News, news analysis, and commentary on the latest trends in cybersecurity technology.

Understand the True Cost of a UEM Before Making the Switch

When investing in a unified endpoint management solution, prioritize the needs of your network and users ahead of brand names. This Tech Tip focuses on questions to ask.

Chuck Brooks, President, Brooks Consulting International; Adjunct Professor, Georgetown University

October 27, 2023

4 Min Read
 Endpoint Protection Concept - Multiple Devices Secured Within a Network
Source: Luis Moreira via Alamy Stock Photo

A high-caliber, enterprise-grade unified endpoint management (UEM) solution is more critical than ever in today's remote, hybrid, and constantly fluctuating work landscape. If you're in procurement or finance, you're likely under a lot of pressure to choose the right one. You must drive operational efficiency through cost savings and overhead optimization.

For many organizations, Microsoft Intune (rebranded from Microsoft Endpoint Manager [MEM] and generally sold as part of an MS Enterprise License Agreement [ELA]) looks like a solid choice for endpoint management. It's a cloud-based solution with clear name recognition. Another plus: Microsoft's Intune plan pricing seems very approachable.

Other options have less name recognition than Microsoft but may be a better fit depending on an organization's needs. For example, according to G2, Ivanti Neurons for UEM gets high ratings for quality of support and ease of use. Atera offers particular expertise for small businesses. NinjaOne is rated well for being "a good partner in doing business."

The upshot: Organizations should not be making purchasing decisions based on brand name and pricing. Instead, companies should look beneath the surface before investing in technology, particularly in high-stakes scenarios with serious return on investment (ROI) potential.

What to Ask Before Investing in a UEM Solution

We cannot attempt to discuss the pros and cons of every major UEM solution available. With that in mind, here's what I recommend asking when evaluating a UEM solution:

  1. What type of devices will I be using the UEM solution for? Is it primarily mobile, mostly laptops or desktops, or a combination?

  2. Are my endpoints dispersed regionally, globally, or mostly on-site behind a perimeter?

  3. How is my IT help desk going to support and troubleshoot these devices? What is the additional cost per year to support?

  4. How many employees will be involved, and what's the cost per employee?

  5. What are the licensing agreements like? Do I need to buy a whole pie when I only want a slice?

  6. How is pricing structured? Will it scale based on usage?

  7. Do my employees exclusively use one type of device and operating system or a mix? If it's the latter, will the UEM solution work just as well regardless of the device type and OS used?

  8. Would my IT and security team benefit more from a central dashboard with a single-pane-of-glass view or integrated Mobile Threat Defense capabilities?

  9. How does the solution integrate with my other vendors/solutions and third-party apps?

  10. How many more IT employees will it take to manage? Does it require more servers?

Some of those questions might sound overly technical to those in finance and procurement, but your answers can significantly affect your true usability and costs.

Get the Full Picture of Your Total Cost of Ownership

As a rule, technology must suit the organization using it, and no technology solution is suitable for everyone. Total cost of ownership, for instance, is important, and it varies among solutions. Let's look at Intune as an example.

For all its strengths and lightweight supports on operating systems such as Android and macOS, Intune is not recommended for some verticals and businesses that require robust support on third-party applications. It is not intended as a complete systems-management platform. Part of the reason it might look like you're saving money by switching to Intune is because it's built primarily for a narrow subset of needs — and those needs are more cost-effective for Microsoft to handle.

Suppose you have diverse endpoints and many third-party apps to manage and integrate. In that case, you'll end up in a tough spot — either tolerating significant vulnerability or shelling out more for a comprehensive solution to pick up the slack. You'll also likely need to acquire additional software to run on certain operating systems. Furthermore, Microsoft charges additional costs per year for its Remote Help/Remote View of mobile devices.

There are more gaps like this, but perhaps most critically for finance, Microsoft Intune's pricing is based in part on the volume of data transmitted. These usage fees are challenging to predict and budget for and can add up. It becomes problematic when deciding between facilitating an unlimited flow of protected data or managing costs. Additionally, I've seen many enterprises having to buy more servers to manage Intune and hire additional administrators to manage those servers.

The Bottom Line for Your Bottom Line

In this example, Microsoft Intune is a fantastic option if:

  • You need a robust solution for lightweight mobile applications mainly on the same OS.

  • Your use case is straightforward enough that a single-pane-of-glass view isn't relevant.

  • The numbers look favorable based on your usage needs.

If you have more complicated requirements, perform due diligence to identify more flexible options.

Regardless of where you end up, do not go without a UEM solution. Your company's security depends on it.

About the Author(s)

Chuck Brooks

President, Brooks Consulting International; Adjunct Professor, Georgetown University

Chuck Brooks is president of Brooks Consulting International and a consultant with over 25 years of experience in cybersecurity, emerging technologies, marketing, business development, and government relations. He served as Adjunct Faculty at Georgetown University's Graduate Applied Intelligence Program and the Graduate Cybersecurity Programs. He taught courses on risk management, homeland security, and cybersecurity. Brooks also helped design a certificate course on blockchain technologies.

Additionally, Chuck Brooks developed content, designed, and taught a graduate course called "Disruptive Technologies and Organizational Management," now in its second year. He speaks at the University about the topics of cybersecurity, intelligence, and emerging technologies.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights