The hybrid workplace is here for the long-term, if not forever. Workers like the flexibility, and there are a lot of positives for business leaders in restructuring where and how people go about their jobs.

As much as workers like the hybrid workplace, it presents new challenges to security and IT teams. Management and security of corporate-owned and employee-owned endpoint devices are more complicated than ever. Many employees use Internet of Things (IoT) devices while working remotely. This sprawling, connected landscape offers bad guys a potential attack surface not seen before.

Security teams need to rethink their approach to endpoint management and mobile security. It’s time to move beyond a siloed approach to endpoint management and security and look toward unified endpoint management.

The Current Security Approach

According to Enterprise Strategy Group (ESG), businesses do a good job protecting corporate-owned desktops and laptops, but security protections lag in personal devices used for work or even corporate-owned mobile and IoT devices. Yet, employees continue to turn to a more diverse set of endpoints to fulfill their job duties.

It won’t be long until IoT devices outnumber more traditional endpoints. When you add in emerging tech like virtual and augmented realities for both workers and customers, you create an even more complex environment. If security teams struggle to protect endpoints that have been around for a while, how will they adapt to this new infrastructure?

What’s needed are new tools and platforms that offer visibility, software assessment, vulnerability mitigation, threat prevention and response. At the same time, those tools need to be able to balance productivity with protection. If those tools make work harder, especially in a hybrid work environment, users will find workarounds, making these tools less efficient, if not useless.

Read the full ESG Report here

Macro Trends in the Workplace

Diverse end-user environments are where we’re headed if we aren’t already there. They’re essential for a hybrid workplace. However, too many organizations find their investments in people, processes and tools haven’t caught up. Security is still siloed across devices and across security strategies. The ESG study found that organizations have the strongest levels of security maturity in areas like endpoint security, unified communication and user authentication, with either optimal maturity or solutions in place and building toward maturity. But security is weakest where it is needed in a hybrid environment: bring-your-own-device (BYOD) policies and zero trust network access.

The hybrid workplace has forced shifts in long-time policies. Why isn’t security more mature for BYOD policies, for example? After all, BYOD has been around long before large swaths of the workforce split their time between home and office. In the past, the IT and security teams managed BYOD programs within an isolated environment. These teams could dictate the types of personal devices employees use for work. In a hybrid workplace, there are many different kinds of devices, changing how endpoint management works.

Higher Priority on Data Security

The remote workforce brought new attention to the importance of securing data, too. A hybrid office makes that even more challenging. Workers split their time between two locations and multiple sets of endpoint devices. Data protection and security need to extend across devices, applications and workloads, while also addressing cloud environments.

Encryption is the highest priority for adding layers of protection to data, followed by controlling data leakage.

Impact of Zero Trust

Zero trust is one of the most popular buzzwords within security at the moment. When done well, it can offer higher levels of protection across the entire hybrid work environment. But zero trust is a journey. You need to invest in the tools, controls and management solutions to deploy a zero trust framework. According to the ESG report, three in 10 organizations have begun to implement a zero trust strategy.

Bringing in Unified Endpoint Management

Computerworld defines Unified Endpoint Management (UEM) as “a set of technologies used to secure and manage a wide range of employee devices and operating systems — all from a single console.”

The goal behind UEM is to reach and protect as many devices as possible. It is a definite change from just a few years ago when security was targeted for specific endpoints. Silos were created because of the tools at hand or the skill set of the teams protecting the endpoints. That may have worked when IT dictated the devices used, but a hybrid workplace environment needs more flexibility and creativity. It also needs to handle the security of very diverse sets of devices.

UEM addresses the many needs for data security. You can’t protect what you don’t know and don’t see, after all. Too many endpoint solutions don’t offer the levels of visibility needed to effectively see into your data. UEM adds the data management needed across all devices. It adds device context and relationships to the data, as well as visibility into the data created and stored in endpoint devices.

Bringing Management and Protection Together

Zero trust has momentum among companies, but they are choosing zero trust over their endpoint security solutions. Device trust is at the core of a zero trust strategy, which is a key goal of UEM solutions.

More than half of the ESG respondents believe there is a need for converged endpoint management and security. Combining device management and security functions into one platform and one solution offers the higher level of security needed in this new hybrid work environment. It will offer the protections needed as mobile, cloud and IoT dependence continue to rise. Attack surfaces are expanding, too. This, together with the many different types of devices in play, makes it more difficult to silo protection. Endpoint management provides a security solution that rises to that challenge.

More from Endpoint

Patch Tuesday -> Exploit Wednesday: Pwning Windows Ancillary Function Driver for WinSock (afd.sys) in 24 Hours

‘Patch Tuesday, Exploit Wednesday’ is an old hacker adage that refers to the weaponization of vulnerabilities the day after monthly security patches become publicly available. As security improves and exploit mitigations become more sophisticated, the amount of research and development required to craft a weaponized exploit has increased. This is especially relevant for memory corruption vulnerabilities.Figure 1 — Exploitation timelineHowever, with the addition of new features (and memory-unsafe C code) in the Windows 11 kernel, ripe new attack surfaces can…

When the Absence of Noise Becomes Signal: Defensive Considerations for Lazarus FudModule

In February 2023, X-Force posted a blog entitled “Direct Kernel Object Manipulation (DKOM) Attacks on ETW Providers” that details the capabilities of a sample attributed to the Lazarus group leveraged to impair visibility of the malware’s operations. This blog will not rehash analysis of the Lazarus malware sample or Event Tracing for Windows (ETW) as that has been previously covered in the X-Force blog post. This blog will focus on highlighting the opportunities for detection of the FudModule within the…

Cybersecurity in the Next-Generation Space Age, Pt. 3: Securing the New Space

View Part 1, Introduction to New Space, and Part 2, Cybersecurity Threats in New Space, in this series. As we see in the previous article of this series discussing the cybersecurity threats in the New Space, space technology is advancing at an unprecedented rate — with new technologies being launched into orbit at an increasingly rapid pace. The need to ensure the security and safety of these technologies has never been more pressing. So, let’s discover a range of measures…

Backdoor Deployment and Ransomware: Top Threats Identified in X-Force Threat Intelligence Index 2023

Deployment of backdoors was the number one action on objective taken by threat actors last year, according to the 2023 IBM Security X-Force Threat Intelligence Index — a comprehensive analysis of our research data collected throughout the year. Backdoor access is now among the hottest commodities on the dark web and can sell for thousands of dollars, compared to credit card data — which can go for as low as $10. On the dark web — a veritable eBay for…