UEM solutions may be the key to mobile security
Microsoft has experienced a meteoric rise in the Gartner magic quadrant for mobile security.
Gartner has renamed this category to UEM which reflects the rate of change in mobility and the rapid evolution from 'Mobile Device Management' to 'Enterprise Mobility Management' and now to 'Unified Endpoint Management'.
TechDay has been following this category very closely since 2011 and the recent jump by Microsoft is probably the largest shift we've had ever seen for any vendor on the quadrant.
Many of you have predicted this and some have already embraced the Microsoft mobility strategy. Microsoft's late arrival at the party has allowed them to come well prepared and where others may be getting tired, Microsoft is ready for an all-nighter.
The reason I have been, and continue to be, bullish is the multi-layered approach Microsoft has taken to mobile security. If you simply compare MDM features across a number of vendors, Microsoft will not stand out. But compare the entire stack of considerations that make a secure environment and it is game, set and match for Microsoft.
Here is a summary of the secure capability available in the EM+S suite of services:
- Identity – Active Directory account with 2FA, self-service password reset and Single Sign-On.
- Geo-fence – the ability to restrict the opening of an app to a specific location.
- WiFi connection – the ability to restrict the opening of an app to a specific WiFi network.
- Device profile – the ability to restrict the provisioning of an app to a device that is secure and managed.
- App protection policies – the ability to restrict app functionality such as save-as, open-in, copy/paste and taking screenshots.
- Advanced threat protection – the ability to automatically detect and react to malicious activity and hacking attempts.
- Azure information protection – the ability to automatically apply encryption and additional security to sensitive content such as social security numbers.
As a stack, these technologies mean that you can secure a mobile deployment like never before. Let's take the example of an app for a hospital nurse. Using the EM+S service, they can deploy a secure app to a secure device, leverage the user's AD credentials, permit the app to open only when the user is in the geo-fence of the hospital campus and connected to the hospital corporate WiFi (not public WiFi) and even then they can prevent screenshots and copy/paste actions in the app.