The Endpoint Governance technology practice area helps organizations manage the endpoints (laptops, desktops, tablets, mobile phones, home systems, etc) regardless where the device is, what operating system the device is running, whether the device is owned by the company, owned by the employee, or part of a Bring Your Own Device (BYOD) strategy. This includes integrating Apple Macs, iPads, Android, Windows, Linux, etc “devices” into an enterprise managed environment. Endpoint Governance includes having the ability to provision and deprovision devices through a well managed mobile device management strategy. Also included is the ability to strategically wipe corporate data on any device at any time. The ability to provide data leakage protection at the “data” level (ie: manage the data, not the devices) allows an organization better control of information than constantly trying to chase devices and try to encrypt devices.
The EndPoint Governance practice provides business assistance in the following areas:
Compliance/Security – delivering a set of tools and processes to deliver business policy compliance across all corporate owned devices on the corporate network and off.
Management – providing visibility and central control (provisioning, de-provisioning, updating, asset management) for all corporate owned devices.
Flexibility – delivering a consistent user experience (Application delivery, user preferences, settings migrations, XenApp, UE-V) across all user devices, including corporate and non-corporate owned
Extendibility – Extend the delivery of corporate requirements and standards to contractors, on-site partners, BYOD and temporary remote installations (on-site projects, conferences, etc.)
Visibility – providing in-depth information about user habits and practices when using devices to access corporate data.
The Endpoint Governance practice assists organizations choose, design, implement, migrate, integrate, and support a variety of products and technologies (solutions that are installed inhouse and on-premise as well as solutions that are hosted in the cloud). Some of the technologies and solutions specific to various types of endpoint devices and systems include:
Corporate Devices - Management (Windows – System Center Configuration Manager, App-V (application virtualization, User Experience Virtualization; Apple Mac OS X – System Center Configuration Manager with Quest extensions, JAMF Software Casper; Devices – Mobile Iron, Symantec Athena, Quest Software)
Corporate Devices - Compliance (Windows – BitLocker, Applocker, Group Policy Object (GPO), Desired Configuration Management (DCM); Apple Mac OS X – Apple Managed Client for OSX (MCX), McAfee Endpoint Encryption (EE), Centrify; Devices – Mobile Iron, Symantec Athena, System Center Configuration Manager)
Non Corporate Devices - Isolation (Network Access Controls & Network Access Protection (NAC/NAP); Usability – Virtual Desktop Infrastructure (VDI) – Microsoft Remote Desktop Services (RDS), Citrix XenDesktop, MokaFive), XenApp)