Gone are the days when a lone system administrator would perch upon the ledge of your desk to help you with menial tasks such as connecting to the company’s wireless printer or installing a piece of software no one has heard about; totally understandable seeing how your average SMB has 700+ endpoints, each with its own strengths, weaknesses, and vulnerabilities.
Prancing around the company whenever the IT phone rings just doesn’t cut it anymore – too many things to do (i.e. installing software, uninstalling software, updating, patching, setting up new accounts, deleting old accounts, creating new email addresses, etc.) and very few limbs to get all of them done by the end of the day.
A couple of years ago, the idea of a unified platform or endpoint management hub was, without a doubt, just another one of those things that set the admin’s imagination on fire. Fortunately, nowadays endpoint management is less painful, with hundreds of options at our fingertips.
Then again, why should you need a unified endpoint management system? Is it worth it? Does it increase your company’s ROI? Do you need to ‘babysit’ it? How much ‘to UEM’? I will or, at the very least, I’ll try, to answer all of these questions in the article. Enjoy!
What is (an) Unified Endpoint Management system?
U.E.M is, was, and will be the next evolutionary step of endpoint management. For an enterprise (or SMB or startup), “endpoint” can have any number of meanings – PC, Mac, laptop, tablet, wireless printers, smartphones, IoT devices, and anything in between.
Businesses have gone beyond using desktop PCs or laptops for every day, work-related tasks. At the same time, the need for extra…surveillance has increased exponentially. BYODs are great; they make you feel ‘homier’ and less ‘workey’, but they can also become gateways for threat actors who would like nothing better than to sink their teeth in your company’s valuable data.
Endpoint management is the answer to closing all those security gaps, evaluate your cyber-resilience factor, and ensuring that the data stays where it’s supposed to. So, why Unified Endpoint Management? Imagine being the curator of an enterprise ecosystem; spanning hundreds, maybe thousands of these endpoints. Believe it or not, system admins tend to lose count (and track) of all the devices hooked up to corporate.
In fact, according to a study by identity and access management company LogMeIn, 88% of system administrators couldn’t tell how many devices can access the company’s secure network.
Of course, the findings of this study should be taken with the proverbial salt grain – LogMeIn pooled data from the responses of 1,000 sysadmins, scattered through North America and Western Europe. Still, it does make a valid point, one that I will expand upon through this article.
Now, how does one tackle a corporate network the size of a rodent’s brain? Well, the safest approach would be to deploy an endpoint management tool or software. On top of that, you will also need some sort of MDM to sort out mobile devices and an EMM (Enterprise Mobility Management) tool to, well, manage all the corporate assets. Did you think that I was done with the list?
Hardly; you will also require a client management system for stuff like client retention, remote diagnosis, operating system deployment, patching, and updating. Three different kinds of software just to eyeball that tangled web of devices. Naturally, each solution has its own quirks and strengths. And so, if your life wasn’t hard enough, here are three more reasons for you to consider a career change; or not.
In comes UEM, a brand-spanking-new approach to granular, multi-device control, and management. With (an) Unified (and united) endpoint management system, you will be able to:
- Control, configure and monitor all types of devices (i.e. Mac, Windows, Android, Linux, etc.) from a single (and unique) dashboard.
- Updating, downgrading, and patching can be done from a single console.
- Push security policies to every device, regardless of the operating system.
- Simplify the BYOD enrollment process.
- Achieve better control over user-requested installation and uninstallation processes (e.g. system administrators can prevent users from installing a specific category of software on all devices hooked up to the corporate network).
So, how is a Unified Endpoint Management system any different from MDM or EMM?
About UEM, MDM, EMM, and other Ms that go bump in the night
Let’s talk about the elephant in the room which, in this case, is Mobile Device Management. UEM handles mobile devices (i.e. smartphones, tablets, wearables running Android or iOS) and MDM handles mobile devices. So, what’s the difference? Why not stick with MDM? There’s no easy way of saying this, but the “M” in acronym spells it very clearly – MDM covers ONLY mobile devices (BYODs, COPEs, and COBOs). MDM includes:
- Mobile policy enforcement.
- VPN config.
- Jailbreak and rooting detection.
- Remote device lock.
- Disabling or enabling native apps.
- Remote wipe of sensitive information.
- Advanced Wi-fi or Hot Spot config.
More to the point – MDM good for mobile devices and bad for other endpoints (i.e. laptops, desktop computers, servers, etc.). With MDM out of the unification equation, who do we turn to? EMM, of course. Compared to MDM, EMM (Enterprise Mobility Management) is a little more inclusive. More specifically, EMM solutions can curate some endpoint-like components (e.g. wireless access points) and, of course, IoT devices.
In a nutshell, EMM will allow you to:
- Manage your file share and sync.
- Enforce additional access methods such as multifactor authentication.
- Enforce CAPs (conditional access policies)
- Tweak the security settings of your web browser.
Even with an EMM solution in place, you’ve still failed to cover the endpoint part. What’s there to be done? Well, the obvious solution is to use some kind of tool, software, a solution that covers both issues (mobile + endpoint). In this case, the solution is a unified endpoint management tool.
At a glance, a UEM can help your tackle both mobile and ‘non-mobile’ issues. Besides, Unified Endpoint, as a management methodology can greatly increase the accuracy of your reporting and backlog analysis.
Essentially, you will have gained the ability to introduce a more granular, ‘EMMesque’ control over your desktop computers and similar devices, manage Internet-of-Things devise, and, of course, upgrade/update/patch both mobile and desktop apps – the process is simultaneous.
Other features that recommend a Unified Endpoint Management solution:
- Identifying the underlying condition. Without a centralized dashboard (and powerful analytics), we sometimes fail to identify the root issue. UEM’s reports can help your sysadmins quickly figure out the root of the issue, deal with it, and figure out how to prevent future occurrences. In other words, UEM boasts analytical and predictability features.
- Achieve an unprecedented level of automation. Speed, volume, and quality are vital to any business environment. Automation is the key to all three. However, in endpoint management, it’s difficult to establish functional flows due to the fact that each type of device is handled by a different tool (i.e. Active Directory, MDM, EMM, etc.). As in the case of UEM, having all of your eggs in the same basket will certainly help with piecing together functional flows.
- Increased visibility. The best analogy I can come up with is the Mind-map chart; UEM is one gigantic mind-map with interwoven flows, endpoints lighting up like Christmas lights, and aggregated reports.
Migrating towards Unified Endpoint Management
Implementing and deploying a Unified Endpoint Management solution is the first step towards increasing your cyber-resilience factor and, of course, achieving an unprecedented level of control over what happens inside (and outside!) your corporate network. In not so many words, it’s your go-to solution when everything goes boom around you.
Introducing Heimdal™ Security’s EDR/ E-PDR suite or, as we call it around here, the closest you can get to authentic Unified Endpoint Management. Our suite consists of three award-winning products.
Thor Foresight Enterprise, the company’s DNS traffic-filtering solution that makes sure that malware doesn’t set foot in your endpoints.
Antivirus is no longer enough to keep an organization’s systems secure.
Thor Foresight Enterprise
Is our next gen proactive shield that stops unknown threats
before they reach your system.
- Machine learning powered scans for all incoming online traffic;
- Stops data breaches before sensitive info can be exposed to the outside;
- Automatic patches for your software and apps with no interruptions;
- Protection against data leakage, APTs, ransomware and exploits;
X-Ploit Resilience – as part of Thor Premium Enterprise suite – our automatic patching, and updating engine, that keeps all your favorite apps and software up to date, regardless of machine’s status, time zone, or package size. The updating/patching module also allows your system admin to deploy proprietary software on all the machines.
Simple Antivirus protection is no longer enough.
Thor Premium Enterprise
is the multi-layered Endpoint Detection and Response (EDR) approach
to organizational defense.
- Next-gen Antivirus which stops known threats;
- DNS traffic filter which stops unknown threats;
- Automatic patches for your software and apps with no interruptions;
- Protection against data leakage, APTs, ransomware and exploits;
Last, but not least, AdminPrivilege™, Heimdal™ Security’s Privileged Access Management (PAM) solution will help you get rid of creepers, increase your UA hygiene, and take full control of what goes on inside your machine. As a bonus, AdminPrivilege™ is the only PAM solution on the market that automatically de-escalates user rights on threat detection (requires Thor Foresight).
For reporting, logging, auditing, and everything in between, Infinity Management are there for you.
System admins waste 30% of their time manually managing user rights or installations.
Thor AdminPrivilege™
is the automatic Privileged Access Management (PAM) solution
which frees up huge chunks of sys-admin time.
- Automate the elevation of admin rights on request;
- Approve or reject escalations with one click;
- Provide a full audit trail into user behavior;
- Automatically de-escalate on infection;
Conclusion
Unified Endpoint Management is poised to be the next best thing that happened to sysadmins since cloud computing. Has your company adopted UEM? If so, hit the comments and let me know what you think about this amazing piece of technology.
