Converged endpoint management: reduce cost, complexity, and risk
Prevention is always better than cure. In cybersecurity, it’s also usually cheaper and less likely to expose the organization to reputational, financial, and compliance risk.
Prevention is always better than cure. In cybersecurity, it’s also usually cheaper and less likely to expose the organization to reputational, financial, and compliance risk. That’s why prevention-first security is a best practice for delivering cyber-hygiene across enterprise endpoints. The challenge is that endpoint security and management teams often work in silos, using separate point products. The result is extra cost, complexity, and security risk.
However, by consolidating onto a converged endpoint management (XEM) platform, these teams can finally serve the greater good — reducing risk and licensing costs, increasing productivity, and enhancing the end-user experience.
Why silos are bad for business
The endpoint is where modern business happens: whether it’s the laptop of a sales executive; the CEO’s smartphone; or the cloud servers, containers, and virtual machines (VMs) that power digital infrastructure. The challenge for modern IT ops and security teams is the sheer volume of endpoints they must manage and secure. And they’re growing in number all the time as organizations migrate to microservices architectures and embrace remote working. This makes visibility particularly difficult – especially unmanaged home worker devices, and dynamic, ephemeral cloud containers. It represents a growing headache for IT teams already stretched to the limit by determined threat actors and rigorous compliance requirements.
This alone would be bad enough, but these challenges are exacerbated by the way many IT and security teams work today. Traditionally, endpoint management and endpoint security have been treated as separate functions by organizations. While IT management might include deploying and updating operating systems and applications and managing the software and hardware lifecycle, security teams focus on deploying security technologies, enforcing policy, threat monitoring, and incident response. According to IDC research, 75% of organizations treat endpoint management and security separately in this way.
The result? Over 50% of these organizations use multiple discrete solutions to support their individual siloed functions, rather than looking for platforms that can solve IT challenges for both. In fact, there are numerous areas of overlap between IT management and security. Policy enforcement is required for both OS configuration and security controls. Installing endpoint security tools could be classed as an IT operations task. And vulnerability management and compliance could be the work of both functions.
Creating enterprise risk
The problem with this approach is that it can add unnecessary extra risk and complexity, if siloed tools create visibility and control gaps, and isolated teams make uncoordinated decisions. This can also sap productivity and add operational cost, especially if teams are duplicating activities. In fact, more complex environments are usually more expensive to run, especially if it means supporting multiple software licenses and tools when fewer would do. Use of multiple tools can also degrade the user experience if it forces IT ops/security team members to swivel chairs between different portals.
This disjointed approach is already having a notable impact on organizations. According to a 2022 Tanium study, most organizations don’t believe their existing security posture can stop the majority of endpoint attacks. It also takes a quarter (25%) of organizations between a week and a month to roll out a critical patch: too long when seconds and minutes count. For some (12%) it takes over a month.
That explains why nearly two-thirds (64%) of enterprises believe it’s moderately to extremely likely they’ll be a cyber-attack victim in the coming 12 months. Serious breaches can lead to lost productivity, system downtime, reputational damage, information theft, and direct revenue impact, they admit.
How XEM can help
This is why many organizations are looking at XEM to bring their IT ops and security teams together and ensure they’re working from a single source of truth. IDC highlights four key benefits of consolidating onto a single platform:
Reducing risk and complexity: XEM can streamline and simplify compliance tasks, which often require a major input of time from both security and IT ops teams. It also features tools for rapid threat detection, patching, and remediation, thus helping to mitigate cyber risk, enhance cyber-hygiene and reduce the footprint of software running on devices.
Lowering costs: XEM helps to reduce the number of tools that must be maintained by IT ops and security teams, and associated costs related to licenses and ongoing management. By consolidating on the right single-vendor platform offering a wide range of IT security and operations capabilities, organizations can also replace entire products. A high degree of automation supports cost reduction in areas like asset management.
Enhancing collaboration: While organizations recognize the need to unify IT ops and security teams, they can’t force the issue. But with a single XEM platform, teams have a place where organic collaboration can be “discovered and nurtured,” according to IDC. Working from a single source of truth is the first step in this journey.
Improving the employee experience: If left unchecked, bad employee experiences can sap productivity and even drive talent away from an organization. But XEM can help to spot performance issues early on, preventing a flood of helpdesk tickets, and streamline the patching experience with automation and self-service, to reduce downtime.
These benefits are already helping to transform the way enterprises handle endpoint management and security. According to IDC, 50% of organizations are “very familiar and operational” in terms of deploying XEM, and nearly 60% would consider buying such a product. That bodes well for the future. As Forrester senior analyst, Andrew Hewitt, explains, patch management, endpoint visibility, and compliance may not be particularly sexy topics in computing today. But they remain critical challenges. With XEM, organizations are one step closer to solving them.
Learn how Tanium XEM can help you reduce cost, complexity and risk
About Author
