It’s been far too long since I’ve caught up with IBM MaaS360. We’ve covered a number of announcements in the Friday Notebook, but last week I finally had a chance to talk to Wes Gyure, who leads MaaS360 EMM strategy and products, to put their unified endpoint management efforts into context.
Naturally, a big part of their UEM plans revolved around modern management for Windows 10. Since MaaS360 was originally created to provide a SaaS version of BigFix, it has always had Windows management capabilities. They added support for Windows 10 MDM APIs as they came out, and today customers that go the MDM route can also do patch management via the BigFix capabilities that are built into MaaS360 behind the scenes. MaaS360 can also support Windows 7, and one of the recent things they’ve done is make a single device enrollment URL that works across all PCs, Macs, and mobile devices.
As we’ve written many times, most companies have more complex desktop management scenarios in place, and will need some sort of bridge from traditional to modern cloud-based management. Customers that are using IBM BigFix on premises can get a special MaaS360 SKU to add on cloud-based MDM capabilities, and the BigFix agent can co-exist with MDM enrollment on devices. Admins can do MDM-based tasks in the MaaS360 console, and then when they need to do a traditional management task, the console will link to the appropriate screen in the BigFix console.
Another recent component to come into MaaS360 unified endpoint management is identity management. Of course, IBM has had various identity products for years, but this June, they launched a brand new, built from the ground-up IDaaS product, IBM Cloud Identity Connect. This allows them to do conditional access to apps based on device compliance status, and one notable aspect is that it is included with all MaaS360 bundles, including the basic ones. (Multi-factor authentication is an upsell, though.)
IBM has been doing a lot of work (and marketing!) with Watson, and MaaS360 is incorporating it into unified endpoint management, calling it Insights Advisor. Today, this can do things like surface information about vulnerabilities or patches, look at your deployment, and then tell you which devices are affected so that you can remediate.
The future vision is to take in even wider inputs. Some of the potential examples are things like: “25 users have their password expiring during the next week when work from home requirements may increase due to predicted harsh weather,” or: “Based on average life span of kiosk devices in retail, 125 of your kiosk tabs are expected to be vulnerable to an increased probability of issues during the Black Friday week.” These definitely sound interesting, but like many, I’m wondering how often concrete things like that will actually come up.
On a different note, if you’re like me, you might be wondering what happened to the MaaS360 Twitter account. It turns out that it’s been retired, and that a lot of the social media and blogging happens under the IBM Security Intelligence brand. I don’t agree with that move, but the Security Intelligence blog does have some MaaS360 content from time to time, and you can also check out the more community-oriented blog and blog and wiki with release notes.
Gabe and I are going to follow up with IBM for a deep dive and some demos, but so far the BigFix/MaaS360 integration sounds like the bridge customers will need.