Information Security Today Home

New Books

Malicious Bots: An Inside Look into the Cyber-Criminal Underground of the Internet
Wireless Crime and Forensic Investigation
802.1X Port-Based Authentication
Software Deployment, Updating, and Patching

The Convergence of Endpoint Security and Endpoint Management

Kevin Murray

While the concept of consolidation is certainly not new to IT organizations, its application is gradually expanding. This convergence of endpoint security and endpoint management has grown to include not just servers and other hardware, but also IT operations and tools.

Evidence of this trend can be heard in hallways and lunch rooms as security and administrative teams compare notes. They are discovering common functions, challenges, and strategic goals and have begun to share ideas for addressing them more efficiently. Other indicators surface in policies designed to ensure business continuity and regulatory compliance through sound information protection and management practices. It can be measured as IT organizations respond to management's directives to control costs while supporting new business initiatives.

But perhaps the most telling evidence of the convergence of IT security and management can be seen by taking a look at the state of the typical IT endpoint itself. These ever-connected mobile and non-mobile devices have become not only a critical component of today's IT infrastructure but also a high-risk element of today's business environment. Their security is as essential as their management.

What's more, endpoint security is made possible through endpoint management. In fact, according to Gartner Vice President John Pescatore, 65 percent of all system weaknesses are due to poor system configuration, while another 30 percent can be resolved through patch management. In other words, 95 percent of security problems can be addressed through better endpoint management.

Clearly, the convergence of endpoint security and management has begun. Organizations that are successfully adopting this more efficient and effective IT approach are leveraging a similarly well-integrated, automated set of endpoint security and management tools that support and facilitate this model. In doing so, these organizations are also taking a giant step toward transforming IT from being viewed as yet another cost center to considering it a vital business enabler.

The Evolution of the Environment
As the challenges and opportunities of the Information Age continue to increase, the suitability of a segmented approach to doing business diminishes in parallel. Today's IT organizations must manage growing and increasingly complex environments that span the breadth and width of their infrastructure and operations.

At the same time, the information they are charged with protecting and managing may not be as secure as it could be; yet, avoiding security breaches remains a mandate. Helpdesk staff may spend too much time troubleshooting, but few-if any-individuals have a clear idea how many incidents are open at any point in time. IT managers suspect they are paying too much for software licenses, but they cannot get an accurate count in their environment. And, while they must know who is on their network and whether they pose a threat, unmanaged devices are fast becoming the norm.

Needless to say, just as protecting an endpoint is no longer a matter of simply deploying antivirus or a firewall, managing endpoints is no longer limited to simply provisioning a device. Today, managing endpoints includes not only deployment and configuration but also application packaging and quality assurance, software distribution and virtualization, patch management, business continuity, monitoring and tracking, problem resolution, transition and migration, asset identification, contract management, and of course, endpoint security.

Each point in the lifecycle of the endpoint must be addressed, but in a way that is both efficient and effective. After all, trying to address each issue independently-that is, with separate operations teams and using point products and tools as well as scores of agents-creates an unnecessary burden in terms of time and resources. Worse yet, when overhead increases, so does security risk.

Functional Collaboration
IT security and operations teams are recognizing the interdependence of their various functions. They realize that many of the tasks they perform are common to both organizations. From change management to user administration, configuration management, server administration, desktop support, and patch management, IT security and operations share many functions.

The difference, then, is not in the task itself but in the objective of the task. In other words, IT security performs certain functions for the purposes of regulatory compliance, vulnerability management, and new business initiative support, while IT operations undertakes the same activities but for the purposes of operational efficiency, cost containment, and availability and service quality.

IT organizations that recognize these commonalities and respond by adopting a more streamlined and collaborative model also have a complementary set of tools available that support and facilitate an integrated IT environment.

New Tools
In the traditional stovepiped IT model, organizations use a variety of discrete products and technologies to perform their functions. These include everything from tools for endpoint configuration, security, discovery, reporting, information management, and the service desk to critical configuration management databases (CMDB).

It is no surprise that such a hodge-podge of components also adds to the complexity-and even disarray-of an IT environment. This, in turn, makes it difficult to assess the state of endpoint devices, build consistent endpoint configuration images, produce reports and metrics for IT best practices and compliance requirements, or address virtually any other endpoint management or security issue.

Consequently, new toolsets are emerging that combine endpoint security, operations, and management technologies. Based on a shared architecture, these toolsets are integrated with a common endpoint data repository and provide multiple services, layered defenses, and common policy management and enforcement across all endpoint security and operations tasks, and offer aggregated data analysis and reporting.

The result? An infrastructure that brings together the people, processes, and technologies required to streamline operations, reduce the cost and risk of IT ownership, and maximize the value of IT to the business. A full range of business decisions and processes are automated. The productivity bottlenecks and errors typically associated with approvals, rules, timeout, and policy enforcement are eliminated. New processes can be created seamlessly across a wide range of applications, from business software to voice and Web offerings.

IT as a Business Enabler
With an open, collaborative architecture and toolset, IT organizations no longer have to resort to cumbersome manual security and management processes. Instead, they have combined management with the ability to segment roles and access systems so that the security team can successfully configure firewalls, helpdesk can run a scan, and operations can update applications-but without the complexity and confusion of traditional approaches.

Remediation efforts and responses to security outbreaks are more efficient with this model, and the number of agents that run on a box is reduced, which minimizes the potential for conflicts and unnecessary resource overhead. Organizations no longer have redundant capabilities to inventory systems, create groups of machines to manage, deliver updates, and more. The need for customization or massive integration efforts is obviated, which makes holistic or executive reporting easier. In addition, tasks that are already starting to overlap between IT operations and security-whether configuration management, patch management, desktop support, or change management-are made more reliable and efficient through automation.

The convergence of endpoint security and endpoint management underscores the vital role that people, processes, and technologies play in the Information Age. By taking advantage of integrated tools that support this new and more collaborative model, IT will ensure its place in the boardroom both today and into the future.

Related Reading

Plugging the Leaks: Best Practices for Securing Data in Endpoints
Enabling a Productive, Mobile Workforce with Data Loss Prevention
Data Loss Prevention: Where Do We Go From Here?

About the Author

Kevin Murray serves as Senior Director of Product Marketing at Symantec and is responsible for worldwide go-to-market planning and outbound marketing programs for Symantec's Endpoint Security products group.

 
Subscribe to
Information Security Today






Powered by VerticalResponse



© Copyright 2008-2010 Auerbach Publications