So much for getting back to normal. From an IT perspective, 2021 is proving even more challenging than 2020.
While that’s due to a long list of factors, just three primary variables are affecting how IT managers navigate their ecosystem:
1. Continued Uncertainty: While 2020 was disruptive, at least it was consistent. Early in the year, essentially everyone went home and started holding their breath (almost literally). In response, IT quickly regrouped to support a nearly 100% remote workforce. This was digital transformation, but on a brutal acceleration schedule. Plus, it hit everyone everywhere at once. That was a challenge, to be sure, but it was consistent.
This year is very different. For one, there’s no more consistency. Some companies have taken the leap and gone 100% remote on a permanent basis. Others are eager to return to pre-pandemic models. Many others are settling into a hybrid model.
Working completely remotely or completely on-site are both known entities. But hybrid working is not. And that’s where the new challenge lies.
Part of that new challenge is endpoint management. Never easy, endpoint management has become even more difficult now, when many endpoints are not working from a consistent location.
The flip side of this is the challenge of keeping the workforce engaged and productive. A recent survey by Apple finds nearly 90% of its employees want flexibility in terms of work location, while their managers still favor in-person working (so long as safety protocols are followed). That’s a big gap.
2. Expanded Attack Surface: In the past, when all systems were either behind a firewall or on a VPN, things were neat and manageable. But now many devices are on home Wi-Fi networks that are only nominally secured, and they’re often shared with people who may not know or care about enterprise-grade security.
According to a recent article, over 70% of remote workers have experienced IT problems during their work-from-anywhere stints. And over half have had to wait 3+ hours for the issue to be resolved. Considering how many people are working remotely, that’s a lot of lost productivity.
Endpoints are often the easiest way for nefarious actors to get in. For one, there are many endpoints (literally billions), and their numbers are growing exponentially. For another, these endpoints are generally not secured, and they have a tendency to move around. Both antivirus software and OSes are constantly being updated. At the same time, it’s critical to know the exact status of assets on your network, preferably in real time.
3. Relentless Compliance Requirements: While the regulatory environment rarely keeps pace with technology development and deployment, it does creep forward steadily and ominously. What’s more, compliance requirements are deliberately opaque, subject to change, and rarely in favor of the enterprise being audited.
The regulatory framework continues to evolve. It now includes SOC2, GDPR, CCPA, as well as vertical-specific frameworks such as HIPAA. As a result, the ability to precisely and quickly determine the exact status of all assets — or more accurately, the data on those assets — is becoming mission-critical.
What’s more, the downside of noncompliance has become nontrivial. For one, CCPA as a regulatory framework is picking up steam, and class-action lawsuits are starting to pile up. While the initial fines are not at the upper end of the statutory range, few businesses are happy to write an avoidable check for $5 million.
Compliance requirements, like death and taxes, are unavoidable. What’s needed is a proper framework for tracking details on devices, such as antivirus status, OS upgrades and patches, and the precise disposition of an asset: Who has it? Where is it? And what are they authorized to do?
Fortunately, this framework can be given to an auditor with the flip of a switch — quite literally. Even better, doing so can turn an expensive, time-consuming hassle into an opportunity to instantly prove you’re compliant, taking your game to a whole new level.
Endpoints are by far the most common point of entry into an IT ecosystem. This means the management of endpoint security requires focus and vigilance from both a systems and human level.
You need not only a detailed and real-time understanding of the disposition of endpoint assets, but also the context of their use. For example, what other resources (hardware, software, cloud, etc.) are they connected to? Who are the responsible parties? Which workflows are they able to trigger?
This is why a holistic approach to IT asset management, combined with detailed product information, is critical as the global IT ecosystem moves to a hybrid model.
Oomnitza, a Tanium partner, offers Enterprise Technology Management solutions that can drive an integrated view across your network.