Unified Endpoint Management (UEM) and IT Security: Critical Connections

UEM and cybersecurity are separate specialties within many enterprises and IT teams. However, these two important disciplines are inextricably intertwined. Herewith, some thoughts on those interdependencies and what they mean to your UEM and security management efforts.  

Security Begins at Your Endpoints

The respected market watchers at Forrester Research perhaps said it best in The Forrester Wave™: Endpoint Security Suites, Q4 2016. “Endpoint security represents the frontline in your fight against cyberattackers. Breaches have become commonplace among enterprises, and your employee endpoints and servers are targeted more than any other type of asset.” 

For its 2016 Global Business Technographics Security Survey, Forrester surveyed nearly 3,600 respondents from around the world. Those respondents all have “significant involvement in the planning, funding, and purchasing of business and technology products and services.” Forrester asked network security professionals at enterprises that had experienced a security breach in the 12 months preceding the survey, “Which of the following was targeted as a part of this external attack?” The top three responses: 

  • Corporate server (cited by 48 percent of respondents) 
  • Corporate-owned device (42 percent) 
  • Employee-owned device (40 percent) 

In addition, that mix of corporate- and employee-owned devices is growing in number and complexity. For its recent study, “Unified Endpoint Management: Simplifying the Security and Support of PC and Mobile Devices,” Enterprise Management Associates® (EMA™) surveyed more than 100 IT directors for the study. Based on the results of that survey, EMA found that “the average business professional regularly employs at least two computing devices—including desktops, laptops, tablets, and smartphones—to perform job tasks. Moreover, roughly half of all workers utilize both a PC and a mobile device in the course of a typical day at the office.”  

This dynamic makes both endpoint and security management more complicated, EMA found. “Security was repeatedly noted as a primary focus for IT managers across EMA’s survey results. In addition to being the most challenging to support, security was identified as the most time-consuming, the most difficult, and the most costly administration practice,” EMA found. 

Your endpoints are prime targets for hackers and malefactors who seek to infiltrate or disable your endpoints. And managing those endpoints, especially those in the hands of your users, is both critical and challenging.  

How Best to Protect Your Endpoints?

The Forrester Wave report identified three “core buyer needs” for effective endpoint security. “Before making any new purchases, consider a vendor’s ability to meet each of these needs, specifically how well they are able to: 

  • “Prevent malware and exploits from executing. 
  • “Detect malicious activity post-execution. 
  • “Remediate and contain malicious activity and potential vulnerabilities.” 

Forrester isn’t the only authoritative voice arguing for such comprehensive endpoint security management. Multiple industry bodies align their cybersecurity recommendations with the Critical Security Controls promulgated by the Center for Internet Security (CIS). The CIS estimates that implementing the top five of its recommended controls can reduce the risk of cyberattacks by 85 percent. Those top five controls: 

  • Inventory of Authorized and Unauthorized Devices; 
  • Inventory of Authorized and Unauthorized Software; 
  • Secure Configurations for Hardware and Software on Mobile Devices, Laptops, Workstations and Servers; 
  • Continuous Vulnerability Assessment and Remediation; and 
  • Controlled Use of Administrative Privileges. 

UEM: Critical to Success with Cybersecurity

Three of these five top CIS Controls are also critical elements of any effective UEM efforts. Done right, UEM can help you to achieve and maintain secure configurations for your endpoints, assess and remediate vulnerabilities continuously, and rein in admin rights. When combined with comprehensive hardware and software inventory information, these features can greatly improve cybersecurity for your entire enterprise. 

Effective UEM can deliver benefits beyond improved cybersecurity as well. The right UEM tools and processes can reduce user logon times, consolidate management of user profiles, integrate management of mobile devices, and even ease migration to new computing environments, such as Windows 10. But even if none of these matter to you or your enterprise, the prospect of better security should provide sufficient incentive to begin pursuing UEM ASAP. 

UEM is critical, but is by no means simple. “Overcoming the challenges of enabling security and user productivity in an age of workforce mobility and multi-device support requires a fundamental shift from traditional endpoint management processes,” the EMA study said. “The utilization of multiple consoles to perform related administrative tasks (often called ‘swivel-chair management’) is inherently inefficient and ultimately unsustainable in the face of accelerating requirements for supporting workforce productivity. EMA’s research indicates that this is particularly true with the attainment of endpoint security, which was determined to be the most important management service to surveyed respondents and the most challenging to perform.”  

Ivanti: Ready to Help with UEM and Cybersecurity

The EMA report offers specific guidance regarding selection of UEM solutions. “The key to simplifying the management and security of heterogeneous user devices is the adoption of a unified endpoint management platform. However, selecting a solution should not be a process taken lightly. Organizations should look for platforms that provide fully-integrated support for all endpoint devices in their support stack, rather than a collection of point solutions that are simply accessed from a common console.” 

Ivanti offers solutions that can deliver all of the UEM benefits outlined above, as well as defense in depth against ransomware and other threats. Ivanti solutions can also enable comprehensive and accurate network inventories, as well as effective and secure asset and service management. 

Download the complete EMA report to learn more about the need for and key characteristics of an effective, security-focused UEM strategy. Then contact Ivanti, and let us help you to improve UEM and cybersecurity at your enterprise.