Why you should secure desktops like iPhones

It’s fair to say the desktop computer has led a revolution in computing for the masses, especially in the workplace where it has become the de facto productivity tool that helps drive organisational activity.

But, like all revolutions, it is coming to an end. Or perhaps a new beginning.

The PC market recently suffered its biggest decline in history, according to research outfit IDC, based on fourth quarter shipment figures for 2015.

Worldwide PC shipments totalled 71.9 million units in the fourth quarter, a year-on-year decline of 10.6%.

This marks the biggest slump in the market to date, surpassing the 9.8% decline recorded in 2013.

So it comes as little surprise that the PC is gradually starting to lose its footing as the main player in the computing market.

>See also: Enterprise mobility management: the mobile device at work solution

The PC is no longer an architecture, but rather one of many form factors with which an individual interacts for work. The PC is not going away, but it is absolutely changing.

Inexorable moves

Employees today don’t exclusively use locked-down PCs on the corporate network but rather they use a range of devices, some company-owned and some personally owned.

These devices run a vast array of mobile apps and connect across networks that are often outside of the IT department’s control.

You just have to look at tablets to see how these changes are playing out.

Apple, Google, and Microsoft all recognise that convergence between desktops and mobile devices is taking place and they are aiming to get ahead of the curve with devices such as the Surface Pro or iPad Pro which fuse the functionality of PCs and mobile devices.

It is not only the capability set between PC and mobile that is blurring.

>See also: How enterprises will become more mobile in 2016

The underlying architecture of Windows itself is migrating to the modern architecture of mobile.

In the future, IT operations will no longer have to deploy one set of security and management products for the PC and a different set for mobile.

The advent of Windows 10 is the catalyst for unification.


On the surface, Windows 10 appears similar to Windows 7 but, beneath the bonnet, there are some radical changes that address the enterprise challenge of managing both mobile devices and desktops.

In short, Windows 10 supports the modern model of security and management called enterprise mobile management (EMM).

EMM is both powerful and agile, unlike traditional approaches.

Gartner has described EMM as “the operating system for the digital enterprise” and one that should be a first choice for managing Windows 10 because “it offers fundamentally more efficient management, addresses unmet use cases, and offers a better user experience for existing use cases.”

Windows 10 is revolutionary because it enables IT to migrate PCs from client management tools such as Microsoft’s System Center Configuration Manager and LANDESK to a more cost-effective, flexible EMM approach.

>See also: Five ways to create a robust mobile management strategy for the distributed enterprise

Traditional management tools are based on the legacy PC paradigm. But this approach is too manual and inflexible for modern computing environments as it relies on installing and managing a complex system image on the PC.

Managing a PC like an iPhone

In contrast, EMM moves away from this to a context-based policy.

This means PCs are managed and secured like mobile devices, and desktop apps are developed and deployed like mobile apps. Or, to put it another way, a desktop is managed like an iPhone.

The benefits are immense. For instance, one advantage is that the total cost of ownership of a PC could be reduced by up to 80%.

Of course, this figure varies according to deployment environments but it’s certainly achievable and one of the reasons why analysts are keen proponents of EMM.

Gartner has carried out an extensive total cost of ownership (TCO) of desktops managed by client management tools and smartphones managed by EMM.

It concluded that a smartphone annual TCO is 78% lower than PC annual TCO.

Even when adding in voice and data charges, smartphone annual TCO is 57% lower than PC annual TCO.

Re-architected to meet new needs

Windows 10 has been re-architected to move beyond client management tools to EMM.

It has recognised that today’s employees work on many devices and in different environments.

As a result, the traditional PC model, requiring devices to join a domain governed by group policy to control what employees can and cannot do, is no longer valid in the world of mobile computing.

See also: The checklist for enterprise mobile apps that are flexible yet secure

Cost savings to one side, EMM has a range of compelling security and management benefits.

For instance, it allows policies to be updated even when a computer is on an external network.

The traditional client management tool approach requires the PC to be joined to the domain and may also require user login or VPN activation for policies to be updated.

EMM also establishes a data boundary between work and personal information on a PC so sensitive corporate data is secured while the privacy of the employees’ personal data is maintained.

This approach is central to bring-your-own-device (BYOD) policies.

In contrast, the traditional management approach can’t enable this because it requires a corporate system image to be installed on every device, thereby wiping out personal data.

High touch to low touch

EMM also supports self-service and puts more control in the hands of the employee.

IT doesn’t even have to touch a device while EMM also provides a consistent user experience across multiple operating systems, including Android, iOS, and Windows 10. Traditional client management tools can’t even get close to this.

This latter point is blindingly important in today’s world of increased mobile computing.

>See also: 12 core ingredients for enterprise mobility

In effect, it allows IT to create a management strategy in which all devices and operating systems can be managed from the same console and using the same policy-driven EMM platform.

Change of guard

Old habits die hard and, in the face of traditional management approaches, EMM for all devices, including desktop PCs, may seem radical.

In fact, the thought of managing a desktop the same way we manage an iPhone will have some turning away.

But the world is changing and traditional legacy computing models are rapidly becoming outdated.

You only need to look at what’s happening around us such as the rapid surge in cloud computing and the fact that BYOD is now an established enterprise computing model.

This is why new management models such as EMM are absolutely necessary; it accommodates change, saves money and increases security – for all devices.
Sourced by Ojas Rege, chief strategy officer at MobileIron

Avatar photo

Nick Ismail

Nick Ismail is a former editor for Information Age (from 2018 to 2022) before moving on to become Global Head of Brand Journalism at HCLTech. He has a particular interest in smart technologies, AI and...

Related Topics