Enterprise mobility management (EMM) is all about how users, applications, content management and data security are combined.
EMM simplifies device management, configuration, enrollment, distribution of apps and documents, and facilitates collaboration.
Here are some of the top trends in EMM market:
1. Cybercrime Surge
Work-from-home (WFH) fundamentally changed enterprise mobility management (EMM). Companies found it difficult to navigate the trade-offs between strong endpoint security and a satisfying and productive employee experience. With the pandemic forcing people to work remotely in large numbers, and there being little sign of a permanent return to the office in many cases, there has been a spike in hacking frequency.
“There has been a 500% increase in cyber-crime which has increased the focus on security,” said Denis O’Shea, founder of Mobile Mentor.
He notes issues such as the global chip shortage forcing companies to rely on employees’ personal devices. This has increased the profile of EMM. Companies that used to have a few mobile users now have an army of them. Some IT teams tried to address this issue on an individual basis. But the workload soon becomes overwhelming.
Automation is required to take care of the assessment of security compliance across a network of mobile and WFH users. Deployment of applications, monitoring of systems, and other enterprise features need to be managed centrally. Thus, there is no avoiding investment in EMM or an alternative solution.
2. Convergence
For years, we have seen separate fields of IT, such as mobile device management (MDM) and EMM. These fields are being absorbed into the broader field of unified endpoint management (UEM), according to O’Shea with Mobile Mentor.
“After years of false promises and vendor hype, I believe we are finally seeing UEM become viable,” he said.
“Most vendors have made a sincere effort to manage a wide range of endpoints with a single tool, but most have struggled.”
3. Microsoft dominance
O’Shea with Mobile Mentor said his company has worked with many of the MDM/EMM/UEM technology vendors over the past 15 years. In his opinion, the only vendor that can credibly, and elegantly, manage all endpoints is Microsoft.
He touts its Intune product as being good at managing Windows, iPadsOS, iOS, and Android; macOS can be managed with Intune, but it is not the best tool. However, Microsoft is working to close that gap with macOS.
“I suspect Microsoft will dominate and become the default, since Intune is included in the M365 license,” O’Shea said.
“Some people love their existing MDM platform, but they will have to justify the cost against Intune, which is perceived to be free. Of course, it is not free, but the bundle always wins.”
4. Zero-trust authentication
There are more than 100 million physical servers, over a billion virtual servers, and as many as 35 billion connected devices worldwide. With that many possibilities, it is no wonder that malicious code finds plenty of avenues of attack and ways to penetrate an organization’s infrastructure.
“To prevent this, it is essential that organizations configure zero-trust authentication and authorization for their infrastructure resources and developer-coded applications, like microservices as well as for their engineers, with only the minimal or in some cases, zero-standing privileges,” said Ev Kontsevoy, co-founder and CEO, Teleport.
“This eliminates the risk of stolen credentials and minimizes the blast radius of an application vulnerability. Additionally, defining access policy for both humans and applications in a single solution dramatically reduces operational overhead.”
5. Identity-based access
Kontsevoy with Teleport advocates the implementation of identity-based access and audit for infrastructure resources, like servers and databases, continuous integration/continuous delivery (CI/CD) automation, service accounts, and custom code in applications, such as microservices.
By consolidating identity-based credentials for engineers and the applications they write, the identity loophole can be closed, and this prevents compromised infrastructure and code being used in cyberattacks.
“Organizations can enforce the same consolidated identity-based access policies to machines as they use for developers, reducing overhead, improving security and meeting compliance requirements,” Kontsevoy said.
For example, Teleport offers its open-source Teleport Access Plane that delivers identity-based access and audit. It is designed to simplify certificate management for IT infrastructure, reduce the impact of supply chain attacks, unify access policy and access controls, and lower operational overhead. The access events initiated by infrastructure resources and applications are logged, tracked and monitored using the same controls that Teleport provides for engineers.
“Cyberattacks are based on a human error for initial infiltration and an attempt to pivot to maximize the blast radius. That’s why adopting identity-based access is critical — it removes an attacker’s opportunity to pivot,” Kontsevoy said.