Three key considerations of endpoint security in a hybrid IT ecosystem
As we move through 2021, the underlying assumption was that it would be better than 2020 (which is admittedly a very low bar to clear), however, from an IT perspective, 2021 is proving to be probably even more challenging than the kidney stone of a year that preceded it.
While there are lots of considerations that are driving this challenge, there are three primary variables that are affecting how IT managers are choosing to navigate the ecosystem in front of them. These are:
Continued uncertainty: while 2020 was disruptive, at least it was consistent. During March, essentially everyone went home at the same time, and started holding their breath (literally). IT restructured to support a 100% remote workforce (with a few front line exceptions); this was digital transformation on a brutal acceleration schedule, and it hit everyone everywhere at once. A challenge to be sure, but a consistent challenge.
2021 is very different. Some companies have taken the leap and gone 100% remote on a permanent basis, some are very eager to go back to pre-pandemic models, and most seem to be settling into a hybrid model. 100% remote or 100% in the office are known entities. Hybrid is not, and that’s where the challenge lies. Endpoint management when that endpoint is not working from a consistent location is a challenge with both security and operational concerns. The flip side to this is managing an engaged and productive workforce. A recent internal survey by Apple indicated that almost 90% of employees wanted flexibility in terms of work locations, while management still favors the in-person option as long as safety protocols are followed.
Expanded attack surface: Things were neat and manageable when they were behind a firewall or on a VPN. Now it's a home WiFi that is nominally secured, and is often shared with people who may not have enterprise grade security as a key consideration. According to a recent article in IT Governance, over 70% of remote workers have experienced IT problems during their work from anywhere stint, and over half had to wait 3+ hours for the issue to be resolved. Considering how many people are working remotely, that's a lot of lost productivity. The endpoint is often the easiest way for nefarious actors to get in; there are lots (like billions) of endpoints and the number is growing exponentially, they’re generally not secured, and they have a tendency to move around. AV software and the OS on which it runs is constantly being updated, and at the same time it is absolutely critical to know the exact status of every asset on your network, preferably in real-time.
Relentless compliance requirements: While the regulatory environment rarely keeps pace with technology development and deployment, it does tend to creep forward steadily and ominously. Compliance requirements are deliberately opaque, subject to change, and rarely in favor of the enterprise being audited. As the regulatory framework continues to evolve (SOC2, GDPR, CCPA, as well as vertical specific frameworks like HIPAA) the need to know with precision and timeliness the exact status of assets (or more accurately the data on the assets) is becoming mission critical, since the downside of non-compliance has become non-trivial. CCPA as a regulatory framework is starting to pick up steam (that is to say, class action suits are starting to pile up) and while the initial fines are not at the upper end of the statutory range, very few businesses are happy to write an avoidable multi-million dollar check to regulators.
Compliance requirements, like death and taxes, are on the list of unavoidables. However, with the proper framework for tracking details on devices (AV status, OS upgrades and patches, the precise disposition of an asset - who has it where, and what are they authorized to do?) can be given to an auditor with the flip of a switch - literally. This takes an expensive, time consuming hassle and turns it into an opportunity to instantly prove you’re compliant, taking your game to a whole new level.
Endpoints are by far the most common point of ingress into an IT ecosystem, which means the management of security of the endpoint is an area that requires focus and vigilance both from a systems and a human level. It is critical to not only have a detailed and real-time understanding of the disposition of endpoint assets, but also the context of their use - what other resources (hardware, software, Cloud) are they connected to, who are the responsible parties involved, what workflows are they able to trigger, etc. This is why a holistic approach to IT asset management (Oomnitza), combined with detailed product information (Tanium) is critical as the global IT ecosystem moves permanently into a hybrid model. For more detail on how Enterprise Technology Management can drive an integrated view across your network, please click here.