Solutions For Managing Endpoint Tech Are Getting Better

Businesses, particularly midsize ­enterprises, are increasingly adopting cloud-based unified endpoint management (UEM) software to centrally configure, control and secure a broad range of endpoint devices that run on different operating systems, such as PCs, tablets, smartphones and other Internet of Things (IoT) devices, analysts say.

Some use traditional software such as Microsoft Configuration Manager for PCs and more modern mobile device management software for mobile devices, says Gabe Knuth, a senior analyst with Enterprise Strategy Group.

Over time, MDM has evolved into UEM and come to encompass management of desktop PCs and laptops. UEM is gaining popularity because it unifies the management of PCs, mobile devices, applications and policies under a single console, Shelton says.

Providers are continually adding more advanced features to their UEM tools, including improved security, analytics and automation, Knuth says. Security is a huge piece of endpoint management. Some solutions add anomaly detection and risk scores, so IT staff can view the overall health of their devices and mitigate problems through a central dashboard.

“If you look at a Venn diagram of endpoint management and endpoint security, they’re overlapping more every day,” he says. Modernizing device management also simplifies device onboarding and remote support.   

How the Cloud Simplifies Device Management

Outdoor Living Supply has equipped employees with a total of about 250 Lenovo laptops and desktops and about 200 Apple iPhone devices. To manage them, the company is using Microsoft Intune as its UEM system, Microsoft Entra ID (formerly Azure Active Directory) for identity and access management, and Windows Autopilot to configure devices and onboard and offboard employees, Shelton says.

Centralized remote management is critical because the company has a widely distributed workforce, he notes. Corporate staff and store managers use laptops and smartphones, while store employees use in-store desktop computers.

Before Shelton’s arrival, there simply was no central management of PCs and mobile devices. The company did use endpoint security software and a patch management tool, but not every PC had a patch management agent installed.

“Nine months ago, we had to individually remote in to make a change to a PC. Now we can do it centrally,” he says.

The company finished migrating PCs to Intune in early 2024 and began enrolling smartphones into the UEM system. Once the project is complete this spring, Shelton plans to take full advantage of Intune. For now, he is enforcing policies, such as requiring passwords and locking down administrative rights.

Before, users could install any software on their computers. With the introduction of Intune, a standard set of apps gets pushed to every user.

Intune and Entra ID have strengthened Outdoor Living Supply’s cybersecurity posture, Shelton says. The company’s IT staffers can now see login and authentication history, the location of devices and what services are being accessed. If devices are lost or stolen, the team can remotely lock the devices and wipe them so that no corporate data is compromised, Shelton says. 

Shelton has also instituted policies to ensure that employees have a good digital experience. For example, he has adjusted the power settings to make sure that computers don’t hibernate and hard drives don’t shut off too soon, which can frustrate users, he says.   

In the future, the company will enroll personal smartphones into Intune if employees want corporate email access on their own devices. It may also take advantage of a feature in Intune that allows remote access machines to troubleshoot devices.

DIG DEEPER: Find out why next-generation endpoint security is different.

Shelton also now uses Autopilot, which streamlines employee onboarding and offboarding.

“When we get a new device from the manufacturer, Autopilot will build out the machine the way we want it,” he says. “When someone leaves the company and we want to redeploy a device, we don’t have to touch it. We go into Intune, ask Autopilot to refresh it, and within an hour, it’s a brand-new machine.”

Remote Device Management Benefits Patients

The Steve Holmes Group manages and monitors mobile devices in the healthcare space, and it’s using SOTI’s MobiControl endpoint management software to do it.  

The Cumming, Ga.-based company manages mobile Zebra devices, barcode scanners and label printers for 1,500 healthcare provider customers that use Meditech electronic health record software. For example, nurses use Zebra Android handhelds to input patient information into the EHR and use communications software to message clinicians and other nurses, says CEO Steve Holmes.

Before adding SOTI MobiControl three years ago, Holmes and his staff traveled almost year-round to be onsite to configure, manage and troubleshoot devices for customers. “We didn’t have any other way to manage it. We had to be there in person,” Holmes says. “Now, we can pretty much do everything remotely on my laptop.”

UP NEXT: Learn why it makes sense to bring a Unified Endpoint Management approach to your collaboration environments.

Devices loaded with SOTI software are shipped to customers and then connected to their respective corporate Wi-Fi networks. Holmes uses SOTI to remotely install software on the devices. “App installation, which used to take hours, is now getting done in a matter of 15 minutes,” he says. The company uses SOTI to push security patches and software updates to devices.

Holmes and his staff still visit new customers to ensure a smooth implementation and train staffers on how to use the technology. But they are traveling far less than before.

Overall, the software has allowed Holmes to provide better customer service, speed the provisioning of devices, resolve issues faster and operate more efficiently.