By Al Sargent, OneLogin
An organization’s data is only as secure as its endpoints. Over the last few years, a perfect storm of workforce and technology trends have collided making endpoint management a Sisyphean task.
To start, enterprise hardware is no longer limited to fleets of Windows PCs, behind a firewall, in an office, used only by full-time employees. Desktops, laptops, and notebooks — some running MacOS and some running Windows — coexist in most businesses. Second, work is no longer limited to the physical office. Employees are always on, checking email and apps from their bedrooms, coffee shops, and airports, outside the company firewall. And finally, companies today often have an extended workforce of non-W2 users — contractors, brokers, agencies, outsourcing firms, and more — who need to access a company’s applications and data.
Exacerbating both issues, organizations’ data is increasingly valuable and vulnerable. Last year the average total cost of a data breach hit $4 million and, as breaches at Yahoo, Sony, and the U.S. federal government prove, even organizations with large security budgets can be a target.
With IT environments growing more complex, channel firms have an opportunity to help clients overcome the hazards and headaches of endpoint management.
Everyone’s In The Market For Endpoint Protection
Understanding modern endpoint perils starts by looking back. Legacy security infrastructures, such as Microsoft Active Directory, were built in the 90s when Windows and on premise were the rule and only employees accessed apps. Today, both cloud native organizations and more established firms burdened with on premise systems wrestle with the consequences.
Cloud-native businesses that operate almost entirely on SaaS apps ultimately face SaaS sprawl, leaving IT departments in need of a comprehensive way to manage user identities across a swelling pool of programs. Because these organizations often rely on Macs, connecting to Active Directory is difficult (if not impossible) and consumes days IT could better spend elsewhere.
Even organizations with more traditional IT environments have AD Exiles who can’t connect to (or be protected by) the corporate directory. Active directory may suffice for employees using PCs in the office, but it’s a non-starter for plenty of other audiences: remote sales teams for whom VPNs may or may not work, developers writing code on Macs, even external business partners like freelancers, marketing agencies, and brokers.
In either scenario, IT has no way to consistently enforce strong passwords across all PCs and Macs for all users. As a result, devices are protected with weak, easily guessed passwords that are never changed.
Guiding Clients Toward A Better Solution
Advances in cloud directory technology, single-sign on, and multi-factor authentication present service providers with a chance to do more than educate clients about the importance of endpoint security. Instead, they can offer a new way forward, recommending tools that will protect their data, save IT staff from wasted helpdesk hours, and respect employees’ demands for flexible workstyles. To kick-off the conversation, there are key questions firms should ask clients:
The IT landscape, from hardware and software to security threats, is always evolving. Channel firms have a responsibility to ensure their clients’ endpoint strategies do the same.