A few weeks ago, my colleague John O’Boyle posted that there is no end to endpoint management. That’s no secret to system administrators who spend most of their time thinking about mobile device management, endpoint security, security patches and software deployment to an ever-growing variety of device types.
Tech evangelist Tim Warner and I explored the topic even more deeply in a webcast called Predicting the Future of Endpoint Management in a Mobile World. In this post, I’ll recap the main points of our discussion.
Read Webcast Highlights
An endpoint device is defined as an internet-capable piece of hardware connected to a TCP/IP network. (It’s been a long time since all it meant was “a computer.”) In other words:
IT now cuts most endpoints with the knife of ownership, telling employees, “bring your own device.” The BYOD policy of permitting employees to bring personally owned devices to their workplace, and to use those devices to access privileged company applications and data, has generated a lot of conversations in IT. On the other hand, the devices may be customer-owned and personally enabled (COPE). The company purchases the devices, provides them to its employees and enables private-device functions for some personal use.
Under either policy, sysadmins still have to secure the network, infrastructure, applications and systems from access by potentially untrusted users with the device in their hand.
Also under either policy, sysadmins have to manage the devices. As shown below, several factors make that more difficult: the variety of devices assigned to an individual user, OS fragmentation, free and open-source components in software, and zero-day vulnerabilities for which the vendor hasn’t yet released a patch.
The resulting confetti of endpoint management combinations puts sysadmins in the position of jumping from one dedicated console to another. That makes it difficult for them to have a full overview of their endpoint landscape. It goes far beyond management by spreadsheet or even by most help desk applications.
And if they don’t know about all their endpoints, then they certainly don’t know about all their endpoint security. They lack three important things:
To keep up with all the change in their environment, they would need a comprehensive view of all of their devices from a single console, and the ability to manage the onboarding, upgrades and lifecycle events for each endpoint device.
What are the most important features when it comes to considering an endpoint management solution?
Most of all, keep in mind the systems management lifecycle, during which sysadmins have to provision, manage, secure and service all endpoint devices:
The lifecycle applies to all the endpoint devices in your current environment and those that will enter it in the future. Admins should keep those stages in mind in all their buying decisions.
Grab the highlights from the webcast that Tim Warner and I conducted, Predicting the Future of Endpoint Management in a Mobile World for more perspective on how quickly the sand is shifting under the feet of all system administrators. The webcast includes an introduction to the KACE appliances from Quest® and a deep-dive Q&A with IT admins who ask the same kind of questions you ask.