This GigaOm Research Reprint Expires Dec 27, 2024

GigaOm Key Criteria for Evaluating Unified Endpoint Management (UEM) Solutions

An Evaluation Guide for Technology Decision-Makers

1. Executive Summary

The contemporary IT landscape is characterized by a highly distributed workforce using a diverse array of devices and operating systems (OSs) to access broad portfolios of enterprise applications and data. In this environment, IT teams face an increasingly complex task of managing, configuring, and securing all types of endpoints, including mobile devices, desktops, laptops, and IoT devices.

Providing employees access to the data and services they require to do their jobs effectively—whether inside or outside a physical office—comes with significant risk. It demands granting access to one of the most important assets a business has: its data.

The goal is to find the right balance between user experience (UX) and enterprise control. Without that balance, organizations are likely to introduce numerous risks to business efficiency, competitiveness, and security.

For example, if an organization severely limits or locks down device usage, this will hinder employee flexibility and productivity. Unified endpoint management (UEM) solutions help organizations instead unlock endpoint experiences for users while providing sustainable control and security.

Business Imperative
The importance of effective endpoint management in modern organizations cannot be overstated. To achieve this, organizations must solve two issues:

  • How to provide employees sustained access to applications and data.
  • How to do so in a way that maintains security and control of business-critical data assets.

UEM solutions bring user and device management together into a single pane of glass view and allow organizations to perform the following:

  • Manage devices through a centralized console
  • Manage device lifecycle from enrollment to deactivation
  • Ensure device sustainability
  • Create and enforce security policies
  • Patch and update devices and applications
  • Enhance IT and end UX
  • Ensure devices are included as part of an overall security strategy

Effective UEM solutions help deliver an overall better UX, improve operational efficiency, and maintain strong endpoint security.

Sector Adoption Score
To help executives and decision-makers assess the potential impact and value of a UEM solution deployment, this GigaOm Key Criteria report provides a structured assessment of the UEM sector across five factors: benefit, maturity, urgency, impact, and effort. By scoring each factor based on how strongly it compels or deters adoption of UEM, we provide an overall Sector Adoption Score (Figure 1) for UEM of 4 out of 5, with 5 indicating the strongest possible recommendation to adopt. This indicates that the UEM category is a credible candidate for deployment and worth thoughtful consideration.

The factors contributing to the Sector Adoption Score for UEM are explained in more detail in the Sector Brief section that follows.

Key Criteria for Evaluating UEM Solutions

Sector Adoption Score

1.0

Deters
Adoption

Discourages
Adoption

Merits
Consideration

Encourages
Adoption

Compels
Adoption

Figure 1. Sector Adoption Score for UEM

This is the third year that GigaOm has reported on the UEM space in the context of our Key Criteria and Radar reports. This report builds on our previous analysis and considers how the market has evolved over the last year.

This GigaOm Key Criteria report highlights the capabilities (table stakes, key features, and emerging features) and non-functional requirements (business criteria) for selecting an effective UEM solution. The companion GigaOm Radar report identifies vendors and products that excel in those capabilities and business criteria. Together, these reports provide an overview of the category and its underlying technology, identify leading UEM offerings, and help decision-makers evaluate these solutions so they can make a more informed investment decision.

GIGAOM KEY CRITERIA AND RADAR REPORTS

The GigaOm Key Criteria report provides a detailed decision framework for IT and executive leadership assessing enterprise technologies. Each report defines relevant functional and non-functional aspects of solutions in a sector. The Key Criteria report informs the GigaOm Radar report, which provides a forward-looking assessment of vendor solutions in the sector.

2. UEM Sector Brief

Endpoint devices are a key part of any organization’s day-to-day operations. They are the tools people use to do their jobs. They are also often how organizations manage and control business systems and services.

But endpoint devices, when poorly managed, present several risks, including security, operational inefficiency, poor UX, and poor asset management. All of these impact a business’s effectiveness in servicing its customers and meeting its goals.

Finding solutions to manage an organization’s endpoints has far-reaching benefits. Organizations should look for UEM tools that improve the management of endpoints and the experience of delivering endpoint devices to users. UEM tools should improve performance, ensure devices are secure, and ensure a high-quality end-UX. This helps improve the operational experience of users in a secure manner, significantly reducing risk to both the organization and employees.

Scenarios for Adoption
There are three common use cases that drive organizations to adopt UEM solutions:

  • Asset management: Endpoint device estates—the totality of devices under management—can be large, complex, and expensive. Ensuring there is comprehensive insight into the operation of these devices is valuable: knowing whether devices remain operational and their locations, age, warranty status, and performance metrics, are all valuable in ensuring businesses get the best from these expensive assets.
  • Endpoint security: Endpoint devices exist to provide access to systems and data, so it is essential that they are secured. This can include patching, security policy adoption, compliance checking, and security standards enforcement. Secure endpoints should be a business requirement to meet a wide range of regulatory standards.
  • UX monitoring: Having comprehensive metrics on the performance of an endpoint can be invaluable for IT and business planning. At one level monitoring helps to understand how a device operates for a user. On another level, monitoring reveals the impact of change as new devices or applications become available. The ability to use these metrics to apply strategic and proactive actions across an entire endpoint estate can be a boon for operational efficiency and improving end-UX.

Adoption Approach
Adopting a UEM solution is not a trivial project; it requires planning and consideration. When done well, deploying a UEM solution can be relatively non-disruptive to the organization and users while delivering a range of benefits.

There are three basic areas organizations should consider before adopting UEM:

  • Deployment model: Traditionally, solutions have been deployed on-premises, but unless the majority of an organization’s devices operate within static physical locations, a SaaS-based UEM may be more attractive. This will provide scale and accessibility as well as reduce complexity.
  • Enrollment model: Managed endpoints must be enrolled into the UEM platform. Out-of-the-box enrollment is ideal for new devices, but it is rare for organizations to have greenfield endpoint environments. Most adoption scenarios must consider the best ways to enroll existing devices and the impact on users the UEM enrollment approach may have.
  • Control policies: Organizations should consider what controls they need in place. Does the solution need to apply comprehensive device security? Or are light-touch approaches using application and data isolation sufficient? Does it need to enforce patching OSs and applications? Does it need to ensure minimum compliance standards are met before allowing access? Use these considerations as part of planning and defining evaluation criteria.

In addition, when considering a UEM migration, look at how management control changes between the existing tools or workflows and the new platform. There are very few tools that provide low-impact or seamless migrations. This change should be planned carefully and the end-user impact understood.

While UEM adoption can be phased, the reality is that for effective endpoint management, all devices should fall under its control. Partial endpoint management has little value because unmanaged devices still present risk, poor UX, and increased operational overhead. The mix of managed and unmanaged is likely to be worse than the experience of all devices being managed—or unmanaged.

Technical Primer

UEM solutions help organizations manage users and endpoint devices from a single management platform. Capabilities include:

  • Manage device lifecycle from enrollment to deactivation.
  • Create and enforce security policies.
  • Patch and maintain devices and applications.
  • Enhance the overall endpoint UX.
  • Ensure devices are included in an overall security strategy.
  • Ensure device compliance with organizational policy.
  • Control access to organization assets.

Many organizations already grapple with supporting a geographically diverse workforce, and now that workforce is increasingly remote or hybrid. Now that the help desk is not just down the hall, UEM solutions can help monitor and manage the devices used by employees, any time, anywhere. In addition, UEM solutions gather device metrics and usage insights that enable appropriate access, proactive support, and an overall improved UX.

UEM solutions can be deployed on-premises, but like many other services, they have increasingly moved to the cloud, especially as SaaS platforms. This deployment option makes sense for most organizations with, as noted, geographically dispersed users and growing mobile endpoint estates. In this environment, cloud-based services often make sense in terms of coverage, performance, and scale.

For full control of devices, organizations must consider enrollment. Depending on the device, there are multiple enrolment types that must be supported, from automated out-of-the-box enrollment of a new device (including services such as Windows Autopilot for Windows devices) to lighter-touch options such as application isolation. There is a tradeoff between the level of control that different enrollment options provide, and UEM solutions should address this.

Organizations deploying UEM should also consider their requirements around patching and security controls. Often these can be regulatory driven, but they are also simply considered a good practice. UEM solutions can enforce a range of policies and controls, especially around patching and updates. Although it’s important that organizations recognize when applications need patching—including internal business applications—not all solutions will offer much beyond OS patching.

Solutions can also provide access control, which can be a valuable element in delivering robust security. Many use location data on the device to deliver adaptive policy deployment. Some can also integrate with services such as Microsoft Conditional Access Controls to enrich access control to applications such as Microsoft 365.

Sector Scorecard

In the Executive Summary, we introduced a Sector Adoption Score, which provides a high-level grade indicating how compelling and appropriate an enterprise technology may be for adoption. The score is based on five factors and how strongly each compels or deters adoption of the technology.

The Sector Scorecard (Figure 2) provides an at-a-glance assessment of the adoption ratings for these factors as they relate to UEM:

  • Benefit to the organization
  • Urgency as defined by competitive, market, regulatory, and other pressures
  • Maturity and relative stability of the technology sector
  • Effort required to address the complexity and challenges of deployment
  • Impact on IT staff, users, and budgets

Key Criteria for Evaluating UEM Solutions

Adoption
Rating

Compels
Adoption

Encourages
Adoption

Merits
Consideration

Discourages
Adoption

Deters
Adoption

Sector Scorecard Sector Scorecard Considerations

Benefit

  • Compelling ROI
  • Reduced costs
  • Heightened productivity and efficiency
  • Enhanced resilience
Compels Adoption

Urgency

  • Competitive pressure
  • Security vulnerabilities
  • Regulatory compliance
  • Aging infrastructure
  • Staffing/skills challenges
Encourages Adoption

Impact

  • Staff and end-user training
  • Hiring and workforce alignment
  • Licensing and operating costs
Encourages Adoption

Effort

  • Business-critical systems and processes
  • Custom development
  • Required integration
Merits Consideration

Maturity

  • Established vendors
  • Volatility of technology
  • Access to skilled workers
  • Presence of industry standards
Encourages Adoption

Considerations

Figure 2. Sector Scorecard for UEM

Benefit: Compels Adoption
Adopting a UEM solution presents multiple benefits to an organization. Better control and security enforcement will reduce IT security risk. The ability to have a single view of the entire endpoint estate, with the option to automate enrollment and management, will increase operational efficiency. The capability of enhancing UX will help drive efficiency across an organization.

Urgency: Encourages Adoption
The risks presented by unmanaged devices are significant and organizations with more than approximately 20 devices should consider the level of management required. Devices that are unpatched, poorly secured, or fail to meet standards will introduce risks to security and regulatory compliance, including key data protection and IT regulations.

Maturity: Encourages Adoption
UEM is already a well-established technology that brings together a range of mature technologies encompassing laptops, desktops, mobile devices, patching, and policy enforcement. This maturity means the technology is well understood, vendors have benchmarks and standards, and staff with skills to implement and manage solutions are widely available.

Effort: Merits Consideration
UEM deployment is not a trivial task, especially in existing estates where particular consideration must be given to device enrollment and the potential impact that this will have on end users. Special attention will be needed for those considering migration from existing UEM solutions. Whether adopting endpoint management for the first time or moving from an existing management regimen, this can be a complex and time-consuming project with little tooling available to assist.

Impact: Encourages Adoption
A well-deployed solution will have a significant impact on improving operational efficiency, end-user and organizational security, and end-UX in both performance and supportability. A well-run endpoint estate will help with the effective delivery of organizational activities as well as improve the asset management of an expensive endpoint estate.

Purchase Considerations

Sector Scorecard Summary
Endpoint estates are large and complex and present management and security risks. Failing to effectively manage endpoint environments will have an impact on productivity, introduce security risk, and reduce the efficacy of these business assets. Unmanaged endpoint environments should not be deemed an acceptable risk to any diligent organization; therefore, adoption of UEM should be encouraged.

However, prospective customers should understand that implementing a UEM solution is not an insignificant task, and it requires planning, time, resources, and effective communication across the business to ensure successful adoption.

The UEM space is well established, with many mature vendors providing comprehensive platforms that can improve endpoint efficiency, reduce risk, and crucially improve the end-UX. Gaining insight into endpoint and user behavior can help organizations better manage current endpoint infrastructure as well as more effectively plan for future needs, ensuring endpoint investments are well understood and assets are fully utilized.

To facilitate the UEM solution selection process, this Key Criteria report acts as a buyer’s guide for IT decision-makers, exploring the table stakes, key features, emerging features, and business criteria that are relevant to a purchase decision.

3. Decision Criteria Analysis

In this section, we describe the solution capabilities—table stakes, key features, and emerging features—that organizations should evaluate when considering solutions in this market sector.

  • Table stakes: Assumed value. These are features that all solutions in the sector support and therefore do not materially impact comparative assessment. Table stakes define the minimum acceptable functionality for solutions under consideration.
  • Key features: Differentiating value. Execution of these features sets products apart from each other and is vital in product selection.
  • Emerging features: Future value. These are new or niche capabilities that can have downfield impact but do not significantly define the value of solutions today.

We also look at the non-functional requirements—business criteria—that organizations should consider when comparing solutions in this sector. These criteria help determine the impact a solution may have on the organization. Examples include cost, ease of use, and scalability. They are, in essence, strategic considerations, whereas the solution capabilities are tactical ones.

Evolution of Features
The relationship among table stakes, key features, and emerging features is central to our Key Criteria and Radar reports. These features evolve over time, with emerging features that become broadly adopted evolving into key features, while many key features become so ubiquitous that they graduate to table stakes. Figure 3 shows this evolution.

Figure 3. Progression of Solution Capabilities Over Time

Table Stakes

This report considers the following table stakes—features we expect all UEM solutions to support. These features act as inclusion criteria for the companion Radar report:

  • Support for enterprise and personal devices
  • Basic security enforcement
  • Application and data management
  • Application deployment

Support for Enterprise and Personal Devices
Most organizations have a requirement to allow access to services for both managed devices and unmanaged ones in BYOD scenarios. Therefore, any endpoint management solutions should be capable of distinguishing between managed and unmanaged devices and providing basic metrics (such as OS versions) that can be used to apply access controls.

Basic Security Enforcement
Solutions should be capable of applying basic security enforcement to devices under their management. This can include controls such as PIN enforcement, password complexity settings, and compliance rules such as OS versions, minimum software deployments, and firewall enablement.

Application and Data Management
While managing a device is important, how the device is allowed to interact with an organization’s data is equally important. This is usually done with application controls that can apply restrictions to how data is accessed and used within the application. A solution should at least be capable of applying controls to at least one OS (for example, Windows, macOS, or Android).

Application Deployment
Endpoints require applications to interact effectively with organizational systems. Finding ways to deploy applications at scale, efficiently, effectively, and securely should be a capability of an enterprise UEM solution. Therefore, we expect that a solution can deploy a range of applications to at least one OS.

Key Features

This report considered the following key features—capabilities that some vendors offer but others don’t. These features are impactful to system operation and will be the basis on which organizations choose solutions for adoption. The key features for UEM solutions are:

  • Remote connection support
  • Reporting
  • User-centric management
  • Patching
  • Device integration
  • Predictive analytics and AI
  • Lifecycle management
  • Geofencing and conditional access

Remote Connection Support
Enterprise user bases are more geographically disparate than ever before, with users looking to work from a wider range of locations. This has led to organizations needing to find new ways of supporting their users. UEM remote connectivity can help greatly, offering ways for support teams to communicate effectively with users and gain access to machines to offer support quickly and efficiently.

Good solutions in this space should offer remote support. They should be able to offer this to at least one OS. Remote support should allow for access to an endpoint under management and use this access to guide users and troubleshoot issues. The better solutions also allow for non-GUI-based controls and the ability to stop and start services, run scripts, and other low-level controls. They will also be able to do this over multiple OSs and non-standard endpoints such as IoT devices or cloud PCs. Leading solutions will offer this natively with their own remote support tools, but third-party integration with well-known remote support tools is also an acceptable method of providing this functionality.

Reporting
The endpoint estate in an organization can be a large, complex, and expensive investment. Therefore, effective reporting across all endpoints is an extremely valuable function. Being able to quickly report on the size of the estate and its health helps in ensuring that end-user devices are operating as needed, and it can be a valuable asset in planning, asset management, and security.

An enterprise solution should be capable of providing basic reporting such as device health, type of device, and OS. It should be able to indicate the size of an endpoint estate and the devices in it, providing a quick view of their health. Better solutions should be capable of providing more granular reporting, highlighting details such as application inventories, patch levels, and security posture. They may also offer the ability to build custom reports. Leading solutions will extend this further, offering integrations with enterprise reporting such as Tableau or Power BI. They will also provide actionable insights allowing operations teams to quickly identify issues and address them from centralized reports and dashboards.

User-Centric Management
An enterprise endpoint estate is comprised of two elements: the devices and the user interactions with the devices. The user operating a device is as important a component of endpoint management as the device itself. Solutions that recognize this duality and allow for policy, controls, and experience to be dictated based on both device and user will be valuable in providing the best UX.

Good solutions in this space will have the ability to apply dynamic controls to a device based on both the device itself and the user operating it. This may include defining different policies based on the user, their location, and whether a device is managed or not. Leading solutions will be capable of doing this at a granular level, providing adaptive policies based on variables such as group membership or specific device type, or using advanced capabilities such as user behavior to adapt policies and apply controls.

Patching
Patching devices remains both an essential part of IT operations and a complex, time-consuming, and often problematic process. UEM tools that can help with the process will provide significant value. Solutions that are capable of providing OS patching across multiple OSs and device types will be extremely helpful. Even more helpful are those that can apply patches to applications and underlying hardware.

Patching is an essential but complex task. Solutions should be capable of patching base OSs for at least one OS. The better solutions will move beyond this. Those that can patch across multiple OSs are useful. Even better is the ability to patch applications. It is acceptable for this to be done by orchestrating third-party patch solutions. Leading solutions will offer native application patching and provide comprehensive patching of OS and applications, firmware, and device drivers. Solutions that can package this into their own native platform will offer additional value in consolidating and simplifying patch delivery.

Device Integration
Endpoint estates are more diverse than ever. No longer are they made up of just laptops, desktops, and mobile devices; they also include a variety of smart tech including wearables, VR devices, and IoT devices. Effective UEM solutions should be capable at the very least of monitoring across a broad spectrum of devices and ideally have the ability to manage them.

The most effective UEM tools will be those that have the broadest range of device coverage. Endpoint management is complex, therefore UEM solutions capable of covering all of an organization’s devices from within a single platform will deliver the greatest value, allowing a single platform to drive management and control to the widest set of endpoint devices. Good solutions should provide not only strong desktop and server OS coverage, but also mobile coverage. The leading solutions will go beyond this, providing coverage for increasingly used devices such as wearables, smart devices, and IoT.

Predictive Analytics and AI
UEM tools should help simplify the strategic management of endpoint estates. They should use the telemetry they gather to identify important trends. The best solutions can also begin to predict trends and key issues such as performance, security, and lifecycle management, allowing organizations to make better strategic decisions more quickly.

Predictive analytics and AI are becoming increasingly common in the cybersecurity and IT management space, and this is rapidly expanding to the management and control of endpoints. Given the number of endpoints most organizations have to manage—from laptops to IoT—doing so effectively means identifying where potential issues lie or ensuring that they are patched and secured in a timely manner. Predictive analytics and AI can be extremely valuable here. The best vendors will use these tools to help organizations more effectively optimize endpoint management approaches, identify poorly performing devices, root out poor UX, highlight security issues and vulnerabilities, and automate how operations teams prioritize their next key endpoint management actions. This will broadly improve UX and reduce operations overhead.

Lifecycle Management
Managing the lifecycle of endpoint devices is not the most exciting task, but it’s essential in providing users with a good experience and organizations with security and operational efficiency. UEM solutions should provide effective processes for device management from initial deployment and enrollment through replacement and disposal.

Endpoints are an expensive part of any organization’s infrastructure and running costs. Ensuring that they are managed effectively throughout their lifecycle has significant benefits. Leading tools should provide a good range of enrollment options, both allowing users to manually enroll devices and supporting common auto-enrollment options. Lifecycle management must also include the effective removal of devices, and this will be enhanced by leading tools that can use telemetry to highlight when devices are coming to the end of their effective life. Tools that make it easy to unenroll those devices are also valuable, making it easier to automatically remove the device from inventory and ensure effective data removal is carried out.

Geofencing and Conditional Access
UEM solutions, with their detailed endpoint knowledge, can provide enriched information about an endpoint’s location. This information can be used to apply conditional controls such as blocking access, enforcing additional layers of authentication, or restricting capability based on location—all essential parts of enforcing robust access controls.

Conditional access is an important part of an organization’s security controls. UEM solutions can play a significant role in implementing access controls. Basic access control is usually built on device compliance with an organization’s enforcement rules. For example, they should meet certain OS versions, up-to-date patching, and a minimum set of security controls. UEM solutions can offer great value here by providing rich telemetry based on detailed knowledge of a device, enhanced further by providing information on device location. The best UEM solutions should provide this telemetry to external access control solutions and be capable of delivering access controls natively. The best solutions will both assess a device and apply access controls without the need for external services.

Emerging Features

This report considers the following emerging features—capabilities that are not yet widespread but expected to become widely relevant over the next year or two:

  • UX monitoring
  • Managed services
  • Increased automation
  • Endpoint security

UX Monitoring
Understanding the UX has always been a challenge. However, increasingly vendors are starting to offer metrics that can be used to assess the UX. These show both device performance and application performance. They can show the impact of changes in the application or data access environment and can be hugely beneficial in terms of effective support and providing proactive management to help maintain an excellent UX.

Managed Services
Endpoint management is a significant overhead for overstretched IT teams. As more UEM services are delivered via SaaS platforms, vendors are able to offer managed UEM platforms, taking the day-to-day management of endpoints away from internal resources and providing a 24/7 proactive endpoint management service. The demand for managed services will continue to grow, and we expect more vendors to offer them.

Increased Automation
The ability to respond quickly to changing user demands or changes in the endpoint is becoming increasingly essential for UX and device management and from a security perspective. Humans cannot always respond quickly enough. Vendors see this and realize that response automation is increasingly crucial. They are starting to use AI/ML capabilities in their platforms to more effectively automate repetitive and common tasks and will look to grow this capability to ease the operational overhead of endpoint management.

Endpoint Security
Traditionally, endpoint security and management have been separate solutions. UEM vendors are embedding security into their tools, giving rise to secure UEM. This uses advanced functions such as endpoint detection and response to help identify and respond to threats. Bringing this into a single platform helps security teams to reduce complexity and enrich security telemetry.

Business Criteria

Next, we look at business criteria—non-functional requirements that impact a purchase decision and determine a solution’s impact on an organization. The business criteria for UEM solutions are:

  • Flexibility
  • Scalability
  • Ease of management
  • Ease of use
  • Security enhancements
  • Cost

Flexibility
Organizations today have complex endpoint environments made up of many different types of devices in many locations. The complexity of the endpoint estate matches the differing infrastructure and operational demands of those organizations. The dynamic, complex nature of these environments means UEM solutions must provide a range of options for managing endpoints. They should be able to be deployed in many types of environments, integrate with existing security and IT systems, and support and manage a broad array of endpoint types. They should also offer a range of license and subscription options, with enough flexibility to meet rapidly changing requirements.

The key feature that most impacts flexibility is device integration.

Scalability
Businesses are dynamic and require solutions that can grow with them. This includes growth in company size, number and types of devices, and introduction of new technology types and services. Solutions should be able to grow to match the demands of additional devices, users, and operational demands without impacting performance.

The key features that most impact scalability are device integration, remote connection support, user centric management, and predictive analytics.

Ease of Management
Managing endpoint environments can create significant overhead for organizations. A good UEM solution can increase the operational efficiency of managing an endpoint estate by providing a comprehensive platform to easily enroll and manage the full breadth of an organization’s devices within a single console. Automating the manual tasks involved—such as device lifecycle management, patching, and application deployments—is also helpful. Solutions that use AI/ML capabilities effectively to provide clear guidance to operations teams on where to focus management efforts can help to streamline operations and improve efficiency.

The key features that most impact ease of management are device integration, reporting, and lifecycle management.

Ease of Use
Effective UEM solutions should optimize the experience of interacting with company data and applications for users. While a number of factors may affect this experience, ease of use is particularly important, so look for a user-friendly solution that’s relatively easy to implement for end users. It makes interaction with services and applications seamless. Self-service capabilities can be valuable, as can the use of digital experience measures that can capture performance insights, quickly troubleshoot issues, and apply proactive fixes. Finally, solutions need to improve the ability for users to communicate with support teams and to do so in the most efficient manner—from automated ticket raising to full interactive support experiences.

The key features that most impact ease of use are user-centric management and lifecycle management.

Security Enhancements
Mobile endpoints are one of the biggest security vulnerabilities in any organization. Therefore, finding solutions that can enhance security and lower risk for an organization is a critical part of effective endpoint management. Device security posture can be enhanced in many ways. This can include comprehensive security policies, identifying and patching vulnerabilities quickly and automatically, and using the endpoint device to evaluate access security. Modern tools can, of course, go further by using AI/ML capabilities and predictive analytics to more effectively identify vulnerabilities and risks to help organizations, then take proactive steps to address them.

The key features that most impact security enhancements are patching, conditional access, and device integration.

Cost
No organization in today’s economic environment can consider technology purchases without understanding the entire range of potential costs, which may include, in addition to the purchase price, deployment costs (for hardware, software, and customization), integration costs, maintenance, training, and support costs. Other factors that may impact cost, although more indirectly, are ease of use for both end users and operations teams, as well as offering effective onboarding and training materials.

The key features that most impact cost are device integration, reporting, predictive analytics, and lifecycle management.

Changes Since Last GigaOm Report

This is our third analysis of the UEM market, and we’ve made several updates to this report compared to last year’s:

  • Geofencing and conditional access: These were amalgamated into a single metric on this occasion. We felt that the two features were dependent on each other to operate effectively.
  • Endpoint security: In our previous report, security was identified as a key feature. However, we expanded the scope of this to include more advanced features such as endpoint detection and response. This is not currently a commonplace feature in platforms, so it is highlighted as an emerging feature in this report.
  • Broad device support: This is an evolution from our previous report that looked at emerging endpoints. In many cases, devices such as IoT, wearables, and smart devices are no longer emerging. This also took into account the breadth of support for more traditional devices such as laptops, desktops, and mobile phones.
  • Predictive analytics and AI: This has moved from our emerging technologies metrics in the previous report. The use of analytics and AI/ML has become increasingly commonplace. The need to employ these capabilities to help operations teams manage estates more effectively is highly valuable and likely to be a key differentiator.
  • UX monitoring: While digital experience monitoring is not new, the move to include this functionality as part of UEM platforms is an evolutionary change in solutions.

A number of the changes since our last report reflect the drive to further unify disparate elements of endpoint management such as broader device support, digital experience monitoring, and advanced detection and response security. As organizations strive to simplify and reduce cost and complexity, the more a UEM solution can do and the more effective it is likely to be in addressing the endpoint management challenge.

4. Analyst’s Outlook

Endpoint environments continue to be complex areas to manage for any organization. The disparate nature of the devices IT teams are expected to manage and the breadth of locations they operate from have made management difficult and the need for robust and comprehensive management solutions a priority.

These demands have driven change in what those evaluating UEM solutions expect. Vendors are increasing the coverage their solutions offer, making them more comprehensive by bringing more functionality and incorporating features such as digital experience monitoring.

The constant cybersecurity threat, however, has been the biggest driver for change, with features such as vulnerability management and endpoint detection and response being added to UEM solutions. These are all positive changes for those evaluating the space, since bringing previously separate endpoint management capabilities into single platforms should help to simplify management and reduce operational overhead.

Use of predictive analytics and AI/ML increasingly play a part in UEM solutions. The number of devices organizations need to manage and the importance of ensuring they perform well while remaining compliant and secure makes manual management time-consuming and difficult. The use of analytics to help provide insight and predictive modeling and prioritization will offer great value to organizations.

For all this change, when evaluating the UEM space, the basic questions continue to be the starting point for any exploration of potential solutions.

  • What types of devices need support: just desktops, or mobile, wearable, IoT, or other specialized devices?
  • What tasks must be performed at the endpoint: simple management, or consolidating more services into UEM such as vulnerability scanning, patching, and endpoint experience management?

Knowing the answer to these questions will help prioritize the metrics that are important to an organization to help identify an appropriate UEM solution.

The companion GigaOm Radar report examines 13 of the top UEM solutions in the market. The report compares offerings against the key features, emerging features, and business criteria outlined in this Key Criteria report. Prospective buyers should use both reports to select the best fit for their business and use case requirements.

Further reading and references include:

5. Methodology

For more information about our research process for Key Criteria and Radar reports, please visit our Methodology.

5. About Paul Stringfellow

Paul Stringfellow has more than 25 years of experience in the IT industry helping organizations of all kinds and sizes use technology to deliver strong business outcomes. Today, that work focuses mainly on helping enterprises understand how to manage their data to ensure it is protected, secure, compliant, and available. He is still very much a “hands-on” practitioner and continues to be involved in a diverse range of data projects. Paul has been recognized across the industry and has spoken at many industry, vendor, and community events. He writes for a number of industry publications to share his enthusiasm for technology and to help others realize its value.

Paul hosts his own enterprise technology webcast and writes regularly on his blog.

6. About GigaOm

GigaOm provides technical, operational, and business advice for IT’s strategic digital enterprise and business initiatives. Enterprise business leaders, CIOs, and technology organizations partner with GigaOm for practical, actionable, strategic, and visionary advice for modernizing and transforming their business. GigaOm’s advice empowers enterprises to successfully compete in an increasingly complicated business atmosphere that requires a solid understanding of constantly changing customer demands.

GigaOm works directly with enterprises both inside and outside of the IT organization to apply proven research and methodologies designed to avoid pitfalls and roadblocks while balancing risk and innovation. Research methodologies include but are not limited to adoption and benchmarking surveys, use cases, interviews, ROI/TCO, market landscapes, strategic trends, and technical benchmarks. Our analysts possess 20+ years of experience advising a spectrum of clients from early adopters to mainstream enterprises.

GigaOm’s perspective is that of the unbiased enterprise practitioner. Through this perspective, GigaOm connects with engaged and loyal subscribers on a deep and meaningful level.

7. Copyright

© Knowingly, Inc. 2023 "GigaOm Key Criteria for Evaluating Unified Endpoint Management (UEM) Solutions" is a trademark of Knowingly, Inc. For permission to reproduce this report, please contact sales@gigaom.com.