Creating a system that works
A learning curve
When we first started out, we manually inventoried our devices and installed updates on each device. For a start-up, that's not exactly an issue. But what happens when you have 1,000 employees? 5,000? A traditional inventory system is time-consuming and labor-intensive. As our organization grew, there were too many devices and not enough people to handle them. We decided to switch to a unified system before things got out of hand. Having an effective plan helps you save time and money. Zoho Corp's Sysadmin team handles internal processes from employee onboarding to software updates efficiently. Being able to do all those things (and more) in a uniform manner helps reduce redundant tasks. The administrative team can then focus on other important incidents.
Each device has to go through a number of teams before approval, including:
Monitors requests raised by employees, conducts asset availability checks to issue devices, and periodically updates records
Ensures device compliance with organizational and international security policies
Conducts performance evaluations, hardware selection, cost and vendor analysis, and vendor purchase negotiations
Installs the latest security updates on devices before handover to the Sysadmin team
An umbrella approach
UEM encompasses a broader aspect of device management where instead of just addressing the mobile device, it caters to any endpoint, like laptops, desktops, servers, phones, and single-purpose devices like displays. It might sound complicated, but really it’s just a combination of EMM and preexisting client management tools. UEM wasn’t really a thing until 2018, when tech research giant Gartner released its first-ever Magic Quadrant for UEM. Gartner evaluated popular UEM vendors based on their EMM capabilities.
UEM has been in place at ManageEngine for two years now. If you’ve spent time researching UEM, you’ve come across the phrase a “bird’seye view” on every blog, website, and product description—and rightly so! UEM allows you to manage, control, configure, and monitor macOS, Android, iOS, Windows, and Linux devices from one console. This single-handed approach towards application management, device management, data security, and compliance is perfect for organizations with a constantly growing number of endpoints. It offers a number of benefits, including enhanced visibility over network devices with end-user support, improved SLA resolution time, and boosted productivity when integrated with ITSM tools.
In July 2018, only 11 percent of organizations adopted UEM. By November, that number had jumped to 18 percent, and by April 2019, it reached 25 percent. That means over the course of nine months, UEM adoption in the enterprise more than doubled!
UEM is a boon if your company has legacy apps. It acts as a bridge between modern and legacy management, encouraging technological diversity. A big drawback when you rely solely on EMM is organizational fragmentation. UEM overcomes that drawback and provides administrative privileges control.
By the time we had a full-fledged endpoint management system, we learned what worked best for us. After multiple rounds of revisions, testing, and additions, we had a large-scale application that could handle a significant number of devices and scale up as needed. Our UEM tool is now one of the biggest players in the market. From the business point of view, UEM turned out to be the major requirement for evaluators, customers, and analysts alike. We are capable of managing multiple connections to mobile devices, IoT devices, and desktops from a single platform through APIs on desktop and mobile operating systems. Clients are more than happy to invest in a plan that has been tested in-house with over 9,000 employees.
Behind the scenes
What is data security without laws? Rightfully, each country has its set of rules and regulations, protecting citizens' personal information. From Singapore's PDPA to California's CCPA, maneuvering through these laws can be tricky. While the PDPA is regarded as relatively business-friendly, there's one mega law dictating the rules of the game worldwide: the GDPR. This is one of the strictest laws of data protection and privacy that a company must abide by. Although it's an EU mandate, the GDPR impacts most organizations worldwide. Regardless of whether your company deals with clients or employees in the EU or not, it's advised to be proactive and be compliant with their laws. If you have to take on employees or customers from the EU tomorrow, you shouldn't have to make drastic changes to company policies last minute. A PwC survey showed that 92 percent of US companies consider the GDPR a top data protection priority.
In our book A CIO’s guide to rethinking compliance, we discussed Zoho’s approach to tackling the GDPR.
Some of the changes we have made include:
- Standardized policies and procedures for all operations.
- Increased audits to ensure compliance.
- Data protection impact assessments: Privacy reviews for new products and processes.
- Internal data protection scores to monitor teams and their data practices.
- Privacy awareness sessions for all employees.
Following x number of principles is not a one-time change. It takes weeks to implement and requires consistent monitoring. The GDPR might seem like an inconvenience, but it pushes organizations to the understanding that the data they collect is not just a random collection of words and numbers—it is sensitive information belonging to real people. Not treating that information with the utmost care and privacy can result in an equally real threat. As a company, ManageEngine has always taken privacy very seriously. To further demonstrate our continuing commitment to privacy, we extended the GDPR data usage rights to users worldwide.
Time and tide crime wait for none
Non-compliance can lead to hefty fines. In the first half of 2020, European supervisory authorities issued at least 114 administrative fines totaling over €50 million. In 2019, Google made headlines when it was slapped with a whopping €50 million fine in France for insufficient transparency, control, and consent over the processing of personal data. That wasn't the tech giant's last negative encounter with the GDPR. In 2020, it was fined (twice!) for violating EU citizens' right to be forgotten.
Infringements of articles:
Fine up to €20 million or, in the case of an undertaking, up to four percent of the total global turnover of the preceding fiscal year, whichever is higher
Less severe violations
Infringements of articles:
Fine of up to €10 million or, in the case of an undertaking, up to two percent of the entire global turnover of the preceding fiscal year, whichever is higher