The 3 most important take-aways from the 2019 Gartner magic quadrant

campaign-creators-pypeCEaJeZY-unsplash

Every summer, we get a new magic quadrant from research and advisory company Gartner, which provides a clear overview of all the most important UEM tools. Most UEM providers look forward to this quadrant every year, because each vendor is compared on various factors: capabilities, vision, strategy, … The quadrant is an excellent way to determine the leaders in our sector. This year, there were some changes to the quadrant and our CEO Ulrik Van Schepdael listed them here for you.

1. Unified Endpoint Management is here to stay

We all still often use the term Mobile Device Management when talking about managing mobile devices, but a couple of years ago this was changed into UEM or Unified Endpoint Management. The reason for this acronym change is to clearly indicate that more traditional devices are also incorporated into UEM platforms. So, we now no longer refer to the MDM magic quadrant, but the UEM magic quadrant.

2. UEM platforms should integrate with Client Management Tools

In this year’s edition Gartner has also clearly indicated the need to integrate or co-exist with Client Management Tools. The UEM leaders in the quadrant all manage mobile endpoints, but the ones excelling, are those with the best capability to extend this to traditional PC’s and Mac’s.

I strongly believe there will never be a platform that is capable of managing ‘all devices’ properly: a modern UEM platform should not even invest in legacy Client Management techniques, that’s a waste of effort because it will probably never achieve the same level of detail and management granularity as for example SCCM, to name just one.

I would like to ask Gartner to go back in time and reinstate the Mobile Device Management Magic Quadrant. They should again include players such as SOTI and JAMF, who respectfully declare their focus. They do NOT to try to please ‘all’ but instead excel in their focus. And wouldn’t you rather work with a vendor who has a clear focus and stand out in what they do?

3. What the future will bring

The way I currently see this business evolving is that in the near future we will have a multitude of endpoint management platforms, all linked to a single device or OS vendor. The speed of evolution of each device and OS vendor makes it virtually impossible for this UEM industry to continue on its path of ‘doing it all’. So we will not see one platform taking control over every device in the workplace, and that’s ok! Our advice is to use the best platform for this specific device, OS or asset. You shouldn’t change a great management platform for something that’s less good but does “other things”.

That’s also the reason why we created an Employee Service Portal 2.0. This new workplace control center connects to multiple device management platforms and shows everything in one clear dashboard. With this portal, we no longer talk to the device but we talk to the management platform of the device. As a result you get a comprehensive overview of all assets used by that employee, irrelevant if this is Modern Management, Client Management or just Asset Management.

Click HERE if you want to read the Gartner report.

Please send an e-mail to sales@mob.co or call + 32 2 6699 500 if you want to know more about the Employee Service Portal!

On-Premise Single Sign-On, the user friendly way to stay secure finally works on Android Enterprise

adrien-VD9Hsvg3DVQ-unsplash

Seamless Single Sign-On (SSO) authentication for mobile devices is now required more than ever. As security threats are on the rise and employees rely on their phones, especially for business related activities, so there is an increased need for a centralized login system.

What is Single Sign-On and how does it work?

Entering credentials manually is frustrating and very time-consuming. But it’s even more error prone on a mobile device. Being able to respond to work-related requests in time benefits employers and employees alike. Especially when your staff is working remotely. Here is where Single Sign-On (SSO) comes in.

SSO provides your users with convenient access to authorized resources without compromising on security. With SSO the user only authenticates once through their device – this is enough to identify the user and grant access for all applications in the company.

Kerberos, the standard of SSO

The Kerberos-authentication technology is the standard to provide Single Sign-On in the enterprise context. It is used within internal environments and has a proven track record. Some of you might wonder how Kerberos exactly works.

Basically, Kerberos comes down to this: It is a protocol for authentication, that uses tickets. It will avoid storing the passwords locally or sending them over the internet – instead it uses a trusted 3rd-party server, the so called KDC. Further it is built on symmetric-key cryptography that makes it extremely secure.

You have a ticket—your proof of identity encrypted with a secret key for the particular service requested—on your local machine; so long as it’s valid, you can access the requested service that is within a Kerberos realm. Rather than re-entering your user/password credentials, your ticket (cached on your system) is used to authenticate allowing for Single Sign-On.

What about Mobile?

Single Sign-On has always been a challenge on mobile phones – especially on Android devices. While companies got the advantage of the Kerberos SSO on their iOS devices, Android users where left behind. To bridge that gap Device Admin and EMM Proprietary solutions were needed to enable it.

Now that companies have to switch to Android Enterprise the Android world is lacking this important feature. Because Device Admin is being deprecated and companies have to switch to Android Enterprise the Android world is lacking this important feature.

Seamless SSO for Android

Fortunately there is some neat Swiss-made and EMM agnostic compatible solution called Hypergate. The Swiss company behind it is developing mobile security applications for more than a decade and designed Hypergate like a Swiss pocket knife: Simple, effective and offers a lot of possibilities.

Hypergate allows a hassle-free authentication to services and lets users consume the services they need on the go. That saves time and keeps the great Android user-experience they’re used to.

It leverages the open Android account’s APIs and enables SPNEGO Kerberos SSO authentication while using system apps like Google Chrome to browse the intranet. It simulates a secure Smart Card logon and handles the native Kerberos protocol just like any other workstation in your network. The communication happens directly with your KDC (Domain Controller), no additional backend component needs to be installed.

Will it work in my environment?

Hypergate is a very flexible application – it’s compatible with all leading Enterprise Mobility Management solution including MobileIron, Microsoft Intune, VMware Workspace ONE, BlackBerry and furthermore. In addition it is device agnostic, allowing you to have a fully diverse BYOD fleet.

The application can be deployed to all employees via the managed google play store. Besides, Hypergate does not require any infrastructural changes at all. Allowing you to set up SSO in hours, not months.

Truly Mobile with Hypergate

A recent update of Hypergate makes Passwords Expirations, Password Changes and Password resets a pain point of the past. It was often the case that if your support team was resetting your password, you were forced to change the password on a Windows machine. Finally your employees can be truly mobile. No dependence on having to use a computer to complete their work. This helps to eliminate the cost of support time.

Get in touch with us if you want to know more about Single Sign-On and Hypergate. We are a certified partner of Hypergate and we are keen to show you what impact Hypergate can have in your work environment.