Emily
Brown

Modern desktop management for driving digital transformation

Emily Brown

May 4, 2021

11 min read

Computers entered the workplace in the 1970s-80s, and in the 1990s, the wide-scale adoption of the Internet changed the way we worked forever. Now, in the 21st century, we have desktops, laptops, notebooks, and countless mobile devices as our work devices. Even though more and more mobile devices are making their mark in the enterprise, the classic work laptop/desktop has never gone out of style. Personally, I still use my Mac to get most of my work done. More often than not, the work computers contain sensitive data, which could really deal a blow to the organization if leaked. Now, imagine all these devices remaining unmanaged.

Sounds like an absolute nightmare, doesn’t it? That’s where Desktop Management comes in. If you have any experience managing the devices for your organization, you may already be familiar with terms like Group Policy, Active Directory and Mobile Device Management. There are both on-premise and cloud solutions to manage the devices. Which one does the job better? And what is Modern Desktop Management? How can you implement Modern Desktop Management in your organization? These are some of the questions that we attempt to answer in this blog. 

What is Modern Desktop Management? 

Modern Desktop Management is configuring, managing and securing all the computer systems in your organization or enterprise using a cloud solution. A Unified Endpoint Management (UEM) solution like Hexnode is a good example of a Modern Desktop Management solution. Hexnode is a SaaS-based software that allows you to manage your Mac and Windows computers at one place. The admin can sign in to their Hexnode portal anywhere from any device after authentication and manage the mobile desktops simply without the hassle of physically handling the devices. 

How are we defining “Desktop”? 

Modern management for desktops
In this blog, by desktops, we mean “Modern Desktops”. A modern desktop is any interface through with the end-users can access the corporate network, apps, data and other resources. The device could be either domain-joined,  non-domain-joined or even a virtual desktop. It could have a macOS or Windows operating system.  

What is the need for Modern Desktop Management? 

We are not living in the days when it was enough to manage the large workstations installed in the office with a well-placed server and Active Directory. The year 2020 packed a decade of digital transformation within it, and the trend of working from anywhere has continued. The traditional methods of managing desktops would not be very effective in managing such remote endpoints. Rather than leave these devices unmanaged and exposed to the many security threats out there, it is important to move to Modern Desktop Management.  

  • Simple to the point that it can be done by even beginners 
  • Ability to manage both Mac and Windows in one place 
  • Enforce custom compliance rules on the managed devices 
  • Saves time, more efficient 
  • Flexible and highly scalable 
  • No dependency on high-end hardware for managing the devices 

What came before Modern Desktop Management? 

There is a rich history of desktop management for both Mac and Windows. One may argue that the traditional methods works fine, but there are some instances where they don’t. They have just become obsolete. Let us take a look at some of the prominent traditional methods for the two prominent desktop operating systems – Windows and macOS: 

Traditional management methods for Windows 

IT admins have been using Microsoft Active Directory and using Microsoft Server to deploy group policies to the domain-joined Windows endpoints. If we compare Group Policies and a UEM, we cannot completely say one is better than the other. Both have its pros and cons, and choosing the best option would depend on the use-case of the organization. For example, if the employees are always on the move and work remotely, then it would not make much sense to manage these devices using only local Group Policy Objects. On the other hand, if the IT admin wants very granular management for devices installed at the workplace, it would be better to go with the traditional method.  

Microsoft also provides a software configuration manager – Microsoft Endpoint Configuration Manager. Previously known as Microsoft System Center Configuration Manager (SCCM), it allowed the admins to manage Windows endpoints and had features like remote control, operating system updates, patch management, network management, etc. This may sound close to what a UEM does, but the major difference lies in the ease of use. SCCM has a complex toolset that would present a steep learning curve for a new admin. On the other hand, a UEM like Hexnode is remarkably easier to comprehend even for novice admins.  

Now, if your organization already manages the devices using SCCM, it may seem like a daunting task to move to a UEM solution. However, it is simpler with a UEM that supports SCCM integration. Instead of completely ditching your older method of management, it could be smarter to go for a hybrid model of management, getting you the best of both worlds. 

Traditional management methods for Macs 

Apple started focusing on the device management capabilities of the Mac computers only after OS X 10.7. That is when Apple built in the MDM framework for Macs. Unlike Windows, Mac does not have wildly popular options for device management other than UEM. Methods like imaging and using Apple Open Directory were inconvenient and didn’t pick up the trend. Currently, the best method to manage Macs is to use a UEM solution integrated with an Apple Business/School Manager account. This method unlocks the most management capabilities in Mac Desktop Management, which we will discuss in detail later on. 

Modern Windows Management 

What can an IT admin do with Modern Windows Management? With Hexnode UEM, you can manage and secure your Windows devices with features like:  

Full Device Encryption

Full device encryption – BitLocker 

Data is the most important thing in any enterprise, and it is important to secure the corporate data away from the prying eyes. BitLocker protects the PC by fully encrypting the drives attached to the computer. You can remotely configure BitLocker settings for all managed Windows devices using Hexnode UEM.

Network Management

Network Management 

For the managed Windows devices, the admin can configure a Wi-Fi network on the Hexnode portal so that the devices connect automatically to the Wi-Fi network without prompting the user for the password.  

Location Tracking

Location tracking 

Lost or stolen devices are a point of concern to any IT admin. Especially with the working from anywhere trend, the chances of misplacing a device becomes higher. If the lost Windows devices are enrolled with Hexnode, they can be tracked from the Hexnode portal if the location tracking feature is enabled.  

Application Management

Application Management 

Remotely deploy apps, blacklist unwanted applications or whitelist the needed applications in the managed devices with Hexnode. Configuring mandatory apps would automatically push the mandatory apps to the devices. The devices that do not have the mandatory apps would be marked as non-compliant.  The application can be silently installed in the managed device with zero intervention from the user.

Doubles as Windows Kiosk Software

Doubles as a Windows Kiosk software 

Windows 10 Kiosk Mode is a lockdown mechanism that allows the IT admin to lock down the managed device into a single app or a set of apps. This could be used for setting up POS devices or simply setting up restricted work accounts. Instead of using separate software to lock down the Windows devices into Kiosk Mode, the IT admin can use Hexnode UEM to manage and lock down the device. 

Windows Scripting

Automate tasks with Windows Scripting 

Often the IT admin has to do repetitive and iterative actions such as refreshing the devices, remotely pushing configurations to each new managed device and more. With scripting, the admins can easily automate such tasks and save both time and effort. The custom scripts can be remotely executed with your Hexnode UEM account. 

Threat Management

Threat management with Windows Defender

Hexnode allows the admin to configure various Microsoft Defender settings for the enrolled devices. Microsoft Defender is an anti-malware tool by Microsoft for Windows. It provides real-time protection against malware and other software threats.

Integrations

Integrations to make device management smoother 

As we mentioned before, it would be a hard choice and a hassle to completely migrate the users from SCCM or Active Directory. Rather than making such a difficult choice, you could choose to integrate the Active Directory, Azure Active Directory and/or SCCM with Hexnode UEM for a complete and seamless management experience. 

Modern Mac Management 

 

Hexnode’s Modern Mac Management allows you to manage your macOS devices with management capabilities like: 

Out of the box enrollment

Out-of-the-box enrollment 

The devices are enrolled into Hexnode right out of the box when the user turns on the device for the first time. This can be done by making use of the Device Enrollment Program (DEP) by Apple. On integrating your Apple Business Manager account with Hexnode, the admin can use DEP to enroll the business Macs. 

App Management

App Management 

Mac has a more sophisticated app management as compared to Windows. In addition to deploying apps and app whitelisting/blacklisting, you can also create custom app stores for the end-user. With Apple’s Volume Purchase Program, the apps can be purchased and deployed in bulk to the managed Macs. 

Account Management

Account Management 

Manage the user’s email, Exchange ActiveSync, CardDavCalDav accounts and more by configuring it remotely with your Hexnode account. 

Security Management

Security Management 

With Hexnodethere is a myriad of options to secure your managed Macs. FileVault is Apple’s full-disk encryption for Macs. Enabling FileVault would prevent unauthorized access to the information stored in the Mac by encrypting the disk. You can also configure Firewall settings, block or allow specific websites, deploy OS updates, configure VPN and do a lot more with Hexnode. 

OS updates Management

OS updates management

OS updates often contain security patches along with new features and functionalities, and it is a common user behavior to postpone the updates. Hexnode helps the IT admin to enforce or even schedule the OS updates on the managed Macs.

Mac Scripting

Automate tasks with Mac Scripting 

Just like in Windows, you can also deploy custom scripts for Mac and automate iterative tasks. To learn more on executing custom scripts on Mac devices with Hexnode, check out this blog 

How to switch to a Modern Desktop Management Solution? 

There is no dearth of UEM solutions in the market, but Hexnode stands out with its exceptional user interface and its comprehensive management capabilities for both Mac and Windows in a single solution. Now, the question is, when and how to implement the Modern Desktop Management solution in your business? 

  1. There is no management solution in place for your organization. 
  2. Traditional methods are deployed, and you wish to switch to Modern Desktop Management. 
  3. A Modern Desktop Management solution is deployed, but you are looking to migrate to a better option. 

In all three cases, the first step is to create a Hexnode trial account. Try out the different policies, configurations, and features with test devicesMake complete use of the comprehensive help documentation, blogs, and excellent customer support to come up with a modern desktop management strategy for your organization.  

In this age of digital transformation, it is just a matter of time when enterprises move completely toward modern desktop management. Start your journey today with a single click.

Share
  •  
  •  
  •  
  •  
  •  
Emily Brown

Reading is therapy and writing is healing...sincerely, a cool nerd.

Share your thoughts