/ciol/media/agency_attachments/c0E28gS06GM3VmrXNw5G.png)
Follow UsBANGALORE, INDIA: Many businesses are finding that their current approach to endpoint protection and management isn’t adequate or successful. Why? All too often, security and management are regarded as separate, independent activities, leading to wasteful overlap in some places, and excessive gaps in others. Increasingly, businesses are discovering that uniting all management and security tasks is the most effective path to protecting a growing number of endpoints and the information stored on them.
The situation
Endpoints have come a long way in the past few years. Not long ago, PCs made up the majority of the endpoints connecting into the business network (perhaps a few laptop machines, as well). Fast-forward to today and the variety of endpoints is staggering - devices like smart phones, PDAs, and portable entertainment systems have become ubiquitous in many businesses.
However, as endpoints multiply and extend the IP network, they are at constant risk of threats that can lead to system compromises, data breaches, or policy violations. Despite IT managers’ awareness that threats to endpoints continue to evolve as much as the devices themselves, managing endpoints while protecting critical IT assets is proving to be difficult. This is mainly because of the following:
Independent security and management: Managing endpoint security and operations such as threat detection, protection against malicious codes, vulnerability scanning, backup/restore, and Network Access Control (NAC) can require multiple software agents, products, and servers. Often, management is independent and has little integration with other security initiatives. This is how a security team can end up trying to manage patches (an area not considered their domain), for example. With a lack of administrator skills, redundant processes, and considerable management overhead, this common scenario is set up for failure.
Neglecting data on endpoints: Typical endpoint security tools such as antivirus, anti-spyware, and firewalls were designed for network security or malicious code protection. Businesses also need (but often lack) data loss prevention, full-disk encryption, and regular endpoint backup to protect the data that regularly flows in and out of endpoint devices.
The Convergence - Endpoint Security and Endpoint Management
While the concept of consolidation is certainly not new to IT organizations, its application is gradually expanding. This convergence of endpoint security and endpoint management has grown to include not just servers and other hardware, but also IT operations and tools.
IT security and administrative teams are discovering common functions, challenges, and strategic goals and have begun to share ideas for addressing them more efficiently. Other indicators surface in policies designed to ensure business continuity and regulatory compliance through sound information protection and management practices. It can be measured as IT organizations respond to management’s directives to control costs while supporting new business initiatives.
The most telling evidence of the convergence of IT security and management can be seen by taking a look at the state of the typical IT endpoint itself. These ever-connected mobile and non-mobile devices have become not only a critical component of today’s IT infrastructure but also a high-risk element of today’s business environment. Their security is as essential as their management.
What’s more, endpoint security is made possible through endpoint management. In fact, according to Gartner, 65 percent of all system weaknesses are due to poor system configuration, while another 30 percent can be resolved through patch management. In other words, 95 percent of security problems can be addressed through better endpoint management.
Clearly, the convergence of endpoint security and management has begun. Organizations that are successfully adopting this more efficient and effective IT approach are leveraging a similarly well-integrated, automated set of endpoint security and management tools that support and facilitate this model. In doing so, these organizations are also taking a giant step toward transforming IT from being viewed as yet another cost center to considering it a vital business enabler.
Author: Ajay Verma – Director, Channels and Alliances, Symantec India