Desktop computers and other endpoints might seem like a low priority for busy enterprise IT professionals, but desktop management and control are major concerns. The most powerful servers, comprehensive networks and extensive storage mean nothing if there are no endpoints to tackle the everyday tasks that keep a corporation running.
Comprehensive desktop management is essential to ensure that end-user systems are properly configured and secured, and software tools play an increasingly critical role in desktop management. Let's take a closer look at endpoint management issues and examine some of the desktop tools used to handle administrative tasks.
Q. Why is desktop management so important, and what tasks does it involve?
Every end user requires access to corporate applications and data in order to perform everyday business tasks ranging from customer contacts and sales leads to complex data analytics and design simulation. Each of these tasks may originate on data center servers, but it's actually the endpoints that are accessing applications and doing the productive work that keeps the business moving.
The problem is that there is no single desktop system. Desktop computers exist in almost limitless shapes, sizes, configurations and capabilities. In addition, the concept of "desktop" has vastly expanded to include endpoints such as laptops, tablets and other mobile devices.
Each type of system has a unique mix of hardware, firmware, operating system versions, device drivers, user permissions and other security considerations. As a result, desktop management has evolved into a convoluted mix of tasks.
For example, endpoints typically require the installation, replacement, and proper configuration of a diverse array of hardware components. Each endpoint requires a licensed OS, which might span several different versions -- such as Windows XP to Windows 8.1 -- plus regular patches and updates.
Locally-installed applications such as browsers must also be patched and updated along with antimalware and firewall software to stop viruses, key loggers, Trojan horses and other malware. Encryption can help secure corporate data, but that's another desktop application that must be installed and maintained.
At the same time, users must be discouraged from installing unauthorized apps that might compromise security, such as instant messaging, games or file-sharing programs. IT must assign permissions so that each user can access the right corporate applications and data stores.
Desktop management must also back up and protect each endpoint setup, along with sensitive corporate data stored on local endpoints. The proper control and security of endpoint systems may even affect corporate compliance with industry and government regulations.
Desktop management has become so complex and cumbersome that it is virtually impossible to accomplish through manual means. Today, it has become a subset of systems management activities, and organizations rely on sophisticated software tools that can discover and inventory hardware and software, configure the system, manage apps, manage patches, monitor activities and render detailed reports on all endpoints.
Q. Are there any standards or requirements for endpoint management? Are there any desktop tools?
Desktop management relies on several standards established and maintained by the Distributed Management Task Force (DMTF). The first standard was the Desktop Management Interface (DMI), dating back to 1996. DMI enabled a common, vendor-independent means of managing endpoints through software tools.
Although many IT vendors still continue to design to DMI 2.0 standards, the DMI standard itself is considered obsolete, and DMTF ceased development and support for DMI in March of 2005.
Today, the DMI 2.0 standard has largely been replaced by DMTF's Common Information Model (CIM). CIM provides a management language and interface supporting networks, applications and services. This allows for remote, enterprise-wide management. CIM also supports vendor extensions, allowing for vendor contributions to the overall standard. The latest CIM metamodel is version 3.0.1, dated Sept. 4, 2014.
Numerous desktop management tools are available, but it's important to exercise extreme care in the selection and deployment of those tools. Some tools may exist as point solutions with limited interoperability. Other desktop management tools may be available as components of a greater systems management framework.
Still other desktop management tools may only address a limited scope of management tasks, requiring a suite of related components to provide comprehensive desktop management. There is no particular preference of one tool type over the others, but enterprise IT leaders must understand each product's purpose and capabilities, and how that tool fits within the current data center management scheme.
For example, general-purpose tools such as Manage Engine's Desktop Central supply a wide range of capabilities such as patch and application management, software distribution, asset management, and power and device management.
An example of a suite-type desktop management product is AppSense's DesktopNow Plus, which relies on up to five components:
- Application Manager for application access without local Administrator accounts;
- Management Center for central deployment, control and reporting on user configurations;
- Data Now for secure data access and synchronization;
- Environment Manager for endpoint setup, configuration, personalization and repair;
- and Performance Manager to optimize endpoint computing resources and performance.
Dell's Desktop Authority Management Suite includes Desktop Authority Standard and Privilege Manager, which work together to create a secure user environment and ensure that applications are available with the correct user privileges.
Kaseya's suite of IT configuration management tools includes desktop migration, desktop policy management, mobile device management, and software deployment and update components.
In the next part of this FAQ, we'll look at desktop management best practices and emerging trends.
Dell's new endpoint management tools extend to iOS, Android
Data security policies help define endpoint management success
Endpoint security requires IT to manage all OSes
Don't ignore the effects of mobility on desktop management