UEM: Universal Endpoint Management

Controls

UEM-02: Application and Service Approval

Define, document, apply and evaluate a list of approved services, applications and sources of applications (stores) acceptable for use by endpoints when accessing or storing organization-managed data.

UEM-03: Compatibility

Define and implement a process for the validation of the endpoint device's compatibility with operating systems and applications.

UEM-05: Endpoint Management

Define, implement and evaluate processes, procedures and technical measures to enforce policies and controls for all endpoints permitted to access systems and/or store, transmit, or process organizational data.

UEM-07: Operating Systems

Manage changes to endpoint operating systems, patch levels, and/or applications through the company's change management processes.

UEM-11: Data Loss Prevention

Configure managed endpoints with Data Loss Prevention (DLP) technologies and rules in accordance with a risk assessment.

UEM-13: Remote Wipe

Define, implement and evaluate processes, procedures and technical measures to enable the deletion of company data remotely on managed endpoint devices.

UEM-14: Third-Party Endpoint Security Posture

Define, implement and evaluate processes, procedures and technical and/or contractual measures to maintain proper security of third-party endpoints with access to organizational assets.