Content collaboration tools provide an easy way for employees to use and share content both inside and outside the organizations. Since these tools can be used to collaborate with customers, partners and suppliers, they often provide rich security and privacy controls. Today, much of this functionality also can be found in other tools such as cloud office platforms, workstream collaboration platforms, content services platforms and content services applications. Functional differentiators in dedicated CCTs are difficult to identify.
An embedded operating system (OS) is a type of OS that is used in embedded computing devices. The term 'embedded' refers to devices that are installed (that is, embedded) as built-in components of a wider system, in which they serve a special, functional purpose. Embedded OSs differ from other types of OSs by their optimized design. Form factors, price points and other parameters of embedded devices set constraints on the OS, for example, in terms of functionality, user interface, memory space and driver support. Consequently, the architectures of embedded OSs tend to be extensively optimized for single-purpose deployment, stripped out of anything that is considered unnecessary for their use. This does not mean that embedded OSs cannot be applied outside of embedded devices. For instance, it is common to see embedded real-time operating systems (RTOSs) being used to handle the baseband functionality in smartphones.
EMNSs automate the distribution and management of messages to relevant stakeholders for localized events and regional and catastrophic disasters across multiple channels. Use cases include organizational crises, business-critical operations, IT outages, and public and personal safety.
Gartner defines an endpoint protection platform (EPP) as security software designed to protect managed endpoints — including desktop PCs, laptop PCs, mobile devices and, in some cases, server endpoints — against known and unknown malicious attacks. EPPs provide capabilities for security teams to investigate and remediate incidents that evade prevention controls. EPP products are delivered as software agents, deployed to endpoints, and connected to centralized security analytics and management consoles. EPPs provide a defensive security control to protect end-user endpoints against known and unknown malware infections using a combination of security techniques (such as static and behavioral analysis) and system controls (such as device control and host firewall management). EPP prevention and protection capabilities are deployed as a part of a defense-in-depth strategy to help reduce the attack surface and minimize the risk of endpoint compromise. EPP detection and response capabilities are used to uncover, investigate, and respond to endpoint threats that evade security prevention, often as a part of broader security operations platforms.
Information-centric security products focus on content, more than device, and apply encryption and authentication to block file access and movement from unauthorized people or circumstances. Endpoint systems are porous, mistakenly sharing data is easy, and users can be careless. Information-centric security is the last line of defense for data when firewalls, anti-malware tools, best practices and other traditional defenses fail. The scope of this market is the protection of stored information, commonly referred to as data at rest. The protection of data at rest in some ways takes precedence, because the interconnectedness of today’s systems often undermines network protections. In other words, high-value information should be protected “at rest” to prevent the risk of a breach caused by an unexpected data in motion event.
The market for instant communications security and compliance consists of solutions that protect instant communications sent over networks, while also ensuring regulatory compliance.
Gartner defines managed detection and response (MDR) services as those that provide customers with remotely delivered security operations center (SOC) functions. These functions allow organizations to perform rapid detection, analysis, investigation and response through threat disruption and containment. They offer a turnkey experience, using a predefined technology stack that commonly covers endpoints, networks, logs and cloud. Telemetry is analyzed within a provider’s platform using a range of techniques. The MDR provider’s analyst team then performs threat hunting and incident management to deliver recommended actions to their clients. MDR offers outcome-driven security incident management that is predicated on the detection, analysis and investigation of potentially impactful security events and the delivery of active threat disruption and containment actions to respond to and mitigate the impact of cyber breaches.
Gartner defines a mobile application management (MAM) tool as an on-premises or SaaS tool specifically designed for the license management, distribution, securing and life cycle management of apps for mobile device platforms. Thus, MAM tools provide integration with public app store payment and licensing mechanisms (such as Apple's Volume Purchase Program [VPP]), an enterprise app store, and the ability to set policies related to security, usage and ongoing management for apps or groups of apps. At minimum, a MAM product supports native and HTML 5 apps. Many also support a variety of popular hybrid app architectures, which may be highly desirable based on a particular client's needs.
Mobile threat defense (MTD) products protect organizations from malicious threats on iOS and Android devices, at the device, network and application levels. To successfully attack a mobile device, mobile malware must circumvent the controls built into mobile OSs, such as those for app store curation and native mobile OS hardening. MTD products tend to focus on preventing and detecting anomalous behavior by collecting and analyzing indicators of compromise, as well as expected behavior. MTD products gather threat intelligence from the devices they support, as well as from external sources, and use an analysis engine that resides in the cloud, on-premises or on an MTD app installed on devices.
Gartner defines a unified endpoint management (UEM) tool as a software-based tool that provides agent and agentless management of computers and mobile devices through a single console. Modern UEM tools: Provide a user-centric view of devices across device platforms; Offer agent and/or agentless management through native Windows endpoint, macOS, Linux and Chrome OS controls. Offer agentless mobile management through native Apple iOS/iPad OS and Google Android controls; Aggregate telemetry and signals from identities, apps, connectivity and devices to inform policy and related actions; Aggregate and analyze technology performance and employee experience data; Integrate with identity, security and remote access tools to support zero-trust access and contextual authentication, vulnerability, policy, and configuration and data management; Manage nontraditional devices, including Internet of Things (IoT) devices, wearables and rugged handhelds.