Technology News
-
At CES, PC makers aim for business, highlight AI-ready hardware
Enterprise computers are often the ugly ducklings of the PC world, viewed as dull, slow and less feature-rich than their consumer counterparts. But vendors at last week’s Consumer Electronics Show launched a selection of business machines (alongside their consumer offerings) hoping to capitalize on the rise of generative AI (genAI).
Despite the focus on AI PCs or Copilot+ PCs, analysts said the vendors might be a bit ahead of the market.
“I liken it to the dot.com era,” said Tom Butler, executive director of portfolio and product management for Lenovo’s worldwide commercial notebook business. “…When the dot.com era kicked off, companies immediately said, ‘I need a dot.com instance.’ …So, it’s very much like that right now. Companies, as we move into this AI PC era, [say] ‘I need an AI PC.’”
Here’s a look at some of the noteworthy business PCs announced at CES 2025 and analysis of whether vendors are hitting the mark for enterprise customers.
Asus
In addition to its Zenbook and Republic of Gamers (ROG) offerings, Asus unveiled the enterprise-focused ExpertBook B5, ExpertBook B3, ExpertCenter P400 AiO, and ExpertCenter P500. Although they’re not Copilot+ PCs (their neural processing unit (NPU) isn’t powerful enough), they qualify as AI PCs; both B5 and B3 laptops include Intel vPro for manageability and have passed the MIL-STD 810H durability tests. Neither is super light, tipping the scales at about 3 pounds.
The B5 supports up to 64GB of RAM and up to a 2TB SSD with RAID support, has an all-metal design, 16-in. screen, and security features including a fingerprint reader, facial recognition, and a smart card reader.
The B3 has either a 14-in. or 16-in. display, supports up to 64GB of RAM and up to 1TB storage in dual SSDs. And it offers a variety of ports — USB-A, USB-C, HDMI, and even an Ethernet port. (The B5 lacks Ethernet, unless you have a USB dongle.)
On the desktop side, the ExpertCenter AiO (all-in-one) comes in two models, one with a 27-in. display, the other with a 24-in. screen. The P500 is a mini tower supporting up to 64GB of RAM and up to 4TB storage on one SSD and one hard drive.
Dell
While Dell’s rebranding plans, announced at CES, might be a bit perplexing, the company did introduce several new Dell Pro models “designed for professional-grade productivity.” They come in several flavors: Base, Plus, and Premium, and all qualify as Copilot+ PCs, based on their specs.
At the Base level, there are the Dell Pro 14 and Dell Pro 16, designed to “deliver essential performance for everyday productivity,” Dell said. They feature Intel Core Ultra 5 processors, 16GB of RAM and 256GB of storage, and screen resolution of 1920×1200 pixels.
The company also announced Dell Pro desktops, powered by either Intel or AMD processors, available in micro, slim, and tower form factors. They are, Dell said, the company’s first commercial desktops with NPUs.
One step up are the Dell Pro 13/14/16 Plus, with up to 32GB of RAM and 1TB of storage. They come in laptop or 2-in-1 form factors and use the same system BIOS to make ordering and management easier for IT departments. Dell claims up to 18.2 hours of battery life for the Pro 14 Plus, and 12.6 hours for the Pro 16 Plus.
At the top of the heap are the Dell Pro 13/14 Premium models. They’re the slimmest and lightest member sof the Pro portfolio, starting at 2.36 pounds. The Dell Pro 13 Premium offers up to 20.8 hours of battery life; the Pro 14 Premium provides up to 21.2 hours. Each can be ordered with an Intel Core Ultra 7 processor, up to 32GB RAM and up to 1TB of storage.
HP
HP’s EliteBook line expanded with the company’s announcement of a trio of Copilot+ PCs. The HP EliteBook Ultra G1i Next Gen AI PC is, HP said, designed for executives, with its 14-in. UWVA OLED screen on the Intel-powered model. (The Qualcomm model offers WLED screen technology.) They can have up to 32GB of RAM and up to 2TB of storage for the Intel version, or 1TB of storage for the Qualcomm version. HP touted “studio quality” microphones and a 9-megapixel camera for high quality video calls.
The HP EliteBook X Flip G1i Next Gen AI PC has multiple use modes, including laptop, tablet, and tent configurations, with up to 32GB of RAM and up to 2TB of storage. Like the Ultra G1i, it has a 14-in. screen, although touch comes standard (it’s an option on the G1i) and it’s a WLED display, not OLED.
The HP EliteBook X G1i Next Gen AI PC is powered by either Intel or AMD chips. The Intel model can hold up to 32GB of RAM; the AMD version offers up to 64GB. Both models can have up to 2TB of storage.
The EliteBook X machines will be available in March, with HP saying only that the Ultra G1i is “coming soon.”
Lenovo
Lenovo launched an impressive array of devices, and the two models specifically aimed at businesses both contained surprises.
The ThinkPad X9 14- and 15-in. Aura Editions are sleek, thin and light notebooks tested to meet MIL-SPEC 810H standards. Lenovo claims all-day battery life,and says the machines are designed to allow easy servicing of the battery and SSD. They offer up to 32GB of RAM and 1TB of storage.
One thing, however, is missing: the X9 is the first ThinkPad to forego the trackstick. Lenovo hastened to note that it’s just for this model — other ThinkPads will continue to have the trademark red nub in the middle of their keyboards.
Two years ago, Lenovo showcased a laptop concept with a rollable screen; this year, that concept became a reality. The ThinkBook Plus Gen 6 Rollable’s 14-in screen expands upwards at the touch of a button, growing to 16.7 inches and providing 50% more screen space. As with the other new models, it offers up to 32GB of RAM and 1TB of storage.
It is not a budget-friendly device, though; prices start at $3,500.
AI a gimmick?
As for whether these systems meet enterprise needs, analysts weighed in on what they’re seeing in the current PC market — and they were somewhat dismissive of the AI hype.
“Current AI features are over-hyped and largely invisible or are seen as ‘that’s nice to have’ to business unless the users are proactive in finding more detailed features,” said Ranjit Atwal, senior director analyst at Gartner. “All in all, businesses are unlikely to pay more than 5% above normal prices for an AI PC.”
“I think the AI laptops are a gimmick for the most part, efforts by the OEMs to stay relevant and bottle lightning if they can,” said Jeremy Roberts, senior research director at Info-Tech Research Group. “I have yet to have any of my enterprise or mid-market clients profess to be excited or tell me they’re changing their refresh cycle or anything to incorporate AI features at the PC level.”
IDC’s Ryan Reith, group vice president, Worldwide Device Trackers, said he saw some interest in AI PCs early in 2024, but noted it has since waned.
“What we gathered throughout most of last year, especially around the middle of the year, is that large enterprises and most developed markets around the world were allocating budget for these genAI PCs,” Reith said. That enthusiasm declined in the second part of 2024 amid concerns that Microsoft and its partners had not delivered on expectations.
What’s important to enterprises
According to Roberts, genAI features have not excited the enterprises he deals with. “Things that excite enterprises are Autopilot compatibility for seamless deployment, TPM chips for encryption, specialized screens to limit viewing angles, decently powerful CPUs/GPUs depending on the use case, and repairability,” he said.
“I don’t think AI features even make the top 10,” Roberts said. “Most organizations won’t be consuming AI features locally anyway — they’ll use cloud services like CoPilot or Gemini.”
Reith cited feedback from the head of commercial sales for a large OEM who said with tightened budgets and uncertainly about what can be achieved with genAI PCs, companies are shifting their spending to mid-range computers. They don’t qualify as Copilot+ devices, but are still very good PCs.
“If you get 200 PCs at a mainstream level, as opposed to 50 at a premium level, they’re going more towards the 200,” he said.
Roberts agreed: “Modern laptops are generally more than capable of handling the typical knowledge worker’s day-to-day. A Dell Latitude 5000 or 7000 (Dell Pro now?) series or a run-of-the-mill ThinkPad from Lenovo won’t struggle with Slack, Teams, or PowerPoint.”
As for what corporate users want, size and weight are often key, Reith said — and companies are now listening to their employees rather than choosing what they think they want.
“The thin and light PCs are the trend,” Atwal said, adding, “businesses essentially want to future proof their PCs with AI capabilities so [want to] have them include an NPU.”
Lenovo’s Butler said the configuration sweet spot has shifted; it’s now 32GB of memory and a minimum 512GB of storage. And screen sizes have edged up.
“Most business laptops are in the 14- to 16-in. range,” said Roberts. “Anything smaller is quite cramped. Anything larger can be cumbersome to lug around — not to mention more expensive.”
Whither AI PCs, then?
Reith and Roberts differ on the fate of the AI PC/Copilot+ PC.
“AI PCs are a solution looking for a problem,” Roberts argued. “Most end user computing managers won’t be swayed by this branding and additional feature set. … AI will continue to be delivered primarily via the cloud. I expect the CoPilot+ PC will go the way of the Ultrabook: branding attached to computers that are only marginally relevant to the people who buy and use them.”
Reith, however, believes it’s more an issue of timing. “There’s a necessity to have on-device AI,” he said. “It’s just getting pushed forward a little bit to when that inflection point really starts to kick in.
“…I’m trying to use my words cautiously, because we do not believe that this is dead in the water. It was a good chance that then passed. It’s just that the timing was really bad, which no one could have predicted. … But nobody’s really backing off of the developments. Supply side is now just shifting some of their business plans around products.
“…Whatever we thought was going to be the genAI PC volume in 2025, it’ll be slightly less than that, in our opinion,” Reith said. “But a lot of that will just get pushed forward to a ramp up that’s maybe more towards the end of this year, and certainly into 2026.”
-
Smart glasses’ appeal comes into focus at CES 2025
Smart glasses attracted a lot of attention at last week’s Consumer Electronics Show, with a range of devices on display that combine lightweight frames with functionality such as heads-up displays and AI-powered assistants.
These contrast with the mixed-reality headsets that created a buzz early in 2024, including Meta’s Quest 3 and Apple’s Vision Pro – both of which are much heavier devices designed for shorter periods of use.
JLStock / Shutterstock
“This year, the focus definitely seemed to be more on smart glasses than on headsets, in part because the Ray-Ban Meta smart glasses were a huge hit last year,” said Avi Greengart, president and lead analyst at Techsponential.
Smart glasses require “purposeful compromise,” when it comes to balancing functionality with a lightweight form factor, and “different vendors are making different decisions,” to achieve this, said Greengart.
Halliday’s smart glasses, for example, project text and images directly into the wearer’s field of view. This is perceived as a 3.5-in. screen that appears in the upper-right corner of the user’s view, and remains visible even in bright sunlight, Halliday claims. A “proactive” AI assistant — which requires a Bluetooth connection to a smartphone — enables features such as real-time translation in up to 40 languages, live navigation for directions, and teleprompter-style display of notes.
Halliday
At 1.2 ounces, they’re even lighter than Meta’s glasses (which at 1.7 ounces are only marginally heavierthan regular Ray-Bans). Halliday’s smart glasses are available for preorder for $489, with shipping expected to begin at the end of the first quarter of this year.
Even Realities also offers a minimalist take with its G1 smart glasses, which start at $599. These include a micro-LED projector that beams a heads-up display onto each lens, while an AI assistant enables live translation and navigation when paired with a smartphone.
Another vendor in the space, Rokid, recently announced its Glasses, a lightweight (1.7 ounces) aimed at continuous use through the day. In addition to a simple green text display and intelligent assistant, Rokid’s device also packs a 12-megapixel camera for image and video capture into the frames.
Nuance Audio — owned by Meta’s Ray-Ban partner, EssilorLuxottica — has an even more focused product: glasses that integrate a hearing aid into the frames. “When you need a bit more help hearing someone, you turn them on and the glasses amplify the sound of the person you are looking at and direct it to speakers on the glasses stems that are aimed at your ears,” said Greengart.
Meta is rumored to be have an updated version of its Ray-Ban devices slated for release later this year. They his will reportedly feature a simple display to show notifications and responses from Meta’s AI assistant. Meta has sold more than a million Ray-Ban smart glasses to date, according to Counterpoint Research stats.
“Most of these glasses are ones that I wouldn’t mind wearing out in public,” said Ramon Llamas, research director with IDC’s devices and displays team. “We’re finally seeing designs that look and feel less bulky, and we’re getting into a bunch of styles instead of the usual wayfarer design.”
Other glasses, such as Xreal’s One Pro and TCL’s RayNeo X2 (marketed as “augmented reality” rather than “smart” glasses), are heftier and act as a portable display, with the ability to watch videos and access apps when tethered to a laptop or smartphone.
Although demand for smart glasses is still in its infancy, shipments are expected to see a compound annual growth rate of 85.7% through to 2028, according to recent IDC stats. These “extended reality” devices will soon be the second largest category within the broader AR/VR market, IDC predicts, with several million devices sold each year.
IDC
Though many of the devices shown at CES are largely aimed at consumers, some smart glasses are also being tailored to enterprise customers (Vuzix being an example).
As the technology matures, Llamas sees a growing range of business use cases for smart glasses: capturing visual information hands-free, for instance, or live translation, which could also be useful for business travelers.
“This is where having access to business apps can help, especially if you can speak into those apps to execute a task and the smart glasses can handle that,” said Llamas. “I think we’re still a ways off from that actually taking place, so for now, expect smart glasses to be mostly within the realm of consumers — specifically tech enthusiasts and cognoscenti.”
-
Europe takes a second look at Apple’s DMA compliance
The European Commission (EC) might have at last seen the sense of pulling back on some of its scrutiny of big tech, which could yet benefit Apple and Google. For many, this will be a welcome step, though critics will continue to criticize.
What’s happening, according to Reuters, is that the coming Trump presidency has “encouraged” Europe to take another look at how it is probing big US tech firms under the Digital Markets Act. The report claims the EC will review all its current probes, and that this review could affect current decisions and fines. Investigations will continue until decisions are reached, the report claims.
Europe has not confirmed the claims, and in a subsequent statementdenied its actions were under review; it said instead it was looking at resource allocation and investigation progress. “What we do have is upcoming meetings to assess maturity of cases, to assess the allocation of resources and the general readiness of the investigation,” the spokesperson said.
If the original claims are true, they do not represent the sudden onset of common sense, or any realization among the regulators that they are going too far in their attempt to create an utterly homogenized mobile ecosystem. Instead, the review has been in part prompted by the imminent Trump Administration. US tech giants have been lobbying the incoming president to challenge EU scrutiny of them.
Trump will be sworn in on Monday.
What this means for tech firms — and Apple
The review means Europe could choose to alter the scope of the probes against tech firms, including Apple.
All cases launched under the Digital Markets Act since March 2024 will be under review, the Reuters report claims. The review also means that all decisions and potential fines will be put on ice pending completion of the review; that’s significant, given the maximum fine that can be levied under this law is up to 10% of a company’s global annual revenue.
Any such pause would be positive news for Apple, as it gives the company an opportunity to lobby for less punitive outcomes and a more constructive compromise in which its platforms continue to provide unique features unavailable elsewhere.
The hill Apple will likely be fighting from will include arguments concerning the privacy and security of its users; the company’s support for those values is pretty much unique at this end of the industry. It is worth noting that Apple was making arguments pertaining to such things literally years before the rest of the industry began to echo its concerns. The company’s focus on those things also lines up closely with Europe’s own views on privacy, as evidenced by GDPR.
At the very least, the review does buy Apple time to improve its business systems to better match what it now knows regulators want, without decimating its business. When dealing with any form of change, time is an advantage.
But change remains inevitable
That’s not to say Apple can stand still. The company’s senior executives are expected be in London this week, facing a class action lawsuit that argues it has, in effect, overcharged consumers for sales via the App Store. It remains unclear how Apple’s justifiable argument — that the vast majority of apps are distributed at no, or low, fees — will be understood as it argues that case. Apple faces similar action globally, and the litigation means it will have to change, even if only reluctantly.
Eager to force that change, Europe’s regulators are unlikely to slow their investigations into tech companies, but will be waiting on political direction before they decide the extent to which they will attempt enforcement.
Whatever the outcome of the review, there’s little doubt that Apple’s business continues to be exposed to the unravelling of internationalism. For example, even as the EU offers the sliver of hope that is implied by the DMA case review, the company’s problems in China continue to evolve. China is now slowing down Apple’s move to transplant parts of its supply chain parts of its supply chain elsewhere — particularly in India — with tighter export checks and limits to employee travel.
While there is no doubt that Apple CEO,Tim Cook has done excellent work in terms of managing the political complexity buffeting Apple’s business, it’s hard not to imagine he’d rather spend his own, and his company’s, time and money focusing on product development.
Follow me on social media! Join me on BlueSky, LinkedIn, Mastodon, or MeWe.
-
For Microsoft, 2025 could be a game-changing year
It’s looking like 2025 will be one of the most consequential years for Microsoft in a long time. Since Satya Nadella became CEO in early 2014, the company has been on an upward trajectory, despite a few bumps along the way. Today it’s the most powerful AI company on the planet and the world’s third-most-valuable company, worth more than $3 trillion.
But in these volatile times, that can change quickly thanks to a still evolving AI market, the federal government targeting high tech, and the coming wild-card Trump presidency. What challenges will the company face in 2025, and how will it handle them?
Here are my top five.
Microsoft and OpenAI will go from frenemies into enemies
Not so long ago, the Microsoft-OpenAI relationship was tech’s biggest bromance. Microsoft invested $13 billion in OpenAI, OpenAI’s influence and valuation skyrocketed, and Microsoft used the company’s generative AI (genAI) technology to vault to the top of the AI heap.
Last year, the bromance soured and the companies became frenemies; as OpenAI openly courted major Microsoft clients, Microsoft laid the groundwork for developing its own AI technology. Nadella disparaged OpenAI, saying, “If OpenAI disappeared tomorrow…, we have all the IP rights and all the capability. We have the people, we have the compute, we have the data, we have everything. We are below them, above them, around them.”
Don’t be surprised if there’s open warfare between the companies this year. OpenAI will be transforming itself from non-profit to a for-profit company, possibly changing the terms of its contract with Microsoft and allowing it to more easily pursue partnerships with other companies. In addition, the terms of the Microsoft-OpenAI deal says that when OpenAI’s ChatGPT achieves what’s called AGI and can reason on its own, Microsoft will lose its stake in the company.
OpenAI CEO Sam Altman keeps hinting that’s coming sooner rather than later. Meanwhile, Microsoft has been busy building AI technology that could replace OpenAI’s as the basis for Copilot and other AI products.
The upshot? Expect open warfare between the two.
Microsoft will get hit with at least one US government antitrust suit
Decades ago, Microsoft was Big Tech’s bad boy, mowing down competitors with shady actions that drew the wrath of the federal government — an antitrust suit that dropped the company from the top tier of tech and led to a lost decade in which it became an also-ran.
After Nadella took the helm, Microsoft became Big Tech’s choirboy, largely avoiding any federal suits, while Amazon, Meta, Google, and Apple were hit with antitrust actions that threaten the core of their businesses.
That will probably change in 2025. The Federal Trade Commission (FTC) has launched a wide-ranging investigation into what it believes may be Microsoft’s anticompetitive practices. The agency is looking at the very heart of the company and its business practices — AI, cloud computing, its productivity suite, and Teams. The suit could also endanger the company’s billion-dollar contracts with the US government, because the FTC began looking at the company thanks to its poor security practices.
What’s unclear is whether the Trump administration will continue the investigation, and ultimately prosecute the company. My bet is it will. Top Trump advisor Elon Musk has become a Microsoft competitor with his AI company xAI, and he’ll most certainly use his high-level access to push for prosecution. He’s already suing Microsoft and OpenAI for trying to use their power to get a monopoly on AI.
Intellectual property battles will come to a head
Microsoft and other genAI companies face an even bigger problem than antitrust lawsuits — the lack of content on which to train genAI tools like Copilot and ChatGPT. Improving them requires massive amounts of intellectual property. So far, the companies have simply hoovered up anything they can find, largely without paying, claiming they can use the material under fair-use doctrine.
That’s led to plenty of lawsuits against Microsoft and other AI companies for intellectual property theft. In one of the biggest, The New York Times is seeking “billions of dollars in statutory and actual damages” because of what it calls the “unlawful copying and use of The Times’ uniquely valuable works.”
Microsoft and other AI companies have begun making deals with publishers to pay for the content to train their AI models. In November, Microsoft inked a deal with the publisher HarperCollins in which it can use many of the company’s nonfiction books to train a new genAI product.
That deal might well be Microsoft’s first in a series of similar agreements with other companies. Expect more to follow this year.
Nadella will try to keep Trump at a distance
Since Donald J. Trump’s election, a number of Big Tech executives and companies have gone full-blown MAGA. In one of the more extreme makeovers, Meta’s Mark Zuckerberg has gone all in, donating $1 million to Trump’s inauguration, eliminating fact-checking on Meta platforms, backing away from policing hate speech, ending the company’s diversity efforts, killing transgender and nonbinary themes from its apps, and even removing tampons from its men’s bathrooms, which it had provided for nonbinary and transgender employees.
He’s not the only one. Top executives from Google, Amazon, Apple, and others have also bowed to Trump. Microsoft had been the lone holdout until early January, when it donated $1 million to Trump’s inaugural. Aside from that, though, the company hasn’t curtailed diversity efforts or in any other way changed its culture to put it in line with Trump’s way of thinking. And Nadella hasn’t visited Trump in Mar-a-Lago, as have so many other tech execs.
The big question: Will Nadella continue keeping Trump at arm’s length, and not try to make the company culture more like Trump would like to see it? My guess is he’ll stay the course. But we’ll see.
We may get real revenue numbers for AI… or not
Finally comes perhaps the biggest issue of all for the company’s financial health: Can Microsoft sign up enough customers to make its genAI ambitions worth its while? We’re no longer in the early hype days when mere possibilities were more important than revenue. In 2025, the ROI rubber will meet the road of reality.
This is particularly important because the investments that need to be made in genAI are far greater in scale than in any technology before it. Microsoft can spend all the billions it wants for infrastructure, electricity, data centers, training, and development. But if businesses and people don’t find AI useful and open their wallets for it, that will mean nothing.
Microsoft claims it’s got plenty of customers, but it isn’t giving out details, such as how many people pay for Copilot on a monthly basis and how much revenue it gets from that. Instead, it publicizes potentially misleading statistics such as “More than 85% of the Fortune 500 are using Microsoft AI” and “Nearly 70% of the Fortune 500 are using Microsoft 365 Copilot.” Most likely those numbers are based on companies launching small pilot programs testing whether AI is useful. Pilots don’t bring in much revenue — only full deployments do.
We’ll know in 2025 if AI is starting to pay off when Microsoft touts real revenue numbers or the number of people actively paying for AI subscriptions. Until then, consider those numbers smoke and mirrors.
-
Time to audit your MDM setup? Here’s how to get it right
Audits are never fun — whether you’re talking about a tax audit, energy audit, or industry compliance audits. But they’re necessary. And when it comes to mobile device management (MDM) deployments, they’re extra important, because mobile devices are endpoints that can expose your company to the security dangers and risk letting corporate data leak out.
Here’s what to consider as you plan an MDM audit and what to include.
What do you need to achieve with an MDM audit
Auditing something as broad as your MDM environment with its mix of identity products, federated cloud services, MDM solutions themselves, policies and groups, app inventories and the devices themselves can get, well, complicated.
This means your first step is to determine what an MDM audit should cover.
If you’re confident in auditing other aspects of your IT stack, or your entire stack is from one vendor — say you’re a fully Microsoft shop with a stack built around Entra and Azure, both of which you already have audit programs for — then you might just need to focus on Intune and your mobile device policies and configurations. But if you mix and match cloud services from multiple companies and your MDM solution is from a different vendor than everything else, you’ll need to look at your MDM links to everything else (and possibly how all your other systems link to each other). Auditing systems individually won’t give you a holistic understanding of how they work together.
If your company is subject to various compliance regimes (such as GDPR or HIPAA, for example), some subjects might be defined for you. Either way, set the scope of the audit so it can capture the systems, policies, user groups, device types, apps, user experiences and even the backend tools used in your environment.
As with any audit, standard procedures need to be considered. Ideally, these basic processes will follow the model of other audit procedures already in place. There will always be some variation — different systems have different functions and require measuring different metrics. But there should be some connective thread that runs through how you capture audit data, process it, report your findings and list corrective steps that need to be taken based on the results. An MDM audit will obviously focus on different things than a server or network security audit, but all three should come from the same basic template.
As you consider the scope of an audit and its processes, make notes of the specific questions you need to answer and the data points you need to answer them. If this is your first MDM audit, brainstorming areas of importance and looking to outside resources such as your MDM (and related service) vendor can help define exactly what you need to ask. Be sure to consider each idea carefully to see whether it’s really significant or simply mission creep.
If you’ve performed MDM audits in the past, you’ll want to review whether they captured the relevant information or let things fall between the cracks. And even if past audits went well, remember the mobile landscape and threat environment changes quickly. So you’ll need to account for any major changes — such as the recent proliferation of generative AI — since your last audit and decide whether your previous scope needs to be adjusted.
The logistics matter
How the audit is done from a logistical perspective also matters. Some can be carried out simply by examining and testing back-end systems and have no real or direct user-facing components. MDM audits might require some fieldwork, virtual or in-person, to gather accurate data. And if various teams or groups of employees or managers need to be consulted or might be impacted during the audit, you’ll want to establish that up front for both the audit team and anyone affected.
Who is the auditor(s)?
The next step is determining who will conduct the audit. With something as broad as MDM, which touches several different domains – network access, app licensing, user and group management, device and procurement from multiple vendors, endpoint security, user experience, general and mobile-specific policy requirements and so on – it can be difficult to establish exactly who’s ultimately responsible.
This means MDM audits are often best done by a team where various stakeholders are represented.
Should you consider a pre-audit?
In some cases, you might know going into the process that there are areas that are problematic. These could include policies you’ve been meaning to update; the criteria on which you authorize user access to resources; how you manage or group users and devices; and significant updates – mobile OS and app versions, backend systems – that you have yet to get around to doing.
Dealing with these known issues before the full audit occurs can make the entire process easier and shorten your departmental to-do list.
The items you want to capture
Every audit will vary based on your needs and environment. The following isn’t an exhaustive list, but these areas should be part of any MDM audit:
- Logs: Application and system logs from the MDM itself, and logs involving MDM interactions with devices and other services.
- Policies: Auditing MDM policies include the policies themselves (are they appropriate to your environment, security and user needs) and whether or not they are enforced as intended. As MDM provides a wealth of policy configurations and restrictions, this will be one of the major focus areas for an audit and it should be done across every major device/user demographic across an organization
- Device and network security: Broadly speaking, you need to ensure that information being transferred between devices and your network is secure, visible and functions appropriately regardless of how devices are connecting (corporate Wi-Fi, home or public W-Fi and cellular) as well as device integrity/malware checking.
- Device and data controls: One crucial feature of any MDM system is the ability to separate work and personal apps, settings and content. Rules related to this functionality should be clearly established and tested as widely as possible across your device fleet and user community. This can include encryption at rest and in transit and procedures for handling things such as remote lock and remote wipe.
- Device enrollment and lifecycle processes.
- Mobile OS and app updates: Make sure these are consistent throughout your fleet and environment.
- Suspicious activity monitoring and reaction: What counts as suspicious activity can vary greatly, as can the intended reactions.
After the audit
After you’ve completed the audit, take time to sift through the results. It’s also good to have multiple sets of eyes and perspectives on the data; an audit should be more than just a list of boxes to check. Seeing which criteria have been met or unmet is critical, but the question of why the results are what they are is equally important. If there are devices or apps that are out of compliance, you’ll need to know that and understand why if you’re going to remedy the issues. Your ultimate report should include this background and potential challenges during remediation.
Remember, an audit isn’t just about seeing where you miss the mark. Sometimes you’ll discover areas where your organization beats expectations, shows improvement from an earlier audit or helps you see your baseline compared to your overall industry. If something works well, you want to understand why. It might be something you can incorporate more broadly throughout your organization.
The last major step is to create an action or remediation plan. (This is especially important if you’re in an industry subject to regulation such as financial services or healthcare.) What this plan will look like can vary significantly from company to company and even from audit to audit.
The most important thing is that this plan be actionable. Each item should be specific, have metrics that allow you to ensure it is being addressed and have a timetable for resolution. The main reason for an audit in the first place is to identify issues and make serious improvements. Performing an audit and then letting the results sit in a drawer is nothing more than audit theater — you go through the motions, but don’t act on the results.