Getty Images/iStockphoto


How to handle rugged device management in the enterprise

Certain endpoint use cases require ruggedization to ensure devices aren't physically compromised. IT still needs to manage these devices, regardless of the OS or device type.

As mainstream end-user computing vendors, such as Dell and Samsung, release rugged devices that run Android and Windows, supporting ruggedized devices becomes another tier of an organization's overall endpoint management strategy.

Many organizations in verticals such as utilities, industrial manufacturing, field service, transportation, delivery services, healthcare and government deploy ruggedized devices. Historically, ruggedized devices ran different OSes than the rest of an enterprise organization's endpoint fleet. However, even single-use devices, such as ruggedized scanners, are now available running Android.

As an IT administrator, you need a cohesive plan to ensure that all rugged devices, regardless of the OS that they run, are accounted for in your inventory and can receive endpoint management from admins.

Evaluate your mobile device inventory

If your organization already has a unified endpoint management (UEM) platform and mobile device strategy, you already have an inventory of devices that your IT team is currently supporting.

Suppose you don't have UEM and a mobile device strategy in place. In that case, it's time to create a complete mobile device inventory by hand that includes all your corporate-owned devices with your rugged devices as a separate category. Your inventory should also include the corresponding OS for each device. List the following about your organization's rugged mobile devices:

  • What is the purpose of the rugged device in the business?
  • What OS and apps run on the rugged device?
  • How much is the rugged device costing the business?

Use this time to see what specialty devices might hide within your business units, not under active device management.

The results of your mobile device inventory dictate your UEM choice. For example, imagine that your organization is deploying new rugged Android tablets and smartphones to your field workforce. However, your back-office workers use iOS devices. Security and compliance, not convenience, should drive your UEM strategy. Therefore, shoring up rugged device security and management holds the same imperative as the rest of your device fleet.

Suppose there are a few legacy specialty devices still in your inventory. In that case, it's time to retire those devices and replace them with new rugged devices running a commercial mobile OS. Keeping rugged devices running obsolete OSes, such as Windows Mobile, has too many security risks to make it feasible for most organizations today. There's also the fact that SaaS now dominates field services and other verticals, such as logistics and healthcare, where rugged device use cases dominate. SaaS running on legacy systems isn't a viable plan.

Suppose your organization is already running a UEM platform that supports Android, iOS and Windows. In that case, your decision is already made, and you're only extending your mobile strategy to rugged devices with the same OSes.

Another scenario to consider is implementing a separate UEM system to manage your rugged devices. However, it may be hard to make the case for this approach if you're managing devices in a budget-conscious organization. One way to get around this challenge is to factor UEM costs into the overall deployment cost of your rugged devices.

Now, it's possible to extend your UEM platform to devices that don't necessarily sit on your corporate network endpoints.

Extend UEM to rugged device management

The changes in the ruggedized devices market mean organizations purchase fewer fixed-purpose devices. Now, it's possible to extend your UEM platform to devices that don't necessarily live on your corporate network as typical employee endpoints.

Previously, organizations purchased fixed-purpose devices and deployed them for many years in a single and unchanging mode of operation. Now, there are ruggedized laptops, tablets and smartphones available for your frontline workers that you can manage using the same tools and practices as the rest of your corporate-owned endpoints Rugged scanners that run Android are also on the market. With these devices, it's easy for IT to manage them alongside any existing Android endpoints in the fleet.

The following table splits out rugged device choices today.

Device type Action
Legacy rugged devices running QNX, Windows Embedded Compact, Windows Mobile or other outdated OSes Retire these devices due to the security and compliance risks they represent.
Kiosks Implement consumer-grade or previously used tablets secured by hardened cases and kiosk hardware.
Single-purpose devices such as scanners Evaluate Android-based scanners from Symbol, Zebra and Vanquisher for deployment.

Tablets and smartphones

Evaluate vendors such as Dell and Samsung for rugged tablets to deploy.

Evaluate vendors such as Samsung and Kyocera for rugged smartphones to deploy.

Laptops and notebook PCs Evaluate vendors such as Dell and Panasonic for rugged laptops and PCs running Windows.

It's important for your organization to be able to manage a fleet of devices that enables flexibility in choice based on newer features, better security, lower cost or better UX. A true UEM approach, where all endpoints exist within one management platform, is ideal because it provides maximum flexibility without altering existing IT management practices dramatically. This lowers overall costs and improves support.

Prioritize UEM features for rugged device management

The emphasis on remote and hybrid work over the past few years is full of lessons for the future of rugged device management.

Your IT team should list prioritized features by device type and use. Here are some examples of priorities to consider:

  • Zero-touch enrollment.
  • Zero-day security protection.
  • Ability to create multiple user profiles by roles and other factors.
  • Remote access and control for support.
  • Ability to create a protected work container to run corporate apps and store data securely.

Any UEM or mobile device management (MDM) platform you consider should offer a full lifecycle management capability, but it's important to understand what that means for rugged devices. Automation is imperative from the device's enrollment throughout the entire device lifecycle. Security, patching and data management shouldn't be left to the user.

Insights and reporting take on new dimensions with rugged devices. Your IT staff must track your devices' hardware, firmware and application security. Tracking battery levels, network connectivity, data usage and device storage also becomes a more significant requirement. Adjustments to your device monitoring are necessary to ensure your field workers have secure, compliant and fully functioning devices to perform work tasks.

Tweak your corporate mobile device strategy for rugged devices

There are many lessons from remote and hybrid work during the COVID-19 pandemic. Many of these can apply to supporting rugged devices, including the following:

  • Develop specific device onboarding processes and training for your field workers using rugged devices.
  • Implement a comprehensive remote monitoring and management framework that enables you to track and control rugged devices from a central location, including real-time monitoring of rugged device health, battery life, connectivity and performance.
  • Set up remote management to enable software updates, configuration changes and troubleshooting without requiring physical device access.
  • Ensure your management strategy includes extensive data encryption, secure boot processes, strong authentication methods and regular security patches.
  • Incorporate power management features, such as setting power profiles to optimize battery life, monitoring battery health and configuring power-saving settings remotely.
  • Implement a comprehensive data backup and disaster recovery plan to regularly back up critical data from rugged devices to a secure location. This ensures that data can be restored in case of device failure, loss or damage.

Kiosks are less a rugged device use case due to the increased availability of feature-rich kiosk apps, hardened tablet cases and hardware kiosk stands. The stands can enable you to repurpose older iPads and Android tablets that your organization already owns to use for kiosks.

Your IT department must also be attentive to communications and collaboration with your field workers using rugged devices. Use tools such as Slack and Microsoft Teams to maintain an open channel between IT and the field for feedback and other rugged device-specific communications that benefit your field workforce.

You also need to consider what steps field workers need to take to send their devices in for repairs and how they receive a loaner device so they can keep working. Also, ensure that the end of life for devices you have in place accounts for field workers if it doesn't already.

Choose a UEM vendor for rugged device management

If your organization is deploying ruggedized devices to your field workforce, they must become part of your overall UEM platform requirements.

A diagram that shows the numerous components of UEM

For example, let's say your enterprise already has an MDM system to support your corporate-owned iOS devices. Now, new business circumstances call for Android-based rugged devices. It's time to move from MDM to a UEM model for device security.

Several UEM platforms, including Microsoft Intune, Ivanti UEM and IBM Security MaaS360, support iOS, Android and Windows, ensuring you can manage rugged devices in your fleet. A different option is adding another UEM or MDM platform to support and manage a new rugged device fleet. However, it's essential to perform a cost analysis to see how much adding a new device management platform would cost versus upgrading to a new UEM system to manage all your devices.

Next Steps

How to build a functional network for rugged IoT

Dig Deeper on Unified endpoint management

Virtual Desktop