Endpoint device management: Protecting the enterprise front door

Federal Cloud Computing Strategy Officially Launched

By G C Network | February 14, 2011

Federal CIO Vivek Kundra officially launched the Federal Cloud Computing Strategy today. While this is clearly not new news, the document does state the government’s position in a very succint manner.…

GEOINT’s Future is in the Cloud

By G C Network | January 31, 2011

Recently, Geospatial Intelligence Forum Magazine asked me for my thoughts on the role of cloud computing in the future of geospatial intelligence.My response was recently published in their December 2010…

eTechSuccess: Patterns of Success – Kevin Jackson

By G C Network | January 27, 2011

 My sincere appreciation to John Baker for the eTechSuccess: Patterns of Success interview. John and I worked together IBM as part of the Wireless Emerging Business Organization. His team and…

USBE&IT Winter Issue Focuses on Cyber Security

By G C Network | January 19, 2011

Thank You USBE&IT Publisher Mr Tyrone Taborn for such an inspiring issue and my sincere appreciation to Mr. Frank McCoy for my inclusion in his list of Cyber visionaries! The Homeland…

Global GovCloud with Cisco and VCE

By G C Network | January 18, 2011

Last week I had the awesome experience of participating in a global telepresence conference on government cloud computing. Joining me as presenters were Blake Salle, Senior Vice President of VCE,…

NIST Cloud Computing Collaboration Twiki Launches

By G C Network | December 30, 2010

Today I received my credentials for the NIST Cloud Computing Collaboration Site. “The National Institute of Standards and Technology (NIST) has been designated by Federal Chief Information Officer Vivek Kundra…

GovCloud Predicitons for 2011

By G C Network | December 30, 2010

Happy New Year All!! 2011 will be the breakout year for GovCloud! Pressure to reduce budget, pressure to manage I resources better and the political pressure of the next presidential…

Vivek Kundra Unveils 25-Point IT Management Reform Program

By G C Network | December 10, 2010

Yesterday the US Federal CIO, Vivek Kundra, unveiled an ambitious 25-point implementation plan for delivering more value to the American taxpayer. This plan focuses on execution and is designedto establish…

GSA and Unisys/Google Marks GovCloud Watershed

By G C Network | December 4, 2010

As widely reported this week, the United States General Services Administration (GSA) has awarded a contract to Unisys to create a secure cloud-based email and collaboration platform. The solution will…

NIST Moves Forward on Cloud Computing

By G C Network | November 8, 2010

Last week the National Institute of Standards and Technology (NIST) held their second Cloud Computing Forum and Workshop. Skillfully shepherded by Ms. Dawn Leaf, the agency’s senior executive of cloud computing,…

Mobility and cloud computing have combined to obliterate any so-called network security perimeter. Corporate data has now been let loose to roam in a world of cyber thieves, manipulators and untrusted infrastructure. What is a security professional to do?

According to Bill Odell, the Dell Vice President of Marketing for Endpoint Device Management, you need to protect the enterprise front door. Since devices are the network’s gateways, endpoint device management is now the key to protecting your enterprise data. That is why I was truly excited to speak with Bill at Dell Peak Performance in Las Vegas earlier this year.

Bill Odell, VP of Endpoint Device Management marketing

Kevin Jackson: Bill, I am really honored to get some time on your schedule today. Could you please explain to my readers your role at Dell?

Bill Odell: First Kevin, thank you for interviewing me today. I run marketing for Dell end-point device management. We provide solutions that help our customers manage and secure anything from a laptop or a PC to their servers, mobile devices and smartphones. With the explosion of different networking devices our solutions have now expanded to include printers, IP phones, network switches or anything else that may come online in the future.

Jackson: Sounds like your day job is the Internet of Things. With the advent of this new vision of the Internet what has changed with respect to security on these new types of end points? I imagine the proliferation of network-connected devices is really driving new cybersecurity challenges.

Odell: That’s exactly right, Kevin. Some have predicted that 50 billion devices and objects will be connected to the Internet by 2020. That type of environment absolutely changes the way companies deal with security. Trying to lockdown a windows PC is bad enough, but now you need to worry about other operating systems. This realization has changed our opinion on what Dell needs to do. Today our solutions help customers securely operate in this new world by identifying and profiling devices when they join your network. Through a single pane of glass, our solution will tell you what
devices are connected, where they are connecting from and if they are owned by the corporation. This really helps when people are free to connect their own personal device to the company network.

Jackson: You mentioned that Dell solutions can actually profile the end point devices. I imagine this is an important capability when dealing with events like the recent Windows 10 launch. As the different device types and operating systems proliferate, what is the number one cybersecurity challenge being faced by your customers and partners today?

Odell: Every endpoint is a point of attack. In fact, many of the recent well-known attacks have started from point-of-sale terminals attached to the network. That is why our solutions are built around delivering three important features.

First, we continually assess the network environment. This means not only knowing what devices are on the network but also their configuration. By comparing device configuration with the company standard, our software can immediately detect any changes or modifications. Users love to customize but a change may reduce the security of a device. To maintain a required security level, companies need to keep tight specifications and an ability to dynamically monitor device configurations is critical. Second, we scan for any outside intrusions. We do this dynamically on all connected devices. Third, we maintain a consistent patching regimen. This is an age-old defensive process but some customers simply lack the resources to keep this necessary activity up to date. I actually had a customer who serves as the CISO at a major university tell me that they didn’t do anti-virus patching because attackers on the offense were simply faster than they were on the defense. This “drive-by malware” reality emphasizes the need for continuous patching on anti-virus and all your other application as well.

Dell integrated endpoint management solution 

Jackson: Dell’s portfolio sound very comprehensive and complete so how do you plan to improve it over the next 12 months?

Odell: Security is an ever moving target. A breach isn’t a matter of “if” but of “when” so companies should focus on building up their ability to detect breaches ahead of time and hasten their breach response protocol when it occurs. That is exactly why Dell brings a broad portfolio to bear on this issue. Everything from Advance Threat Detection with SecureWorks and network protection with Sonicwall through endpoint protection with KACE and encryption down at the data level. The trickiest aspect of endpoint protection however, is the lack of configuration management APIs for non-standard network devices and operating systems. As those devices and operating systems become “smarter”, we will update our software and solutions to further enable more dynamic and interactive endpoint management.

Jackson: We all look forward to those new capabilities. At Dell Peak Performance, we heard that enterprises have suffered over $600B in cybersecurity losses against just a $200B investment to protect against these losses. What should senior decision makers and IT professionals learn from this statistic?

Odell: This is a tough problem that requires constant vigilance and lack of endpoint security provides a major thoroughfare for these losses. The Canadian Cyber Incident Response Centre (CCIRC) recommended four mitigation strategies which, according to them, could prevent as much as 85 percent of targeted cyber-attacks. The four strategies are:

  1. the use of application whitelisting,
  2. patching of applications,
  3. patching of operating systems, and
  4. more restrictive administrative privileges.

 All of these protective measures can be implemented through effective endpoint protection policy and enforcement. These strategies, originally developed by the Australian Government, were also endorse in May 2015 by the US Computer Emergency Readiness Team (US-CERT). Endpoint device protection represent “table stakes” in this cybersecurity game. As time goes on, we will get better in the understanding of related analytics and in the recognition of threat patterns.

Jackson: I now envision you as a bouncer standing at the enterprise front door protecting it against that 85 percent of targeted cyber-attacks. What industry-specific insights have you learned while fulfilling that role?

Odell: From our business perspective, the top two industries are education and healthcare. Part of that is because our solutions are very comprehensive and at the same time, easy to use. In education, since school districts can’t afford to give every student a laptop or tablet, “bring your own device” is the most important challenge. Much of the curricula and many tests are accessed using personal devices over the school network. We help educators securely leverage technology while maintaining an online environment that’s also conducive to learning.

In healthcare we not only deal with regulatory issues around Personally Identifiable Information (PII) and the Health Insurance Portability and Accountability Act (HIPAA) but also aspects associate with smart patient monitoring devices connected to the hospital network. In that environment, we give hospital administrators an ability to inventory, locate and manage all of the hospital’s patient care devices from a single console. We secure not only the device but the patient status data as well.

Jackson: In the not too distant future I may sport a Dell KACE managed pacemaker in my chest. So Bill, do you have any final comments or specific recommendations for corporate decision makers?

Odell: With the proliferation and explosion of smart devices and systems, decision makers must not forget about protecting their endpoint devices.

Jackson: In other words, protect that front door. Well, thank you, Bill for sharing your time with us today.

Odell: Thank you, Kevin. I enjoyed it.

This post was written as part of the Dell Insight Partners program, which provides news and analysis about the evolving world of tech. Dell sponsored this article, but the opinions are my own and don’t necessarily represent Dell’s positions or strategies.

Cloud Musings

( Thank you. If you enjoyed this article, get free updates by email or RSS – © Copyright Kevin L. Jackson 2015)

Follow me at https://Twitter.com/Kevin_Jackson
Posted in

G C Network