Endpoint device management: Protecting the enterprise front door

DISA Chief Technologist States Plan for Cloud

By G C Network | September 23, 2008

In an interview reported on in this month’s Military Information Technology magazine, David Mihelcic, DISA Chief Technology Officer, has laid out his goal for the agency’s cloud computing initiative. As…

Google, GeoEye, Twitter. What a Combination!

By G C Network | September 23, 2008

On September 9th, Bob Lozano posted his kudos to GeoEye for a successful launch of GeoEye-1. (Hey Bob! Where’s that post on your “cloud failure” last week?) According to their…

RightScale goes Transcloud

By G C Network | September 22, 2008

Over the weekend, Maureen O’Gara of SYS-CON media reported that RightScale is now offering a “first in industry” capability to provide application management across multiple cloud infrastructures. It now offers…

A Bill to Outlaw Cloud Computing…..

By G C Network | September 19, 2008

… is what we may see if we don’t educate our lawmakers now! That seemed to be one of the main point at last week’s Google workshop in DC. Berin…

NCOIC and Cloud Computing

By G C Network | September 18, 2008

Yesterday the Network Centric Operations Industry Consortium (NCOIC) had a very good session on cloud computing during their plenary session in Falls Church, VA. Led by NCOIC’s Bob Marcus, speakers…

Military Information Technology Cloud Computing Collaboration

By G C Network | September 17, 2008

Today, we’re happy to announce what we believe to be an industry first. “Military Information Technology Magazine“, as the publication of record for the defense information technology community, is collaborating…

Is 99.999% reliability good enough?

By G C Network | September 16, 2008

According to Reuven Cohen in his recent post, Cloud Failure: The Myth of Nines , the whole concept of reliability may be meaningless. “In the case of a physical failure…

You Probably Use Cloud Computing Already.

By G C Network | September 15, 2008

56% of internet users use webmail services such as Hotmail, Gmail, or Yahoo! Mail. 34% store personal photos online. 29% use online applications such as Google Documents or Adobe Photoshop…

20 Real-Life Challenges of Cloud Computing

By G C Network | September 12, 2008

Nikita Ivanov of GridGain offers some excellent insight into the nuts and bolts of getting the cloud to work. Definitely worth a read. To summarize: Most likely you do NOT…

3Tera Announces Global Cloud Services

By G C Network | September 11, 2008

Last week, 3Tera has announced the availability of global cloud services, based on their AppLogic grid operating system. 3Tera is currently running data centers in seven countries (United States, Japan,…

Mobility and cloud computing have combined to obliterate any so-called network security perimeter. Corporate data has now been let loose to roam in a world of cyber thieves, manipulators and untrusted infrastructure. What is a security professional to do?

According to Bill Odell, the Dell Vice President of Marketing for Endpoint Device Management, you need to protect the enterprise front door. Since devices are the network’s gateways, endpoint device management is now the key to protecting your enterprise data. That is why I was truly excited to speak with Bill at Dell Peak Performance in Las Vegas earlier this year.

Bill Odell, VP of Endpoint Device Management marketing

Kevin Jackson: Bill, I am really honored to get some time on your schedule today. Could you please explain to my readers your role at Dell?

Bill Odell: First Kevin, thank you for interviewing me today. I run marketing for Dell end-point device management. We provide solutions that help our customers manage and secure anything from a laptop or a PC to their servers, mobile devices and smartphones. With the explosion of different networking devices our solutions have now expanded to include printers, IP phones, network switches or anything else that may come online in the future.

Jackson: Sounds like your day job is the Internet of Things. With the advent of this new vision of the Internet what has changed with respect to security on these new types of end points? I imagine the proliferation of network-connected devices is really driving new cybersecurity challenges.

Odell: That’s exactly right, Kevin. Some have predicted that 50 billion devices and objects will be connected to the Internet by 2020. That type of environment absolutely changes the way companies deal with security. Trying to lockdown a windows PC is bad enough, but now you need to worry about other operating systems. This realization has changed our opinion on what Dell needs to do. Today our solutions help customers securely operate in this new world by identifying and profiling devices when they join your network. Through a single pane of glass, our solution will tell you what
devices are connected, where they are connecting from and if they are owned by the corporation. This really helps when people are free to connect their own personal device to the company network.

Jackson: You mentioned that Dell solutions can actually profile the end point devices. I imagine this is an important capability when dealing with events like the recent Windows 10 launch. As the different device types and operating systems proliferate, what is the number one cybersecurity challenge being faced by your customers and partners today?

Odell: Every endpoint is a point of attack. In fact, many of the recent well-known attacks have started from point-of-sale terminals attached to the network. That is why our solutions are built around delivering three important features.

First, we continually assess the network environment. This means not only knowing what devices are on the network but also their configuration. By comparing device configuration with the company standard, our software can immediately detect any changes or modifications. Users love to customize but a change may reduce the security of a device. To maintain a required security level, companies need to keep tight specifications and an ability to dynamically monitor device configurations is critical. Second, we scan for any outside intrusions. We do this dynamically on all connected devices. Third, we maintain a consistent patching regimen. This is an age-old defensive process but some customers simply lack the resources to keep this necessary activity up to date. I actually had a customer who serves as the CISO at a major university tell me that they didn’t do anti-virus patching because attackers on the offense were simply faster than they were on the defense. This “drive-by malware” reality emphasizes the need for continuous patching on anti-virus and all your other application as well.

Dell integrated endpoint management solution 

Jackson: Dell’s portfolio sound very comprehensive and complete so how do you plan to improve it over the next 12 months?

Odell: Security is an ever moving target. A breach isn’t a matter of “if” but of “when” so companies should focus on building up their ability to detect breaches ahead of time and hasten their breach response protocol when it occurs. That is exactly why Dell brings a broad portfolio to bear on this issue. Everything from Advance Threat Detection with SecureWorks and network protection with Sonicwall through endpoint protection with KACE and encryption down at the data level. The trickiest aspect of endpoint protection however, is the lack of configuration management APIs for non-standard network devices and operating systems. As those devices and operating systems become “smarter”, we will update our software and solutions to further enable more dynamic and interactive endpoint management.

Jackson: We all look forward to those new capabilities. At Dell Peak Performance, we heard that enterprises have suffered over $600B in cybersecurity losses against just a $200B investment to protect against these losses. What should senior decision makers and IT professionals learn from this statistic?

Odell: This is a tough problem that requires constant vigilance and lack of endpoint security provides a major thoroughfare for these losses. The Canadian Cyber Incident Response Centre (CCIRC) recommended four mitigation strategies which, according to them, could prevent as much as 85 percent of targeted cyber-attacks. The four strategies are:

  1. the use of application whitelisting,
  2. patching of applications,
  3. patching of operating systems, and
  4. more restrictive administrative privileges.

 All of these protective measures can be implemented through effective endpoint protection policy and enforcement. These strategies, originally developed by the Australian Government, were also endorse in May 2015 by the US Computer Emergency Readiness Team (US-CERT). Endpoint device protection represent “table stakes” in this cybersecurity game. As time goes on, we will get better in the understanding of related analytics and in the recognition of threat patterns.

Jackson: I now envision you as a bouncer standing at the enterprise front door protecting it against that 85 percent of targeted cyber-attacks. What industry-specific insights have you learned while fulfilling that role?

Odell: From our business perspective, the top two industries are education and healthcare. Part of that is because our solutions are very comprehensive and at the same time, easy to use. In education, since school districts can’t afford to give every student a laptop or tablet, “bring your own device” is the most important challenge. Much of the curricula and many tests are accessed using personal devices over the school network. We help educators securely leverage technology while maintaining an online environment that’s also conducive to learning.

In healthcare we not only deal with regulatory issues around Personally Identifiable Information (PII) and the Health Insurance Portability and Accountability Act (HIPAA) but also aspects associate with smart patient monitoring devices connected to the hospital network. In that environment, we give hospital administrators an ability to inventory, locate and manage all of the hospital’s patient care devices from a single console. We secure not only the device but the patient status data as well.

Jackson: In the not too distant future I may sport a Dell KACE managed pacemaker in my chest. So Bill, do you have any final comments or specific recommendations for corporate decision makers?

Odell: With the proliferation and explosion of smart devices and systems, decision makers must not forget about protecting their endpoint devices.

Jackson: In other words, protect that front door. Well, thank you, Bill for sharing your time with us today.

Odell: Thank you, Kevin. I enjoyed it.

This post was written as part of the Dell Insight Partners program, which provides news and analysis about the evolving world of tech. Dell sponsored this article, but the opinions are my own and don’t necessarily represent Dell’s positions or strategies.

Cloud Musings

( Thank you. If you enjoyed this article, get free updates by email or RSS – © Copyright Kevin L. Jackson 2015)

Follow me at https://Twitter.com/Kevin_Jackson
Posted in

G C Network