What’s the future of endpoint management? According to a Gartner research director: It’s a mess.
Gartner Research Director Rob Smith shared his experiences as an Olympic and Paralympic volunteer by describing the planning process: long term, stable, and predictable. But Smith was speaking at the Gartner Symposium in Barcelona to talk to attendees about mobility. And by his estimation, none of those adjectives apply to the mobile management process. “Mobility,” said Smith, “is a mess.”
Successful navigation of what’s going on in the mobility world requires strategic planning along with perpetual pivoting. This often isn’t IT’s strong suit, said Smith. We all know how many organizations began to figure out their post-Windows-XP plans only as the Microsoft OS was entering its final days of support (and some are still trying to figure this out).
A lot of organizations try (and fail) to manage mobile the way they did PCs, but with the speed of change within the mobile world, this tactic only fails. According to Smith, there have been 15 different versions of iOS in in the last 12 months. And, as of August 2014, there were 18,796 distinct versions of Android running on different devices. IT can’t possibly keep up with the rate of change, not to mention the speed of adoption. Furthermore, Smith explained: With so many OS updates (to stick with that theme), and many of those updates poorly documented (if at all), IT’s past tactics of locking down devices no longer works.
As a result, IT has to change its basic perspective: All endpoints are untrusted. That’s a big statement and the automatic response might be, “Not if I lock it down!” But, according to Smith, the days of saying no to users is dead. The new reality is that if you say no, users will go around you.
To add insult to injury, Smith went on to say, security and usability are mutually exclusive. Remember when the world was astounded to learn that the German Chancellor Angela Merkel’s phone had been hacked by the NSA? How was that possible, when she was issued a phone that leveraged the strictest security possible? Because the Chancellor had gone around government IT. She was using a much less secure personal device.
If the device is too complicated or doesn’t do what users want, they will go around IT. So instead, says Smith, forget the device and focus on protecting the data.
The answer to device management used to be Mobile Device Management (MDM). But you may have noticed something this summer. Instead of releasing an updated Magic Quadrant for MDM, Gartner instead released something new: a Magic Quadrant for Enterprise Mobility Management (EMM). Many of the same MDM vendors were represented, but according to Smith, this is because they are responding to the same mobility-driven changes as everyone else. MDM itself is no longer a product, he said; it’s a feature in your complete EMM toolkit. This toolkit is evolving rapidly. For example, it includes things like the newest user expectation: anytime access to any content from any device.
How do we possibly protect our data when things change so fast? Smith thinks the answer is in what he calls his “Lord of the Rings” philosophy: one system to rule them all, or what Gartner refers to as Unified Endpoint Management (UEM). UEM is a consistent, single approach to managing all aspects of endpoint data protection. It encompasses a whole range of features (identity management, app management, data access, etc.) and requires that vendors work together, ensuring their separate services and/or apps talk to each other and work together without necessitating IT involvement.
This sounds like utopia. The good news? According to Smith, vendors have already started to do it. The bad news? IT departments, with their legacy Windows XP and Windows 7 deployments, aren’t ready to support it.
So what do we do in the meantime? Smith suggest we in IT start by realizing that we can’t treat all users the same. An organization that successfully handles mobile adoption will always have a range of device management needs, from users who have fully managed devices to those with semi-managed endpoints, all the way to those that don’t fit any management scheme.
As a case in point: Smith referenced a recent call with an organization that gave iPhones to its entire workforce. To everyone, that is, except for one user who stubbornly refused to give up his Blackberry. When that user is the CEO, you may find yourselves managing that single device differently. Smith’s advice is to manage by work title, not person, and then look at how the individual is using the device(s). Is he creating data or just consuming? Does she need access to sensitive corporate information? What types of devices is he using? Use these answers to figure out what the risk is and to determine the best strategy to manage. There isn’t one answer; different roles have different needs, and different products have different approaches and are better at different things.
Mobility is changing faster than any other IT sector has in history. The old rules no longer apply, and IT has to be more agile in order to respond, said Smith. Success right now depends on understanding the needs of the enterprise, the needs of the users, and looking for opportunities that fit both. And we have to be willing to change.