Secure Unified Endpoint Management (SUEM)

Show Notes

Ivanti’s latest research — a study of over 7,300 office workers, IT professionals and organizational leaders across the globe — finds that misalignment between IT and security misalignment can have drastic consequences for businesses including slower threat responses, unplanned downtimes and unmanaged devices.  

What steps can be taken to ease this tension between IT and security and implement a proactive approach to mitigate risk organization-wide?  

Ivanti’s report, Secure Unified Endpoint Management (SUEM) delves into why today’s organizations businesses need to do away with security and IT data silos and harmonize endpoint management and endpoint security into secure unified endpoint management (SUEM) 

Get more resources 

To read the report and access additional media, including presentation-ready slides and downloadable charts and graphs, visit ivanti.com/ 

For more Ivanti research on IT, security and the future of work, visit ivanti.com/research. 

About Ivanti 

Ivanti elevates and secures Everywhere Work so that people and organizations can thrive. We make technology work for people, not the other way around. Today’s employees use a wide range of corporate and personal devices to access IT applications and data over multiple networks to stay productive wherever and however they work. Ivanti is one of the only technology companies that finds, manages and protects each IT asset and endpoint in an organization. Over 40,000 customers, including 88 of the Fortune 100, have chosen Ivanti to help them deliver an excellent digital employee experience and improve IT and security team productivity and efficiency. At Ivanti, we strive to create an environment where all perspectives are heard, respected and valued, and we are committed to a more sustainable future for our customers, partners, employees and the planet. For more information, visit ivanti.com and follow @GoIvanti. 

Chapters

• 0:00: Introduction
• 0:34: Part 1: Why align?
• 3:17: Part 2: Data silos
• 5:07: Part 3: BYOD
• 6:51: Part 4: Action Steps
• 12:52: Outro

Transcript

Research shows that IT and security suffer from siloed data and operations. Integrating endpoint management and security offers relief. 

You’re listening to the audio version of Ivanti’s Secure Unified Endpoint Management Report, part of Ivanti’s state of cybersecurity research series. To see more Ivanti research and to access additional media, including presentation-ready slides and downloadable charts and graphs, visit ivanti, I-V-A-N-T-I.com/research. 

[Sting] 

Part one: Why align? 

When IT and security teams are not aligned, it undermines a wide range of critical business goals. Coordinating endpoint management and endpoint security offers a way to harmonize IT and security directives. 

[Sting] 

Problem today 

Ivanti’s research shows a clear lack of alignment between IT and security teams. Some 41% of respondents say the two teams use different tools, and 39% say they have difficulty sharing data.  

What’s really at play? A tension between the core directives of each group:  

• IT operations teams focus on efficiency, uptime and performance to support business processes.  
• Security teams prioritize protecting data and systems from threats — and their steps to mitigate these threats often require actions that impact performance and/or convenience. 

 On the ground, this tension manifests itself in many ways. Take for example the competing efforts of unified endpoint management (UEM) and endpoint security. Regular system updates and patches are essential for both security and performance, but the way patches are prioritized and applied can ramp up friction between IT and security.  

 When the two teams are working at odds with one another — especially when security hands IT an edict they don’t agree with — frustrations arise.  

 It’s time to join forces, integrating the objectives and workflows of unified endpoint management with the requirements of endpoint security: secure unified endpoint management. 

[Sting] 

Why it matters 

The push-and-pull of endpoint management vs. endpoint security is one manifestation of a larger misalignment between the CIO and the CISO — with significant downsides.   
When IT and security teams aren’t working cohesively and collaboratively, it can have immediate and significant business implications — from productivity loss and potentially high financial costs due to unplanned downtime to a weakened security posture due to unpatched devices.  

Part of the solution lies in automating security practices, including patch prioritization, to reduce the burden on IT of an “everything is a priority” attitude to patching. Currently, just 36% of organizations automate patch prioritization.  

 An integrated SUEM solution covers everything from asset discovery and endpoint management to patch prioritization and self-healing automations. 

[Sting] 

Part two: Data silos 

Integrated endpoint management and security solutions can radically drive up visibility by breaking down data silos across departments and divisions — making your organization much more prepared to repel unforeseen threats. 

[Sting] 

Problem today 

Secure unified endpoint management solutions (SUEM) can support things like zero trust security, dynamic access rules and advanced threat response. Most organizations, however, are still far away from achieving that level of access and visibility.  

• Currently, 72% of IT and security professionals say their security and IT data is siloed — a stunning figure, given the implications.  
• 63% say these silos slow down security response times. 
• 54% say this weakens the organization’s overall security posture. 

[Sting] 

Why it matters 

Enterprise tech ecosystems are growing ever more unwieldy. Everywhere Work is driving increasing complexity of endpoints and systems that IT must optimize and security must protect. This has led to unsecured connections, incomplete updates, etc.  

When organizations take a more collaborative approach to IT operations and security (i.e., using SUEM to break down data silos and align objectives), they can leverage powerful, next-generation tools like automated threat intelligence and proactive remediation. And they can finally begin to address issues like device sprawl and higher IT support traffic exacerbated by Everywhere Work. 

[Sting] 

Part three: BYOD 

Intelligent endpoint management is not complete without a standardized, balanced approach to bring your own device (or BYOD), which currently is tolerated at best. 

[Sting] 

Problem today 

Fully 3 in 4 IT workers say BYOD is a regular occurrence, though only 52% say their organizations explicitly allow it. Among those who say their organizations don’t allow BYOD, only 22% say employees follow those rules. 

 When organizations don’t allow BYOD, they often fail to develop clear processes and procedures to manage personal devices and secure them — as well as the networks those devices access. 

[Sting] 

Why it matters 

Employees often prefer using their own devices (32% say their personal devices are easier to use). So, forbidding BYOD can impact employee mobility, satisfaction and productivity — all of which can impact growth. It can also lead to hidden risks because undocumented devices equal unmanaged devices.  

Organizations need to clearly define their protocols for using personal devices at work, including — including eligibility, compliance, data management and exit planning. 

Once these guidelines are in place, secure unified endpoint management solutions empower IT and security teams to manage, monitor and secure all end-user devices, including personal devices used for work, from a single centralized platform. 

[Sting] 

Part four: Action steps 

Experts weigh in on how organizations can mitigate risk and amplify cost savings with secure unified endpoint management. 

[Sting] 

Make the business case for SUEM, says Dr. Srinivas Mukkamula, Ivanti’s Chief Product Officer 

Among the key promises of SUEM is making organizations more proactive. Most organizations wait for an employee to complain (i.e., "my device is not working”) and then IT spends time working on patching. What if an intelligent system could recognize a pattern of device underperformance and recommend automated diagnostics across all vulnerable devices before most experience a problem –all with minimal employee downtime and no IT support required.  
 
This proactive approach isn’t only valuable to individual employees. SUEM offers tools for leaders to identify cost containment opportunities and develop highly informed automation strategies — pinpointing areas where automation can drive efficiency, raise employee experience and improve performance. 
 
And from a security perspective, the data from SUEM solutions offers a clear view of what attackers will be interested in — what's known as external attack surface management. What’s the most likely entry point for an attack? Which systems will they compromise first? What lateral moves may follow? When an organization understands vulnerabilities and their relative impacts, they can prioritize actions from a sea of possibilities.  

[Sting] 

Sri also recommends defining lines of responsibility. 

Many organizations report a persistent friction between the goals and actions of IT teams and those of security teams — and the frustrations and inefficiency that result from it. 
 
The last five years have brought about exponential growth in what’s called the digital attack surface area (e.g., devices, applications, servers, code, even shadow IT). Who owns this space? Who's going to manage devices, apps‌ or code? We don't have clear swim lanes.
 
Now with SUEM, we can break down the silos between IT and security, and prioritize actions based on the patterns and signals uncovered. SUEM empowers teams to work off the same dataset to infer, analyze and recommend actions … all from a unified dataset rather than individual data silos. High-performing organizations are evolving from device management into secure device management. 

[Sting] 

Develop a no-nonsense approach to BYOD, says Daren Goeson, Ivanti’s SVP of Product Management for SUEM 

Bring your own device (or BYOD) is a great way to empower your remote workforce when managed thoughtfully. Your BYOD policies, strategies and technology solutions should clearly address the incremental risk associated with allowing personal devices into your office and on your network. For example:  

• Eligibility: determine which employees are allowed to use their personal devices for work. Define what types of devices are permitted‌ and which security measures must be followed (for example, encryption or password management)? 
• Next is responsibility and compliance: set a policy that requires the end user to agree to an MDM policy, which gives the organization the ability to remotely wipe the asset. 
• You must also consider data management and privacy: predefine and document the level of access given to BYOD devices. Generally, organizations should not provide full network access to an unmanaged device. Take a least-privileged access approach and provide clear guidelines on what data and applications employees’ personal devices have access to. 
• Next, you’ll need to think about support and maintenance: ensure that you have a list of approved devices. Devices that are different from standard enterprise devices or have older and unsupported apps or OS will increase the cost to support and affect the productivity of the user. 
• And finally, exit planning: when an employee departs the organization (or loses BYOD privileges), how will the employer manage and remove existing accessibilities and corporate data and ensure that all personal devices are disconnected from the network? 

Alongside these protocols and guidance, organizations need a mobile device management solution where they can enroll and oversee all personal devices used for work. Choose an MDM solution that offers a range of critical management and enforcement features like device enrollment, application management, remote wiping‌ and compliance enforcement. 

[Sting] 

Adopt dynamic exposure management, says Chris Goettl, Ivanti’s VP of Product Management for Endpoint Security 

The sheer number of vulnerabilities and the sophistication of threat actors have both increased dramatically. Add to that, the time it takes to exploit a vulnerability has shrunk. What we currently call “patch management” should more aptly be named exposure management — or how long is your organization willing to be exposed to a specific vulnerability?  

If you're making decisions based only on vendor severity or CVSS score, you're going to be blindsided by a lot of vulnerabilities because vendors are not always classifying CVEs as critical. Organizations must take a more nuanced approach and ask: what's being actively being exploited? Can we detect where it’s located? Do we have a process to prioritize regular maintenance versus a rapid response or priority update response?  
 
The most security-minded organizations — especially those within highly targeted industries — are now running a two-track system:  

• Regular monthly maintenance (i.e., scheduled patch management), and 
• Continuous maintenance that targets fast-emerging, critical threats 

This two-track system, however, can lead to challenges when measuring compliance. When you run a two-track system, you will need to adjust your KPIs to ensure they recognize the value of managing active exploits. 

[Sting] 

If you enjoyed listening to this report and want even more Ivanti research, you can subscribe to this podcast to get the latest Ivanti research in your feed as soon as it’s released. 

You can read the report, download charts and graphs and presentation-ready slides, and see the rest of Ivanti’s research at ivanti, I-V-A-N-T-I.com/research. 

 And if you’d like to hear even more audio content from Ivanti, check out Executive Summary with Jeff Abbott, a podcast exploring the latest research in IT, security, and the future of work, and what they mean for your business strategy. In every episode, Jeff is joined by a new business leader for a free-ranging discussion, unpacking the research findings and connecting them to real-world leadership experience. 

 You can follow Ivanti on social media at Go Ivanti, and you can visit us at ivanti.com to learn more about our products and solutions. 

 Thanks for listening!