, Ovum’s Holtby says, a UEM initiative benefits from being championed by a centralized steering group or center of excellence that can help businesses realize value. IT needs to involve all major business units as part of this group.
Pricing and new trends
Forrester’s Hewitt says the costs of mobility management platforms has remained relatively stable, with some decline for commodity mobility management features, especially as these platforms continue to embrace Android Enterprise as a standard. At the same time, “vendors have been increasing prices for UEM-like features [such as Windows 10 management] and other items like analytics,” he says.
In terms of expanding mobile platform capabilities, feature additions at this point are largely minor “fit and finish” enhancements to handle specific capabilities or use cases for particular customer groups,” Silva says.
Gartner is seeing renewed interest from the endpoint management vendors on workplace Internet of Things (IoT), adding support for managing Raspberry Pi devices that might do anything from running a lightweight desktop thin client to acting as a DNS server or a smart appliance, Silva says.
Apple’s tvOS has also seen broader support among the platform vendors over the past year, and many might be looking to Amazon Alexa-enabled devices as the next frontier for workplace IoT, Silva says.
One expanding area of focus for mobility management platforms is analytics for functions such as app usage and security, Hewitt says. “Companies are looking for greater analytics to help guide mobility management decisions,” he says.
There’s a big focus on behavioral analytics for security reasons, Hewitt says. “Being able to baseline user behavior and track it for potential anomalies is a big target area,” he says. “Citrix has been doing this. There’s also a focus on end-user experience, usually on application usage and adoption. VMware has been doing this.”
Another area for analytics is coming from third parties such as Nexthink and Lakeside. “They do end-user experience analytics, looking at performance of devices and apps with the goal of quantifying and tracking end-user experience over time,” Hewitt says.
Another trend is toward browser-isolation technologies, which enable unmanaged devices to access software-as-a-service (SaaS) or other enterprise cloud services, Hewitt says. “We’ve also seen companies looking to use MDM-managed phones as a second [authentication] factor for [logging into] PCs and Macs,” he says.
As for what’s coming down the pipeline, “we’re starting to see more integration of dedicated threat detection capabilities for both mobile and desktop,” Hewitt says. “Mobile is farther along, but some vendors are starting to embed this for [desktop] client security too.”