Part 3: So Many Endpoint Tools, So Little Coverage

In Part Two of this series, we highlighted that the more tools there are in place for IT management and security, the less secure the enterprise becomes. Those with more than 10 tools running were found to have large numbers of unmanaged endpoints. Each unmanaged endpoint opens the door to a potential cyberattack. In fact, 81% of organizations with more than 10 tools experienced at least one cyberattack via an unmanaged endpoint.

Endpoint Security and Management Tool Sprawl Is Having an Effect, ESG Research, 2023

A construction site analogy can clarify this phenomenon. When standing up a new building, workers use dozens of tools and create various pathways around a new structure. Oftentimes, teams are constructing from both the outside-in and the inside-out. Some people use windows, doors, or just temporary gaps in the structure to move around and get their jobs done. In finalizing a building, some of the tools and gaps being used can be left unfinished. In fact, a quick Google search on this topic produced nearly 61 million results in less than a second, with multiple results for how to fix holes in a wall and why holes in walls are used for construction. While there are fixes, these holes also leave gaps in place that can accelerate deterioration or cause rodents or other unwanted creatures from entering your house.It is the same in IT and security. There are so many tools in existence that some are misplaced, one or two are forgotten about completely, and many are likely misconfigured.

The Most Common Security Tools in the Enterprise

What are all these management and security tools that businesses have in place? Enterprise Strategy Group (ESG) surveyed organizations to find out. Top of the security list, as expected, was antivirus (AV). 64% said they run an AV point solution for endpoint devices. Next came endpoint detection and response (EDR) at 55%, a secure browser at 45%, and specific Internet of Things (IoT) and/or Operational Technology (OT) security technologies at 44%.

Further security technologies scoring high in the survey included: Password managers (43%), biometrics (43%), application controls (42%), vulnerability scanning (41%), device control (37%), full-disk encryption software (35%), zero trust network access (ZTNA) 35%, VPN agent (34%), digital certificates (33%), and asset management (33%). That’s a whole lot of tools. And there can be dozens more running when you consider all the security point tools that exist to take care of areas such as data loss protection (DLP), ransomware protection, secure access service edge (SASE), and many others. As the number of endpoint tools rises, so rises the potential for a cyber-breach.

Security Tool Consolidation is a Necessity

According to Gartner, integrating endpoint management and security is going to grow. In the Gartner Hype Cycle for Endpoint Security, 2022, analysts highlight how Unified Endpoint Security (UES) is a growing area for endpoint management and security. UES integrates “endpoint operations tools and endpoint security tools to help close gaps in the early detection and remediation of security threats,” according to coverage of the report from VentureBeat. For organizations looking to lower costs, improve threat prevention and detection, and accelerate time-to-respond, adopting a UES strategy should be a critical initiative.

This unified approach is where Syxsense has driven forward, in collaboration and on behalf of its customers. After helping customers stand up a thorough endpoint and patch management program, the Syxsense team saw how disjointed the patch teams were from the vulnerability management teams. But both needed to work closely, often needing information from the same sources (the endpoints) and needing to secure those endpoints. That’s why Syxsense built out additional security capabilities.

Syxsense unifies several endpoint management applications and makes everything available on one console. Syxsense Enterprise provides consolidated patch management, vulnerability scanning and remediation, mobile device management, and a zero trust evaluation engine for device attestation in one fully integrated package. Syxsense can see every endpoint running anywhere on your network, regardless of the device’s operating system. And our Enterprise tier provides complete end-to-end automation and management of all vulnerabilities that may impact IT assets and endpoints. With a built-in security scanner, you can identify any devices with OS and security vulnerabilities, weak spots, misconfiguration issues, and more. And with an extensive library of vulnerability remediations, you can push fixes to all devices that need remediating.

See it in action. Schedule a demo today.

In Part Four, we discuss the abundance of point solutions that businesses currently have in place for endpoint management and highlight weak areas that need attention.