Endpoint Management | System Administration

What is Endpoint Management? - A Comparison of MDM, EMM, and UEM

06. October 2020, Avatar of Robert TroupRobert Troup

Endpoint management is the process of centralizing the discovery, deployment, and maintenance of endpoint software, desktops, laptops, mobile and other devices within an organization.  Endpoint management tools provide a management interface to simplify or automate deploymentpatching, and configuration of managed devices to reduce the burden on IT operations.

Endpoint management tools traditionally reside within corporate IT organizations, often with Security Operations teams reliant on endpoint protection platforms to manage and prevent cyberthreats or breaches. The tools vary based on endpoints being managed.

Endpoint management tools -- especially those in Unified Endpoint Management (UEM) systems that I’ll describe below – might appear to overlap with freeware/shareware utilities or Microsoft’s SCCM software that some IT admins use. Understanding the major differences between them in functionality and value is critical for choosing the solution that matches your organization’s needs now and in the future. That has become even more important with remote workforces and ubiquitous mobile devices.

Endpoint management encompasses an alphabet soup of related tools that work together to address the multiple devices, functions and tasks in most networks.

MDM – Mobile Device Management

MDM is short for Mobile Device Management. As the name implies, MDM enables consistent remote management and maintenance of mobile phones, tablets and similar devices from an IT admin console. MDM covers device enrollment, remote control, device lockdown, and location tracking. MDM tools have the ability to enforce security policies, track device and application inventory, and monitor devices in real-time. These controls give IT teams the granular visibility and control needed to monitor and control mobile device security risks. MDM has been a reasonable solution to manage corporate-owned mobile devices. However, many employees continue to use their own phones or carry multiple devices for business and personal use. That requires a solution that can accommodate BYOD, or Bring Your Own Device, use within the IT management framework.

EMM – Enterprise Mobility Management

Enter EMM, or Enterprise Mobility Management. It’s the next iteration of MDM that extends management processes to wireless networks and mobile computing services, including tablets and smartphones. EMM solutions commonly use a secure container that keeps business data secure and separate from user data and personal information on a BYOD device.

UEM – Unified Endpoint Management

Finally, UEM, or Unified Endpoint Management, is the complete portfolio of MDM, EMM, and endpoint device management including all desktops, laptops, printers, IoT devices, and any other computing platforms or devices within the organization. UEM can quickly and easily apply holistic security and configuration policies across the entire organization regardless of the type of endpoint. UEM is also able to quickly assess and report on all devices and applications in use. The primary use case for UEM remains focused on tablets and smartphones. However, organizations are now looking to unified endpoint management tools to ease the burden on IT when dealing with #WFH remote workforces.

Read more