The COVID-19 pandemic has brought the sharpest inflection point in the history of technology transformation. It is accelerating digital transformation, changing the ways of work and pushing us into the realms of unknown. Remote working was considered as a secondary option even a few months ago. It has now become our primary option and technology teams are posed with newer challenges to solve. Managing and securing the endpoints of a scattered workforce is at the core of many other surrounding challenges.
Endpoint management and security solutions have been evolving since the advent of personal computers. It’s a very crowded space in the market with a plethora of solutions, with some of them being present over 30 years. Most of these solutions catered to the basic hygiene functions such as distributing software, managing assets and gathering telemetry. They also presumed strong network connectivity and the security boundary of the corporate LAN.
Tanium took the courage to enter into an already crowded space with a differentiated solution for scattered workforce outside the secured boundary of the corporate network.
Spot the dot in a wider exposure
Endpoints are no longer limited to a well-protected, high speed corporate network. People work from homes, parks or may be even kayaks in the middle of a lake! The connectivity is through Wi-Fi hotspots and shared networks. This expands a company’s risk exposure with so many unknowns playing on various networks. Spotting a risk in such an exposure poses a very different challenge. Traditional endpoint management solutions had protocols and data transfers which were heavy, enabling communications between endpoints and management servers in scheduled intervals. With distributed workforce, we don’t have the luxury of time to spot vulnerabilities. It needs to be in real time. The protocols and data transfer methodologies should be rewritten to meet this demand.
Record to respond in seconds
After recording an incident, if identifying a comprehensive context of the incident, correlating dependencies and fixing the hole takes a lot of time, it gives the malicious community ample time to take control of the endpoint, giving them entry into our company’s systems. It is necessary that the response is immediate. For the response to be immediate, the incident has to be presented with sufficient context and correlated views.
Expanding the capabilities
Imagine if there was a vulnerable endpoint detected somewhere. Its connection to the company network has to be retained, while blocking its access to critical enterprise systems. This cannot happen with an endpoint security and management solution alone. It needs to extend interfaces to be able to use the capabilities of network and firewall systems and ‘safely quarantine’ without erasing the endpoint from the network. Tanium provides both inward APIs and hooks to make this capability extension easy to implement.
While remote-working provides the flexibility, it comes with opening doors for newer risks. Reimagining endpoint security and management is crucial in such highly distributed workforce, connecting to corporate systems through corporate and personal devices in different form factors such as desktops, laptops, mobile devices, VDI and Cloud-based workspace solutions.