What’s the Future of Device Management? 5 Predictions For What Lies Ahead

What are the endpoints of your organization? They're every single device in the hands of your employees, from someone’s work laptop running Zoom in the conference room to someone’s company phone delivering Slack messages at a coffee shop halfway across the country. With the increase in mobile device usage in organizations today, and the preference for BYOD, how are you keeping track of endpoint security, especially in real time?

Every organization needs a way to manage its endpoints and keep devices secure without getting in the way of employee productivity. But according to this new report on the “State of device management,” organizations are struggling to keep up with the multitude of devices their employees use. Their biggest challenges are verifying compliance across devices, enrolling all devices into their mobile device management (MDM) solution, and maintaining accurate visibility across their devices.

However, device management is rapidly evolving, and we're going to see that evolution addressed with new approaches to endpoint security. It’s essential to maintain productive endpoints in your organization today and in the future. Continue reading about the future of device management.

The Limitations of MDM Solutions

Our report uncovered that only about half of organizations are finding their MDM solutions effective. Here are some of the likely reasons why they’re encountering hurdles.

MDMs have incomplete data: MDM solutions often can’t give you complete data. They’re not universal, showing you only a subset of your devices across multiple platforms, and you often exclude the device’s owner. Many MDMs lack feedback as well, meaning that you can't see if a change you pushed was successful.

You can get stuck with MDMs: MDMs are also difficult and slow to install. Onboarding for an automated MDM can take weeks, and will not retroactively enroll machines you own — meaning you need your employees to enroll their devices themselves. You're also limited to built-in features and have to make feature requests from a vendor and hope they prioritize it.

They're not built for developers: Integrating with an MDM can be difficult because they often have APIs that are not modern. And even if you are able to use their APIs you don't know if the data is up-to-date. It's also hard to harvest data from MDMs because they're not programmable. Most MDMs end up being black boxes where you can't see the source code.

Five Predictions on the Future of Device Management

With the growing complexity of device management, organizations need new approaches that don't have the limits of traditional MDMs. Below we’ve listed some developing trends that could change the face of device management.

Prediction 1: Developer-Led Consolidation  

In the future, there will be a consolidation of enterprise IT and security products, with many vendors being replaced by lightweight open-source libraries. Instead of layering agents and buying multiple MDM, EDR, patch management, and other products, organizations will manage millions of devices through a user interface so simple that they can be used on a smartphone. These interfaces will also have open APIs that allow complete integration. Developer-led consolidation also means that better versions of security-flavored generic tools will arise, either in the form of generic vendors adding built-in security features, or security vendors broadening their audience to support more general use cases.

Prediction 2: The Rise of IT and Security Engineering

Another prediction is that more enterprise IT and security practitioners will be able to write code — already, upwards of 40% of SecOps staff in mature organizations can code. IT and security practitioners can build automations that are highly business-specific, and create detections and integrations with software instead of just reacting to alerts. Of course, all of these automations have to be maintained, and infrastructure-as-code has become the way cloud, server, and containers are managed. Why not apply the same principles to endpoint management?

Prediction 3: Fewer Agents, More Value

Nobody likes booting a laptop with eight agents that all take up CPU power and RAM, and they usually run with elevated privileges and increase the attack surface of the system. Instead of running so many agents, organizations will find ways to run a small number that make data more accessible. Those agents will also be more extensible and allow for better security and performance. Instead of each product needing its own agent, products will get data from fewer agents, or the same agent will be reused for multiple purposes to limit the attack surface.

Prediction 4: Zero Trust as Authentication Strategy

Going forward, we’ll see true adoption of zero trust or the continuous authentication and authorization of users and systems. Certificates allowed us to authenticate client computers a long time ago, but knowing which machine is in use is only a part of the battle. Organizations need to know device status in order to build safer systems. Then, using open APIs, security and IT teams will design and implement policies that provide minimal trust. An example would be allowing access to HR data only from corporate systems that have no outstanding vulnerabilities.

Prediction 5: One Third OS for Productivity Endpoints

Finally, we'll see the acceleration of Chrome OS alongside macOS and Windows. More and more work is web-based — according to Forrester, 67% of employees rely more heavily on a web browser to do their job than they did two years ago — so why have complex clients? With more people working remotely, Chrome OS only requires people to log in. It's supremely easy to roll out, and ransomware typically does not affect Chrome OS devices.

The Future of Device Management

What is the future of device management for your organization? Having a clear understanding of your MDMs, securing endpoints, and moving toward universal device visibility will increase your security posture. It will also prepare you for a future where you can feel confident having your employees working from wherever they want to.