Endpoint device management: Protecting the enterprise front door

Kevin Jackson: Bill, I am really honored to get some time on your schedule today. Could you please explain to my readers your role at Dell?

Bill Odell: First Kevin, thank you for interviewing me today. I run marketing for Dell end-point device management. We provide solutions that help our customers manage and secure anything from a laptop or a PC to their servers, mobile devices and smartphones. With the explosion of different networking devices our solutions have now expanded to include printers, IP phones, network switches or anything else that may come online in the future.

Jackson: Sounds like your day job is the Internet of Things. With the advent of this new vision of the Internet what has changed with respect to security on these new types of end points? I imagine the proliferation of network-connected devices is really driving new cybersecurity challenges.

Odell: That’s exactly right, Kevin. Some have predicted that 50 billion devices and objects will be connected to the Internet by 2020. That type of environment absolutely changes the way companies deal with security. Trying to lockdown a windows PC is bad enough, but now you need to worry about other operating systems. This realization has changed our opinion on what Dell needs to do. Today our solutions help customers securely operate in this new world by identifying and profiling devices when they join your network. Through a single pane of glass, our solution will tell you what
devices are connected, where they are connecting from and if they are owned by the corporation. This really helps when people are free to connect their own personal device to the company network.

Jackson: You mentioned that Dell solutions can actually profile the end point devices. I imagine this is an important capability when dealing with events like the recent Windows 10 launch. As the different device types and operating systems proliferate, what is the number one cybersecurity challenge being faced by your customers and partners today?

Odell: Every endpoint is a point of attack. In fact, many of the recent well-known attacks have started from point-of-sale terminals attached to the network. That is why our solutions are built around delivering three important features.

First, we continually assess the network environment. This means not only knowing what devices are on the network but also their configuration. By comparing device configuration with the company standard, our software can immediately detect any changes or modifications. Users love to customize but a change may reduce the security of a device. To maintain a required security level, companies need to keep tight specifications and an ability to dynamically monitor device configurations is critical. Second, we scan for any outside intrusions. We do this dynamically on all connected devices. Third, we maintain a consistent patching regimen. This is an age-old defensive process but some customers simply lack the resources to keep this necessary activity up to date. I actually had a customer who serves as the CISO at a major university tell me that they didn’t do anti-virus patching because attackers on the offense were simply faster than they were on the defense. This “drive-by malware” reality emphasizes the need for continuous patching on anti-virus and all your other application as well.

Jackson: Dell’s portfolio sound very comprehensive and complete so how do you plan to improve it over the next 12 months?

Odell: Security is an ever moving target. A breach isn’t a matter of “if” but of “when” so companies should focus on building up their ability to detect breaches ahead of time and hasten their breach response protocol when it occurs. That is exactly why Dell brings a broad portfolio to bear on this issue. Everything from Advance Threat Detection with SecureWorks and network protection with Sonicwall through endpoint protection with KACE and encryption down at the data level. The trickiest aspect of endpoint protection however, is the lack of configuration management APIs for non-standard network devices and operating systems. As those devices and operating systems become “smarter”, we will update our software and solutions to further enable more dynamic and interactive endpoint management.

Jackson: We all look forward to those new capabilities. At Dell Peak Performance, we heard that enterprises have suffered over $600B in cybersecurity losses against just a $200B investment to protect against these losses. What should senior decision makers and IT professionals learn from this statistic?

Odell: This is a tough problem that requires constant vigilance and lack of endpoint security provides a major thoroughfare for these losses. The Canadian Cyber Incident Response Centre (CCIRC) recommended four mitigation strategies which, according to them, could prevent as much as 85 percent of targeted cyber-attacks. The four strategies are:

1. the use of application whitelisting,
2. patching of applications,
3. patching of operating systems, and
4. more restrictive administrative privileges.

 All of these protective measures can be implemented through effective endpoint protection policy and enforcement. These strategies, originally developed by the Australian Government, were also endorse in May 2015 by the US Computer Emergency Readiness Team (US-CERT). Endpoint device protection represent “table stakes” in this cybersecurity game. As time goes on, we will get better in the understanding of related analytics and in the recognition of threat patterns.

Jackson: I now envision you as a bouncer standing at the enterprise front door protecting it against that 85 percent of targeted cyber-attacks. What industry-specific insights have you learned while fulfilling that role?

Odell: From our business perspective, the top two industries are education and healthcare. Part of that is because our solutions are very comprehensive and at the same time, easy to use. In education, since school districts can’t afford to give every student a laptop or tablet, “bring your own device” is the most important challenge. Much of the curricula and many tests are accessed using personal devices over the school network. We help educators securely leverage technology while maintaining an online environment that’s also conducive to learning.

In healthcare we not only deal with regulatory issues around Personally Identifiable Information (PII) and the Health Insurance Portability and Accountability Act (HIPAA) but also aspects associate with smart patient monitoring devices connected to the hospital network. In that environment, we give hospital administrators an ability to inventory, locate and manage all of the hospital’s patient care devices from a single console. We secure not only the device but the patient status data as well.

Jackson: In the not too distant future I may sport a Dell KACE managed pacemaker in my chest. So Bill, do you have any final comments or specific recommendations for corporate decision makers?

Odell: With the proliferation and explosion of smart devices and systems, decision makers must not forget about protecting their endpoint devices.

Jackson: In other words, protect that front door. Well, thank you, Bill for sharing your time with us today.

Odell: Thank you, Kevin. I enjoyed it.

Follow me at https://Twitter.com/Kevin_Jackson