The world has pivoted. Today, many more people are working away from the office and, in particular, at home. Work is truly no longer a place you go, but a thing you do. This is necessitating a radical rethink of operating models, particularly the question of how to enable employees to be productive and have secure access to critical systems and data, wherever they are. In a nutshell, IT is in the hot seat to deliver remote, secure work.
In this brave new world of remote access and digital transformation, IT teams need to rethink their technologies and approaches to endpoint security. In most organizations, there is no longer a perimeter to protect; rather, each device becomes a perimeter unto itself.
Therefore the endpoint becomes part of a broader consideration in which organizations look at their security holistically, from the chip to the cloud. For a deeper look at holistic security strategies, please download the ebook: “6 steps to build a holistic security strategy with Microcast 365.”
It is not unusual for companies to have dozens of point products from several different vendors, with no central management, control or integration. This legacy model of chasing every new threat with a new point solution no longer works in this era of highly sophisticated hackers, a widely distributed workforce, a non-existent perimeter and an attack surface that is growing exponentially. Rather than making organizations and users safer, this complex approach to endpoint security can sometimes increase risk.
Many forward-looking organizations have been moving away from this model over the past several years. But that’s just the tip of the iceberg. With the abrupt shift to work-from-home, online education and remote-just-about-everything-else, the transformation to a cloud-based platform model for endpoint security is about to accelerate at warp speed.
A Modern Model for Endpoint Security
Aside from the inadequacies of legacy endpoint security models, there are vital positive factors driving the rush to comprehensive chip-to-cloud security approaches that can make organizations safer from all types of threats, external and internal, as discussed in this webinar focused on “how to secure today’s modern endpoint.”
Primary drivers of next-generation endpoint security are:
- Cloud delivery, scale and support: Delivering, managing, disseminating and scaling security from the cloud is a superior model on just about every level. It is faster, less expensive, easier to manage and more user-friendly. IT can easily update patches and protections on all devices and streamline policy enforcement. Cloud provides a simple way for IT and security teams to respond in real-time, leveraging advanced threat detection, machine learning, analytics, automation, and artificial intelligence (AI). Cloud accelerates security innovation for endpoints, giving IT centralized control to deliver new solutions and updates to all users at the same time to address a rapidly changing threat environment with speed, agility and intelligence.
- Chip-to-cloud security: Even the most secure enterprises can be penetrated. By the same token, even the most talented and resourceful hackers can be defeated. The way to do this is to put impediments in their way at every step, from the chip to the cloud. The optimum approach is to have security layers that are designed to work in concert with one another. This avoids the existing challenge of too many disparate point solutions. It also allows enables IT to focus on those areas where human intervention is necessary, so they can maximize personnel resources while using firmware, automation, machine learning and AI in areas where machines are more effective. For example, with a Microsoft Surface device, the Unified Extensible Firmware Interface (UEFI) is written by Microsoft so all updates are pushed to the customer automatically rather than having to be manually pulled by IT and packaged for delivery to users. This makes updates more timely, accurate and likely to be applied.
- Platform models: Just as the cloud simplifies endpoint security for IT and enhances the user experience, so does the shift to a platform model. With a platform, IT and security teams can leverage solutions that are designed to work together and be managed and monitored in an integrated manner, with security built in rather than bolted on. This makes ongoing management simpler and enables IT to add security protections quickly and at scale. For example, Microsoft customers can use Microsoft 365 Administration Center, Microsoft Intune, Azure Active Directory, Microsoft Autopilot, Microsoft Team and Microsoft Surface devices all in concert to manage security and the user experience. Another advantage: Many organizations already have access and licenses for these technologies and may not be aware, until now, of the benefits of using them in an orchestrated manner to modernize endpoint security.
- Management simplicity: It is finally time for IT and security teams to simplify their lives and use their time more productively. Managing myriad point solutions requires different dashboards, training on various products and a lack of centralized control for management, monitoring and alerts. As more business-critical apps move to the cloud, this complexity will become crippling. What you want, and what the cloud and platform models enable, is a way to control everything from a centralized environment. This is even more critical in today’s workplace, where IT personnel are more likely to be working remotely and need to manage, update organize and orchestrate security from anywhere at all times. IT personnel must be able to remotely deploy, manage and enforce policy such as multi-factor authentication. They need to simplify the use of approaches that are increasingly important—such as zero trust—to protect user identity and critical corporate data.
- Modern endpoint devices: Security doesn’t end at the cloud. If your endpoint users are using older company-issued devices or BYOD, they may be exposing themselves and your organization to risks that can be avoided by upgrading them to modern endpoint devices. The key is to give users devices that are intrinsically more secure—with modern security protections that start in the firmware and extend to the cloud. For example, Microsoft Surface devices feature a Trusted Platform Module that is resistant to physical tampering and malicious software, with RSA keys to provide strong device authentication. Also, Surface is built to integrate with the Microsoft 365 security stack to detect vulnerabilities and automatically protect devices. IT can enable or disable features as part of the setup with Surface Enterprise Management Mode (SEMM).
Now’s the time
Security threats are more prevalent and sophisticated than ever and organizations are increasingly vulnerable because many more users are working remotely and from home.
The shift to cloud- and platform-based security is inevitable because of the many benefits it delivers to the organization, including lower costs, greater protection and simpler deployments. With a complete chip-to-cloud security strategy, businesses of any size can achieve a high level of protection, both from sophisticated attackers and user error.
There is no point in waiting and taking on additional risk. All of the technologies and solutions described in this article are available now and can be implemented quickly. When it comes to endpoint security, the future is now.