Many endpoint devices are commonly recognisable: the smartphone in your back pocket, the desktop computer or laptop. However, endpoints can also include servers – powerful computers that provide digital services to users, such as file storage, data retrieval, or commonly used applications. When all an organisation’s endpoints are added up, they can number hundreds of thousands in large enterprises.

Source: Shutterstock

Often, even discovering the existence of every endpoint is challenging, a situation that has been made more complicated since the COVID-19 pandemic and the continuing habit of working remotely. Endpoints suddenly included computers in people’s homes or personal laptops used during periods of lockdown.

Within just a couple of years from 2020, the number of endpoints using a company’s network rose sharply, and the number of cybersecurity incidents involving endpoints rose in step. Additionally, the cost of each security breach rose from $7.1m to $8.94m [PDF].

The higher number of endpoints in today’s businesses also means that more devices have at least the capability to delete, corrupt or compromise valuable data. Managing endpoints, therefore, means ensuring that devices work safely, whether from the actions of bad actors, from misuse or operators’ mistakes.

It’s clear, therefore, that managing and securing these devices needs to be at the forefront of any organisation’s cybersecurity and device management priorities. A properly managed and monitored endpoint fleet gives IT teams a clear definition of the devices it’s responsible for and a head-start on tracking down and responding to incidents caused by attackers or so-called internal threats. It also shows which devices are at greater risk of possible compromise, informing teams which endpoints need updating, patching or replacing, and with what priority.

Putting in place a rigorous endpoint management system gives organisations the best ROI of any security platform, and should be the foundation of a range of measures designed to protect the organisation’s users, digital assets and intellectual property.

Best practices in endpoint management are discussed in detail in “The Endpoint Defense Playbook: Locking Down Devices with NinjaOne“, which includes advice on how large fleet management tasks can be automated. But for the purposes of this article, let’s consider some steps that any company can take to close off many of the ways that endpoints put their owners’ digital assets at risk.

Audit
Before an IT team can know what they need to monitor, manage and protect, it has to know what devices appear on the network. An audit is therefore an unambiguous first step, although it should be noted that auditing has to be an ongoing process, as day-to-day, endpoints will change as the organisation evolves and the devices used cycle over time. A real-time network map is therefore required.

Secure access
Users, like endpoints, have to be able to prove who they are, and be granted privileges to operate on the company’s network. Passwords, two-factor authentication and single sign-on (SSO) are methods by which employees show they have the rights to be present on the network.

Zero-trust
Zero-trust is a security posture that dictates users and endpoints have no privileges whatsoever on a network by default. Then, policies grant access to applications, services, and devices on a per-case basis. In cases where no policy applies, the system reverts to zero trust or no access.

Encrypt
Encryption means that any data exchange inside or from outside the network is obfuscated and therefore immune to any eavesdropping. Data at rest should also be encrypted, so physical theft of, for instance, storage drives, will not yield any readable data by third parties.

BYOD policies
Since the emergence of the modern smartphone in the mid-00’s, users often prefer the convenience of at least occasional use of their own devices. BYOD (bring your own device) policies can determine which device types are allowed, and also stipulate which versions of software may run and operate on the network. Enacted policies will prevent insecure operating systems and software from running on users’ devices and ensure a maximum level of security among what is an unpredictable population of endpoints.

Proactive scanning
Endpoint detection and response (EDR) systems scan endpoints and log activity to flag anomalous behaviour to users or to systems administrators. Alerts can tell IT staff when action has to be taken to address apparent threats or to surface unusual patterns of behaviour that need further investigation.

Source: Shutterstock

Patch & update
Software vendors are constantly updating their code to ensure that it is as safe as possible from malicious activity. Software on endpoints should run the latest versions of all software (including the operating system) so every device does not carry at least a potential attack vector. Zero-trust policies are applicable in this respect: endpoints not fully up-to-date can be denied access or given limited privileges by default.

Remediation planning

Despite all preventative measures, every network will always suffer some security or misuse issues. It is essential that IT teams have coherent plans that can be followed when there is the possibility of data breach or corruption. Remediation planning also requires the practise of recovery procedures, so teams are aware of the steps they need to take in the event of a possible incident.

Next steps
Endpoint management and security are mutually supportive processes that together form the basis for strong IT security and data loss prevention. In very small companies, it’s possible to manually implement endpoint management on a per-device basis. But in the majority of cases, an endpoint management software platform is necessary to oversee and, where possible, automate management policies.

Creating a strong and safe IT environment for any organisation is essential for a business to operate in 2024, and it’s a subject that requires a great deal of attention. You can read in more detail about the best practices to implement endpoint management in “The Endpoint Defense Playbook: Locking Down Devices with NinjaOne“, which is available to download now.

The post The criticality of endpoint management in cybersecurity and operations appeared first on Tech Wire Asia.

Source: Shutterstock

Key challenges for 2024

Somewhat related to the AI boom of 2023, the number one challenge IT professionals face, cited by 46 per cent of respondents, is improving automation capabilities. The goal is to boost staff efficiency, and, with studies indicating that 70 per cent of organisations will implement structured infrastructure automation by 2025, it is no wonder that businesses are keen to address the issue.

The second biggest challenge, a priority for 30 percent of those surveyed, is maintaining or improving security posture. News of data breaches from huge companies, like the leak of 235 million email addresses from X, seemed to come almost weekly in 2023. As of November, over 364 million people had been affected by publicly reported data breaches or leaks. As society becomes more digitally connected through networks of devices, platforms, and services, and data governance requirements get stricter, the criticality of fortifying cybersecurity measures becomes more evident.

Productivity is the third most important area of focus for IT professionals in 2024, with 25 percent of respondents looking to improve here. The NinjaOne survey revealed that limited budgets, outdated infrastructure, and lack of consolidation undermine organisations’ ability to administer and manage infrastructure and operations effectively. These challenges highlight the need for streamlined digital transformation initiatives to boost efficiency and adaptability in organisations.

IT investment priorities for 2024

The NinjaOne report, conducted with independent analyst and consultancy firm Omdia, also queried IT decision-makers on their investment priorities for the next year. Separate research from Deloitte predicted that global IT spending in 2023 would grow by 5.5 percent on the previous year as businesses try to capture competitive advantages through increased productivity, automation and other software-driven transformation initiatives.

However, according to NinjaOne, strengthening security is the top priority for 2024, as reported by 35 percent of respondents. Security breaches can cost a significant amount to rectify due to legal fines, operational downtime, reputational damage, and data recovery costs. According to IBM, the global average cost of a data breach was $4.45 million USD in 2023, a 15 percent increase in the last three years. Therefore, investment in robust cybersecurity measures can quickly pay for itself.

Source: Shutterstock

Over a quarter of respondents prioritise investments that will enhance automation in their organisation. Recent research from McKinsey found that leveraging generative AI to automate work activities has the potential to generate between $2.6 trillion and $4.4 trillion in global corporate profits annually. This relates to the third priority highlighted by NinjaOne: 23 percent of IT decision-makers prioritise investments that will improve employee productivity in 2024. McKinsey predicted that generative AI and other automation technologies could grow labour productivity by between 0.2 and 3.3 percent.

The NinjaOne report found that small businesses are more heavily focused on automation (43 percent) and security (41 percent) than their larger counterparts as investment priorities. The authors comment that, while these fields remain important for businesses of all sizes, it is important to consider other areas of investment like customer experience, employee experience, and cloud migration. These are essential for sustained business growth and competitive resilience to larger industry players.

How NinjaOne offers a head start

Of all the survey respondents, 29 percent were existing NinjaOne customers who shared insights in how adopting its IT management benefited their organisations. The system’s robust automation features reduced the time spent on manual tasks by 95 percent, indicating a substantial increase in operational efficiency. Moreover, notable strides in security were observed, with a remarkable 95 percent improvement in patch compliance and a 96 percent enhancement in vulnerability management. The overwhelming majority of these users, 91 percent, expressed that NinjaOne enabled them to consolidate or retire multiple IT management tools, leading to an 81 percent reduction in licence fees.

Source: Shutterstock

Overall, the current IT landscape indicates a desire to leverage technology for efficiency gains, bolster security measures, and consolidate tools for cost savings and improved management. NinjaOne customers are evidently reaping these benefits. As the IT industry continues to evolve, embracing automation, fortifying cybersecurity, and streamlining IT infrastructure are becoming indispensable strategies for businesses aiming to thrive.

To learn more about what is in store for IT professionals in 2024 and how NinjaOne can support your organisation throughout, download the full report ‘Leading IT Trends for 2024: Embracing Automation, Security, and Consolidation’ today. Don’t miss the opportunity to be at the forefront of IT innovation.

The post Leading IT trends for 2024: Prioritising security, automation, and productivity appeared first on Tech Wire Asia.