The COVID-19 pandemic has changed the world forever. Following regional stay-at-home orders, the number of full-time home-based workers in the U.S. grew from roughly 7% (according to 2019 research conducted by the U.S. Bureau of Labor Statistics) to about 42% (according to the Stanford Institute for Economic Policy Research) seemingly overnight.

First intended to cut down on COVID-19 transmission, this change affected nearly all businesses that use digital security. In most cases, these challenges persist. Putting a unified endpoint management (UEM) solution in place is one way to help keep security strong and users happy in the ‘new normal.’

Watch the replay of the IBM Security MaaS360 with Watson User Risk Management webcast here.

Unified Endpoint Management for Remote Work

Groups not already equipped to support broad remote workforces faced problems right away. Enabling, training and supporting employees who work from home became essential overnight. However, few transitions went as planned. Many employees found it difficult to learn new tools for remote meetings and remote access to business IT resources. In many cases, IT leaders lacked the tools required to remotely diagnose and fix reported issues.

As a result, workforce productivity dropped and workers became frustrated. Even after months of attempts to improve the remote delivery of IT services, it’s still a challenge to provide employees with the same level of digital ease at home that they achieved at the office.

Evolving work-from-home mandates have brought new risks and expanded existing threat vectors at the same time. Where once sensitive data was only accessible behind protected firewalls, now it needs to be accessed or downloaded by authorized remote workers. This has been a particular problem with organizations using employee-owned BYOD devices (such as home desktop PCs) for remote work. In these cases, businesses have only limited abilities to ensure security on devices they do not actually own. Bad actors have stepped up attacks with malware, ransomware and phishing attempts that target home users rather than businesses. Typically, if a remote worker’s device is compromised, the business is compromised as well.

Balancing Security With User Experience

Some people believe enterprise security and user friendliness contradict each other. In other words, as security increases, user friendliness must decrease and vice versa. However, EMA primary research indicates this is not always true. Using IT services and processes that make things easier for users boosts security. This is because users then prefer to use those secured resources rather than bypass them.

UEM is a strategic way to bridge the gap between security and user friendliness. Other device-centric client lifecycle management approaches provide very little insight into user behaviors and conditions. Meanwhile, a UEM solution collects data across user devices (i.e., desktops, laptops, tablets and smartphones) to spot security risks and contextual data overall. The solution then crunches the collected data to develop and execute custom policies for those users.

The Benefits of Unified Endpoint Management Solutions

To better illustrate the value of this approach, consider a UEM solution that collects relevant security data. It knows users, devices, operating systems, active processes, networks, locations and what the active IT services are doing. By using intelligence tools (e.g., analytics, language processing or cognitive computing), the solution can rapidly determine the level of risk posed by a user device. If the risk level (a numbered risk score) crosses a preset threshold, the cybersecurity team can choose which actions to take to limit business exposure. For example, they may want to disable access to specific services or impose tougher access policies.

Conversely, if the risk level is low, you may want to lift access and usage limits to allow greater user freedoms and performance improvements. In this way, the level of imposed security always aligns with the level of determined risk. It only makes things harder for users when warranted.

How to Make a UEM Work for You

To be successful, teams must achieve a high level of confidence in the UEM solution. This can only be done by making sure the UEM platform is collecting a rich set of contextual data either directly or through third-party solutions. Studying these user behaviors can help predict risky behavior and cases where productivity decreases. This, in turn, allows the tools to rapidly fix problems and improve user friendliness.

In the end, teams will have to learn to adapt to ‘the new normal.’ After all, it isn’t going away. Workforces all over the world have had a taste of the benefits of working from home. Many will be unwilling to give them up even after the COVID-19 pandemic. In addition, business leaders have already been forced to invest in tools that allow for remote work. Therefore, they have little incentive to remove those tools in the future. In fact, the strength of a business to support working from home is likely to become a key element for attracting and retaining talented workers.

However, you must set up for remote work safely, without making security and compliance harder. By enabling adaptive unified endpoint management through the collection of contextual data and the creation of data-based policies, it is possible to boost workforce productivity and user friendliness without budging on security.

Watch the webinar on demand

More from Risk Management

Why Operational Technology Security Cannot Be Avoided

Operational technology (OT) includes any hardware and software that directly monitors and controls industrial equipment and all its assets, processes and events to detect or initiate a change. Yet despite occupying a critical role in a large number of essential industries, OT security is also uniquely vulnerable to attack. From power grids to nuclear plants, attacks on OT systems have caused devastating work interruptions and physical damage in industries across the globe. In fact, cyberattacks with OT targets have substantially…

Resilient Companies Have a Disaster Recovery Plan

Historically, disaster recovery (DR) planning focused on protection against unlikely events such as fires, floods and natural disasters. Some companies mistakenly view DR as an insurance policy for which the likelihood of a claim is low. With the current financial and economic pressures, cutting or underfunding DR planning is a tempting prospect for many organizations. That impulse could be costly. Unfortunately, many companies have adopted newer technology delivery models without DR in mind, such as Cloud Infrastructure-as-a-Service (IaaS), Software-as-a-Service (SaaS)…

Tech Stack Diversity: Security Benefits and Costs

If your remit protects the information technology estate, you might be tired of the constant fire drills and reminders of upcoming disruptions. The barrage from cybersecurity vendors claiming "we have the solution" is almost equally exhausting. Start here: there is no magic bullet cybersecurity solution. If there was, its inventor would be a gazillionaire and have a list of enemies miles long. However, well-stacked solutions can significantly reduce your risk posture. The key is to place dependability over dependence, reduce…

Moving at the Speed of Business — Challenging Our Assumptions About Cybersecurity

The traditional narrative for cybersecurity has been about limited visibility and operational constraints — not business opportunities. These conversations are grounded in various assumptions, such as limited budgets, scarce resources, skills being at a premium, the attack surface growing, and increased complexity. For years, conventional thinking has been that cybersecurity costs a lot, takes a long time, and is more of a cost center than an enabler of growth. In our upcoming paper, Prosper in the Cyber Economy, published by…