Global organizations increasingly realize that their IT operations and security teams are better together. Enhanced coordination between these key groups is already helping to drive faster remediation, improved root cause analysis, cost reduction and critical visibility into how policies can affect the end-user experience.
That’s according to the featured speaker Andrew Hewitt, Senior Analyst at Forrester, who spent time recently chatting to Tanium about how the unified endpoint management (UEM) space is evolving. Watch the full interview here:
Starting the journey
For those yet to reap the benefits of tighter IT ops and security collaboration, there are plenty of areas around which to build closer ties. Patch management has become a natural first step, especially as it’s an area where ownership is often confused between the two anyway. Security teams can contribute by discovering vulnerabilities and alerting about potential attacks, while operations teams have the mechanisms and processes to deploy patches to mitigate these threats.
The two can also work together well on enforcing encryption throughout the organization and across multiple operating systems. Again, it’s an area where historically, there may have been a little confusion over who is responsible. And finally, there’s CVE ingestion into endpoint management tooling, which can provide useful visibility to ops teams around what’s happening from a cyber risk perspective.
Tooling is key
Policy and process are certainly important to driving enhanced IT ops-security collaboration. But these teams also need the right platform to collaborate around. According to Hewitt’s interview with Tanium, some Forrester clients may have upwards of six different management platforms across multiple operating systems. There’s, therefore, a huge advantage in having a single platform that can do it all — deploying and enforcing policies across multiple operating systems (OS) at once. This will help to streamline encryption and accelerate remediation by tying together vulnerability data with patch management capabilities in a more integrated way.
A single platform also means a single source of truth for administrators across endpoint security, management, the service desk and elsewhere. With everyone standardizing on the same set of data, there’s less opportunity for visibility gaps to emerge, and productivity is more assured.
There are also more mundane but equally important benefits. Sometimes policies from specific tools like AV come into conflict with endpoint management policies. That can raise some difficult questions about which should take precedent. With a single platform approach, organizations don’t need to worry about such things — saving further time and effort, which can be spent on more strategic thinking.
There are also inevitably licensing cost efficiencies to be made by consolidating onto a single platform. Yet a word of warning is also required here. In the interview, Hewitt says he often sees organizations trying to integrate disparate tools through APIs. Doing so will usually end up diminishing the functionality of both tools. Only when there’s a pre-built, fully integrated platform can organizations expect to start seeing the benefits outlined above.
Data drives automation
So what happens next? We’re actually seeing a situation in the UEM market where so much management and security functionality has been subsumed into the native OS that vendors aren’t really innovating right now. It’s created an element of stagnancy in the market. That said, there’s certainly a trend towards integrating these solutions with endpoint security and service management tools and underpinning this with powerful automation to streamline management across large, distributed environments.
What should organizations look for in a vendor? Cloud-based endpoint management and architectures that are going to support faster patch management and policy configuration. Data is the key: a single endpoint security and management platform should be collecting huge volumes of data to drive automation. So, consider these questions about prospective solutions:
To what degree do they enable you to deliver cloud transformation and automate a significant portion of your endpoint management task?
How much data are those tools collecting to deliver accelerated remediation and automation over the long term?
To hear more from our guest, Forrester’s Andrew Hewitt, register for our upcoming webinar Security and IT Ops Convergence will Drive the Future of Endpoint Management on Tuesday, Sept. 27 at 11 a.m. ET.