The expanding role of endpoint management
Melissa Stevens 270005B76W MELISSAS@US.IBM.COM | | Tags:  ibmsecurity mobile-security ibm-security endpoint-management byod security
0 Comments | 5,447 Visits
This post was contributed by Richard Mayo, WW Product Marketing Manager - Tivoli Endpoint Manager.
Just a few years ago the endpoint management domain was most PCs and laptops. Now multiple forces are at work, driving IT to manage a plethora of new endpoints.
The most obvious examples are mobile endpoints and the Bring Your Own Device (BYOD) phenomena. End users are demanding, and for the most part receiving, access to corporate networks from their smart phones, iPads and android devices. The flexibility and connectivity that mobility brings can make an organization more agile and responsive. But it also can make an organization vulnerable. Devices that are small and constantly on-the-go face loss, theft or damage, while devices that operate via remote connectivity risk infection, corruption or hacking. IT is faced with a number a new challenges, for example, the need to detect rooted or jail-broken devices and automatically take countermeasures, selectively wiping corporate data if a device is lost or stolen and configuring and enforcing password policies, encryption and camera use.
Another related new role is balancing the need for remote data access that end uses are requesting with the data security requirements the business demands. Having applications running on a mobile device that are downloading sensitive corporate data can quickly lead to problems. A number of companies are discovering that virtual desktop technology can provide the solution to this dilemma. A virtual desktop is started on the mobile device which then accesses the application and data on a remote system. This keeps the data securely behind the firewall while giving end users access to the information they need.
The third area is managing the rapid rise in virtualized and cloud based server endpoints. There are three major challenges in this area related to endpoint management.
The first is the physical deployment of the servers. This involves automating everything from the basic server set up which involves, for example, defining DNS settings, host name and disk partitions to the delivery of images that provide the middleware and applications.
Once the server is set up standardization is the key to gaining efficiencies from virtualization. Users are often unwilling to consolidate their images because they perceive them as being too different. Administrators typically don’t have the time or the tools to demonstrate otherwise which has resulted in many organizations having several hundred images to manage. The number of images the data center will have to manage is expected to double over the next several years as virtualization becomes more pervasive. IT needs capabilities that analyze the image database, rank the images by similarity, then list the differences, including release level, giving administrators the confidence they need to consolidate images without disrupting the business.
Lastly, effective patch delivery is key to maintaining virtual machine security. IT needs to deploy patches to all the appropriate virtual servers in the cloud—however many there may be, even though that number is constantly in a state of flux. IT needs to continually know both how many virtual servers there are, and what software is driving them— so that it can determine which virtual servers need to be patched.
All of these expanded endpoint management functions need an integrated and automated solution. For more information on these challenges and solutions see our upcoming Webcast, "The Expanding Role of Endpoint Management."
Connect with <a href="http://www.twitter.com/ibmsecurity">@IBMSecurity</a> on Twitter to stay current on security news!