The COVID-19 pandemic has changed the world forever. Following regional stay-at-home orders, the number of full-time home-based workers in the U.S. grew from roughly 7% (according to 2019 research conducted by the U.S. Bureau of Labor Statistics) to about 42% (according to the Stanford Institute for Economic Policy Research) seemingly overnight.

First intended to cut down on COVID-19 transmission, this change affected nearly all businesses that use digital security. In most cases, these challenges persist. Putting a unified endpoint management (UEM) solution in place is one way to help keep security strong and users happy in the ‘new normal.’

Watch the replay of the IBM Security MaaS360 with Watson User Risk Management webcast here.

Unified Endpoint Management for Remote Work

Groups not already equipped to support broad remote workforces faced problems right away. Enabling, training and supporting employees who work from home became essential overnight. However, few transitions went as planned. Many employees found it difficult to learn new tools for remote meetings and remote access to business IT resources. In many cases, IT leaders lacked the tools required to remotely diagnose and fix reported issues.

As a result, workforce productivity dropped and workers became frustrated. Even after months of attempts to improve the remote delivery of IT services, it’s still a challenge to provide employees with the same level of digital ease at home that they achieved at the office.

Evolving work-from-home mandates have brought new risks and expanded existing threat vectors at the same time. Where once sensitive data was only accessible behind protected firewalls, now it needs to be accessed or downloaded by authorized remote workers. This has been a particular problem with organizations using employee-owned BYOD devices (such as home desktop PCs) for remote work. In these cases, businesses have only limited abilities to ensure security on devices they do not actually own. Bad actors have stepped up attacks with malware, ransomware and phishing attempts that target home users rather than businesses. Typically, if a remote worker’s device is compromised, the business is compromised as well.

Balancing Security With User Experience

Some people believe enterprise security and user friendliness contradict each other. In other words, as security increases, user friendliness must decrease and vice versa. However, EMA primary research indicates this is not always true. Using IT services and processes that make things easier for users boosts security. This is because users then prefer to use those secured resources rather than bypass them.

UEM is a strategic way to bridge the gap between security and user friendliness. Other device-centric client lifecycle management approaches provide very little insight into user behaviors and conditions. Meanwhile, a UEM solution collects data across user devices (i.e., desktops, laptops, tablets and smartphones) to spot security risks and contextual data overall. The solution then crunches the collected data to develop and execute custom policies for those users.

The Benefits of Unified Endpoint Management Solutions

To better illustrate the value of this approach, consider a UEM solution that collects relevant security data. It knows users, devices, operating systems, active processes, networks, locations and what the active IT services are doing. By using intelligence tools (e.g., analytics, language processing or cognitive computing), the solution can rapidly determine the level of risk posed by a user device. If the risk level (a numbered risk score) crosses a preset threshold, the cybersecurity team can choose which actions to take to limit business exposure. For example, they may want to disable access to specific services or impose tougher access policies.

Conversely, if the risk level is low, you may want to lift access and usage limits to allow greater user freedoms and performance improvements. In this way, the level of imposed security always aligns with the level of determined risk. It only makes things harder for users when warranted.

How to Make a UEM Work for You

To be successful, teams must achieve a high level of confidence in the UEM solution. This can only be done by making sure the UEM platform is collecting a rich set of contextual data either directly or through third-party solutions. Studying these user behaviors can help predict risky behavior and cases where productivity decreases. This, in turn, allows the tools to rapidly fix problems and improve user friendliness.

In the end, teams will have to learn to adapt to ‘the new normal.’ After all, it isn’t going away. Workforces all over the world have had a taste of the benefits of working from home. Many will be unwilling to give them up even after the COVID-19 pandemic. In addition, business leaders have already been forced to invest in tools that allow for remote work. Therefore, they have little incentive to remove those tools in the future. In fact, the strength of a business to support working from home is likely to become a key element for attracting and retaining talented workers.

However, you must set up for remote work safely, without making security and compliance harder. By enabling adaptive unified endpoint management through the collection of contextual data and the creation of data-based policies, it is possible to boost workforce productivity and user friendliness without budging on security.

Watch the webinar on demand

More from Risk Management

How will the Merck settlement affect the insurance industry?

3 min read - A major shift in how cyber insurance works started with an attack on the pharmaceutical giant Merck. Or did it start somewhere else?In June 2017, the NotPetya incident hit some 40,000 Merck computers, destroying data and forcing a months-long recovery process. The attack affected thousands of multinational companies, including Mondelēz and Maersk. In total, the malware caused roughly $10 billion in damage.NotPetya malware exploited two Windows vulnerabilities: EternalBlue, a digital skeleton key leaked from the NSA, and Mimikatz, an exploit…

ICS CERT predictions for 2024: What you need to know

4 min read - As we work through the first quarter of 2024, various sectors are continuously adapting to increasingly complex cybersecurity threats. Sectors like healthcare, finance, energy and transportation are all regularly widening their digital infrastructure, resulting in larger attack surfaces and greater risk exposure.Kaspersky just released their ICS CERT Predictions for this year, outlining the key cybersecurity challenges industrial enterprises will face in the year ahead. The forecasts emphasize the persistent nature of ransomware threats, the increasing prevalence of cosmopolitical hacktivism, insights…

How I got started: Ransomware negotiator

4 min read - Specialized roles in cybersecurity are proliferating, which isn’t surprising given the evolving threat landscape and the devastating impact of ransomware on many businesses.Among these roles, ransomware negotiators are becoming more and more crucial. These negotiators operate on the front lines of cyber defense, engaging directly with cyber criminals to mitigate the impact of ransomware attacks on organizations.Ransomware negotiators possess a unique blend of technical expertise, psychological insight and negotiation skills that allow them to navigate the high-stakes environment of ransomware…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today