macrovector - Fotolia
How to evaluate UEM, MDM platforms for IoT and wearables
Wearables and IoT devices can benefit enterprise organizations, but it's important to secure and manage. Evaluate a UEM to determine if it has proper IoT support.
Enterprise organizations are beginning to realize the value of IoT devices and wearables, but it's often a challenge to manage and secure these devices in the same way as the rest of the organization's device fleet.
There is a variety of enterprise use cases for IoT devices; most use cases involve some form of remote monitoring. For example, a device can attach to a waste management company's dumpster with sensors that relay when the dumpster is full and designs a schedule for efficient pickup. MIT is developing IoT devices that connect to a safety harness for energy companies. These connected devices prevent workers from improperly operating a harness above a certain height. Another MIT product is a weight sensor for boot soles that vibrates when a worker lifts a load that is too heavy.
Unified endpoint management (UEM) and mobile device management (MDM) platforms have limited support for IoT and wearable devices, so IT admins should familiarize themselves with the features that they should prioritize when looking to manage IoT devices.
How to evaluate IoT device management
There is a variety of major UEM vendors, and most of them claim to support and manage IoT devices -- but they have mostly just skimmed the surface. UEM platforms are good at supporting mainstream devices, such as smartwatches, and there is some support for Google Glass, augmented reality (AR), mixed reality and virtual reality (VR) head-mounted displays, or HMDs.
It makes sense for UEM vendors to support these mainstream wearables since smartwatches can access email, collaboration, text and other business applications and should be managed like any other mobile device. It's also important to manage less mainstream IoT devices, including devices for health and safety, in addition to business-specific devices, if an organization deploys them. Unfortunately, traditional UEM products are not able to handle these. Not all IoT devices may require monitoring, however. The vibrating boot sensor, for example, probably does not need to be secured or connected to the corporate network, but the safety harness sensors will provide vital safety information on workers. Organizations should carefully determine which devices should and should not be monitored.
Until UEM products support these niche IoT devices, there are products such as Augmate, a management tool for IoT and wearables. It supports products such as RealWear, Vuzix M400, Epson Moverio, Google Glass, Pico G2, Intel Recon Jet Pro, Optinvent ORA-2 and Microsoft HoloLens, as well as iOS and Android devices. Augmate doesn't manage PCs and laptops, however. IT admins could potentially combine Augmate with a traditional client management tool to handle device management across the organization, but having separate management consoles could introduce complications.
UEM, MDM support for IoT and wearables
Enterprises that are interested in managing traditional IoT devices, such as smartwatches, can rely on most of the popular UEM vendors. Most vendors will claim to support IoT, but few will actually list products and features to support that claim. Several vendors provide marketing bullet points and even a white paper or two about wearables or IoT but do not provide any product information. Organizations should contact the vendor's sales department if its website does not explain IoT support capabilities.
When choosing a UEM or MDM product for IoT devices, organizations should focus on simplicity. IoT devices are not like laptops or smartphones; they often don't have a keyboard, monitor or screen. They require minimal to no user interaction.
Organizations should prioritize the following UEM and MDM features for IoT and wearables:
- Simplified provisioning and enrollment. The UEM product should self-enroll and easily provision IoT devices and add them to a management database. This should include the ability to build a staging package in which IT admins can define devices by security or application groups with appropriate deployment and configuration policies. IT may need to disable the USB port for security reasons for devices that salespeople use, for example, while engineers will need the USB port enabled for their work.
- Lifecycle management. Beyond initial deployment, the product should provide management of patches, updates, application and software development, and deinstallation.
- Security. Wearables are corporate entities that must adhere to security policies. Management products must be capable of enabling and enforcing these policies, including via remote wipe.
- App deployment and configuration. IT staff should be able to track, manage and collect data from the device, depending on device capabilities. An SDK enables IT to build and manage the app lifecycle to manage the device.
- Kiosk support. A kiosk runs on cruise control in a demonstration or public access mode. If the device has this capability, there must be secure methods to lock down and control the device.
- Remote management and support. Remote controls must be available to manage, control and support the device.
Only five vendors provide detail about support for IoT and wearables on their websites: VMware, 42Gears, Microsoft, SOTI and IBM. Most vendors support Android, either through Android Enterprise or Android Things. Android Enterprise is Google's program for Android device management and is used in inventory scanners, AR, VR, asset tracking, inventory management, kiosks, biometrics and various sensors; it also features zero-touch enrollment.
Google and Apple smartwatches run Wear OS and WatchOS, respectively. Smartwatches are fairly easy to support. AI products, such as VR headsets and Google Glass, have a good amount of support as well.
Windows 10 IoT is a major IoT OS. The name is somewhat new, but this is the old embedded Windows that ran point-of-sale devices, kiosks and similar devices for years. It was part of Intune, which has been merged into Windows Endpoint Manager. Windows 10 IoT is device subscription only and does not support devices enrolled via user profiles.
IT admins must build use cases that apply to their organizations and then identify a product that can support those use cases. Traditional UEM tools are moving forward, but they may never be able to manage disparate IoT devices, such as the MIT safety harnesses or the dumpster sensors. When organizations evaluate UEM or MDM tools for IoT support, they shouldn't always rely on website information; they should send inquiries to sales and schedule demos to get the most comprehensive analysis of products.