apple, google, innovation, microsoft, technology

unified endpoint management

today’s employees use at least two or more devices to do daily work on various os at different versions – it is time for a new class of tools – unified endpoint management (uem) combine the management of multiple endpoint types in a single console

evolution

from pc configuration lifecycle management (pcclm) via client management tools (cmt) to unified endpoint management (uem) – companies listed in the client management tools magic quadrant already transformed, other a overruled

content

emm

while enterprise mobility management (emm) is highly competitive and rapidly transforming — for instance, good technology, which was in gartner’s magic quadrant in 2015, was acquired by blackberry, airwatch was acquired by vmware in 2014 – emm contains of:

  • mobile device management (mdm)
  • mobile application management (mam)
  • mobile identity (mi)
  • mobile content management (mcm)

uem combine cmt + emm + iot

benefit

  1. reduce it management cost – a single tool
  2. improved security – get the best of both
  3. better insights – reporting
  4. prepared – enterprise of things

gartner

magic quadrant reports the ability to execute and completeness of vision for vendors – read full report here

Magic Quadrant for Unified Endpoint Management Tools

tco

according to gartner research, the annual tco of a fully managed smartphone using emm is almost
80% lower than the annual tco of a fully managed desktop using cmt

@mobileiron

microsoft, technology

windows managed kiosk

kiosk is a configuration for single purpose devices(cosu) e.g. info stand or remote work device – provide conditional access in public and semi public areas – ios could set in supervised mode and enable device owner for android to convert consumer devices to fit business needs

autostart is a convenient but unsecure way accomplish a kiosk like behavior and with app locker it is possible to blacklist apps, but both are not an enterprise solution

assignedaccess1assigned access to assign an app to a user – just universal windows platform(uwp) or modern apps are supported – located in settings > familiy and other users > set up assigned access – this could remote configured via syncml or powershell

assignedaccess3.png

once you have set everything up, simply relogin to the selected account, the app automatically launch

z-order for views when the app is running in lock modekiosk apps already existing next to mdm, uses the technoligy – microsoft advices how to build your kiosk app – there a separate layer to develop it and even quit assigned access via software

lockHost->RequestUnlock();

hosted web apps are the easiest way to pin a webpage to a windows client in a kiosk setup – like web clips for ios devices, since ios 11.3 it could arranged with the home screen layout– create a web view with windows template studio

fall update 1709 with it’s windows release it is possible to select allowed apps, provide a startlayout and disable taskbar, even device win32 applications – remote configured via mobile device management

assignedaccess2.png.jpg

spring update 1803 published days ago, assinged access csp advanced to configure shell launcher – “you cannot configure both assigned access and shell launcher on the same system” – additionally the accounts csp added to create a new local windows account

Accounts CSP diagram

since microsoft doesn’t provied any smartphone – it is prepared persist in enterprise – outlook to new build 17661, a modern snipping experience

windowsredstone5.gif