sommai - Fotolia
Many business uses have moved from independent mobile device management and PC management to a unified endpoint management approach.
As a result, a highly competitive market has emerged. Most of the mobile management vendors, including BlackBerry, Citrix, IBM, Mobile Iron and VMware, have recently enabled a PC management component for their historically mobile management products and adopted a UEM posture. In addition, traditional PC management vendors like Microsoft InTune incorporate a mobile management component.
AI in UEM
Looking to add more value and product differentiation to their suites, most UEM vendors' products are taking in artificial intelligence and machine learning. Even though AI is the current rage and often overhyped, there are some unique benefits to AI-assisted unified endpoint management.
Dynamic profiles. Most management functions involve fixed profiles assigned to users that remain with them until changed by IT. Dynamic profiles allow users to be assigned to various classes, functions, security access, etc., based on user history, workloads and workflows that are needed to accomplish their tasks, without waiting for IT to make the changes. That's highly advantageous in fast-changing roles encountered by many modern workers as well as for enterprises that may need to offer partners and customers access to systems or have many transactional workers who come and go frequently.
Identity and access management. The vast majority of companies still use passwords to enter the corporate network and obtain access to applications. But once compromised because of identity theft -- the primary attack vector through phishing schemes -- a password can give bad actors access to all the corporate systems and data. AI can determine a user's identity not just through passwords or even two-factor authentication, but also by the characteristics the user is exhibiting -- for example, device, location, time of day, apps accessed, IP address and typing characteristics. This capability is far superior in authenticating a user, particularly if the goal is single sign-on access.
Application monitoring. Traditional mobile device management and UEM systems often gather statistics about apps being accessed as well as user time on those apps, but the amount of analytical information obtained and subsequently analyzed is limited. With AI, statistics can be collected on what and how apps are being used, along with feedback on potential critical points of failure or user productivity slowdown. The end goal is to discover bottlenecks that cause lower user productivity and create support challenges. AI can do a much better job of discovering app and corporate system anomalies than simple data tables.
Security. Creating a secure environment that protects corporate data against theft and system breaches is an ongoing battle. Fixed security solutions using historical information and signatures may work for older, well-known malware and attacks. But with the ever-changing attack surface, the goal needs to be finding and assessing zero-day risks. Discovery of such security risks is based on large data sets of users, including data sets of other companies, that can discover malicious patterns in apps and access and shut them off before damage is done. Security and identity management are closely aligned, but they need to be evaluated separately.
Self-help and onboarding. Onboarding of new employees remains one of the least glamorous but often most challenging aspects of bringing workers into the organization. Workers need to be offered the necessary tools and capabilities to get their job done from day one, without waiting several days or longer for IT to provide support. Unified endpoint management with AI can walk users through the setup and support process based on an understanding of user roles and responsibilities and assist IT with support questions based on a knowledge base built from a data set of previous user issues and challenges. As a result, new employees can be productive much faster compared to a typical manual IT process -- potentially in just a few hours versus several days.
Devil's in the details
AI's benefits will depend on how well vendors implement the required AI functions into their products. Since machine learning and AI require a large data set to "learn" what best to do, it's imperative to understand just how any deployed UEM suite has trained its AI system.
Is it ongoing training that's based on incoming data from many different users and organizations -- anonymized, of course -- or is it one-time training based on a fixed set of data? The former is the preferred method because the larger the data set and greater the user input, the better the AI training and ultimate resolution.
There are many advantages to enabling unified endpoint management with AI, but only when AI is implemented and deployed properly. Organizations should fully evaluate how AI is implemented, what features and functions are pertinent to the enterprise users and whether the AI features are indeed AI or just labeled as such. Don't simply assume that a vendor has a quality implementation without looking under the covers.