Endpoint Management

The economic impact of COVID-19: Cost savings in IT through UEM - Part 2

19. October 2020, Avatar of Christian KaufmannChristian Kaufmann

In my last post, we looked at the ease of building a business case for cost savings with the implementation of an Automated UEM solution. We were able to demonstrate the surface level expenses, and by freeing up labour hours on IT Admins, achieved a 75% reduction in costs. Today I’m going to go a little further and look at what we would consider the hidden costs, where aUEM solution could provide some much needed financial relief in what are very uncertain times for businesses.

Lack of transparency and inaccessibility of the end devices

Time and again we find that companies are surprised at how many devices and applications they actually own, often only becoming clear after an accurate inventory scan. But even then, many devices and applications often go unmanaged when they aren’t on the network. Covid-19 aggravated this situation further, as many companies were forced to send their employees to their home office almost overnight, quickly equipping them with the necessary infrastructure to work. This alone has significantly increased the risk of attacks, since computers that were previously inside the corporate network suddenly find themselves outside, beyond the traditional controls employed to secure them. 

If a company doesn’t know the number of endpoints it owns, and if many end devices are not accessible via the company network or VPN, how can the security of these machines be ensured?  This makes it increasingly difficult to set priorities and react quickly to vulnerabilities. It is perhaps not too surprising that during the Covid crisis, the number of cyber attacks increased significantly.

Inefficient processes/high manual effort

We’ve established that different operating systems with a range of applications and versions need to be supported, updated and patched as quickly as possible to ensure security. Often, this is done without clearly defined processes, with different tools or even manually, contributing to the pressure on teams to ensure the efforts are undertaken in as timely a manner as possible. It can almost become a game of whack-a-mole, with admins needing to jump back and forth between jobs as the priorities and criticality change. What is often demoralising is that routine tasks take up a lot of this time, as tools perhaps do not integrate well, or tasks require manual intervention.

Efficient patch processes are as important as patching tools in this instance so that valuable effort, and therefore time and money, are utilised in the best possible way.

Missing compliance rules/unwanted applications

With the inability to control machines in the home office, many companies had to take on the risk of allowing local admin rights to users in order to continue productivity. Users were able to decide for themselves which applications were installed on machines, without the IT Teams knowledge of their version number, patch status or in some cases, even their existence.

If this situation is not quickly brought back under control, aside from the security implications, IT Teams will be met with an application jungle to traverse with little more than a penknife to start hacking through, which will take a great deal of time and effort. Effective control of the environment is the only way to slow the growth of Shadow IT and all of its associated issues. Companies that are slow or delayed in deploying critical patches and do not use automation are likely to incur the highest IT costs.

Scan regularly!

The issue with IT security is of course that it´s not a sprint, it’s a marathon, and one that involves constant review and response. A regular inventory scan of all end devices is a prerequisite for obtaining an up-to-date overview of the hardware and software used on each machine. On the one hand, it assists the administrator with support of users, whilst on the other, admins can check whether all versions are up to date and if important patches are missing. 

It is also possible to find out whether there are applications on the computers that have not been used for a longer period of time and thus offer a direct cost saving potential through software harvesting, or repurposing licenses from a user who doesn’t need them to one who does. 

Automating a regular scan and report can again save costs through reduction of labour, but also by ensuring your environment won’t be the next cyber attack victim. This is especially true of machines in a remote working environment, where perhaps there is no VPN. Modern solutions can take advantage of Internet Enabled Endpoint Management to connect to devices without the need for VPN, thus allowing admins to remove local admin rights and eliminate the Shadow IT problem

Efficient patching!

Ensuring the security of your IT also means keeping applications up to date with software patches to close security gaps. Companies are well advised to set up a patch management process that allows all security updates to be installed securely, quickly and reliably. Automation can be key to helping achieve this, closing the patch gap time between release and deployment, however best practices for vulnerability remediation mean that it shouldn’t completely replace the need for any manual intervention, just support it.  

Modern vulnerability scanners also help to set priorities. The more that process sequences can be automated and planned, the higher the efficiency, so taking advantage of wizards and schedulers are key here. This closes security gaps, saves time and money and gives administrators the freedom to focus on other issues.

Enforce rules for compliance!

Overworked administrators tend to delegate administrative rights to users. This should be avoided unless absolutely necessary. If it is unavoidable make it clear in your organization which applications and programs are allowed and enforce this technically in IT. Utilising Black and whitelisting of applications will help you to do this, reducing the time, effort and cost of finding necessary patches and solutions for applications that are not really desired in the company.

In summary, it can be said that standardisation, regularity and increasing the degree of automation in many companies can often achieve significant costs savings through drastic improvements in efficiency. At the same time, the resulting higher security of the end devices reduces the risk of system failure caused by cyberattacks, which in turn means lower costs in terms of downtime and/or system recovery. A good Unified Endpoint Management System can help to significantly reduce the risks of hidden costs through increased transparency and responsiveness, utilising inventory, software deployment and update management effectively.

How the baramundi Management Suite can help you save IT costs? Try it out now:

Read more

Entries 1 to 3 of 3