Unified Endpoint Management
Microsoft has just experienced a meteoric rise in the Gartner magic quadrant for mobile security. Gartner has renamed this category (again) to UEM which reflects the rate of change in mobility and the rapid evolution from ‘Mobile Device Management’ to ‘Enterprise Mobility Management’ and now to ‘Unified Endpoint Management’. I have been following this category very closely since 2011 and the recent jump by Microsoft is probably the largest shift I have ever seen for any vendor on the quadrant.
Many of you have predicted this and some have already embraced the Microsoft mobility strategy. We certainly did at Mobile Mentor and we have been enjoying the journey for the past 18 months so it is pleasing to see this recognition and validation. I personally believe that Microsoft’s late arrival at the party has allowed them to come well prepared and where others may be getting tired, Microsoft is ready for an all-nighter.
The Microsoft Approach
The reason I have been, and continue to be, bullish is the multi-layered approach Microsoft has taken to mobile security. If you simply compare MDM features across a number of vendors, Microsoft will not stand out. But compare the entire stack of considerations that make a secure environment and it is game, set and match for Microsoft.
Here is a summary of the secure capability available in the EM+S suite of services:
Identity – Active Directory account with 2FA, self-service password reset and Single Sign-On
Geo-fence – the ability to restrict the opening of an app to a specific location
WiFi connection – the ability to restrict the opening of an app to a specific WiFi network
Device profile – the ability to restrict the provisioning of an app to a device that is secure and managed
App protection policies – the ability to restrict app functionality such as save-as, open-in, copy/paste and taking screenshots
Advanced threat protection – the ability to automatically detect and react to malicious activity and hacking attempts
Azure information protection – the ability to automatically apply encryption and additional security to sensitive content such as social security numbers
Microsoft EM+S in the Workplace
As a stack, these technologies mean that you can secure a mobile deployment like never before. Let’s take the example of an app for a hospital nurse. Using the EM+S service, we can deploy a secure app to a secure device, leverage the user’s AD credentials, permit the app to open only when the user is in the geo-fence of the hospital campus and connected to the hospital corporate WiFi (not public WiFi) and even then we can prevent screenshots and copy/paste actions in the app.
Discolsure: Mobile Mentor is a Microsoft partner with Gold level competency in enterprise mobility