TechTalk
Endpoint and the Hidden Costs of
Complexity, Part 1
How are you handling today’s endpoint management challenges?
By Adam Duffy / 9 Feb 2022 / Topics: Hybrid workforce Devices
By Adam Duffy / 9 Feb 2022 / Topics: Hybrid workforce Devices
When it comes to enabling your hybrid teams to work productively and securely, the game has changed — and an approach that balances the costs and complexities of endpoint management with end-user needs is vital. In this Tech Talk, you’ll learn about the top endpoint challenges today’s businesses are facing and the strategies our Insight experts recommend to transcend them.
Want to learn more? Check them out Part 2 of the series.
To experience this week’s episode, listen on the player above, watch the conversation below, or scroll down to read a complete transcript. You can also subscribe to Insight TechTalk on Apple Podcasts, Pandora, and Spotify.
Audio transcript:
Kate
Hello, thanks for joining us for another Insight Tech Talk. I'm Kate Mayer, senior manager of Go-to-Market Solutions. I'm joined today by Joe Flynn, director of services, and Adam Duffy, product services manager. Welcome guys, happy to have you both. Today's episode is called "Endpoint and the Hidden Cost of Complexity." I think just about anyone today can agree that the game has changed when it comes to enabling business, remote work, hybrid work. And there are some obvious costs with that, but there's also a lot of hidden costs with that. So how do we manage all of it? It's important to take an approach that balances the cost and the complexities of endpoint management. So today we're going to talk through some of the top concerns that we hear as we work with clients to help resolve those and move their business forward. So, I'm going to start first with Adam, as you kind of think through some of those hidden costs, like what's the most overlooked piece that we see with companies when it comes to managing device deployment, especially for remote workers, from a technical perspective?
Adam
Well, I think that there's a few things. One of the things, the first thing that comes to mind, is the end user experience, I think can be overlooked. Just in a daily hustle that extends throughout the year, is many of these things kind of get buried as you try to keep up. Talent has high expectations with today's technology, and there's so many options available to deliver a great experience without compromising or and even the improving on security and productivity. So, you see some of that. Also, sometimes some legacy scenarios that occupy time of internal IT teams, we've always done it this way as a common sentiment. And this can quickly add up to bigger concerns down the road. And other things this can lead to security pitfalls using outdated systems methods and including outdated audit procedures. Things like this are bound in many places and cause a plethora of issues in the long term and near term.
Kate
Sure. Oh, that makes a lot of sense. And I'm sure that, well, again there's some obvious costs with those. There's probably a lot of hidden costs in all of those pieces as well. So Joe kind of expanding on that a little bit. Can you talk to us a little bit about technical debt? How does that accumulate for an organization that's still mostly on legacy device management practices?
Joe
Great question. And let me tie it into two method. If we look at a heart ROI or things we can definitely account for if you could licensing scenario support cost training. When we look at the legacy model many companies have multiple platforms to handle multiple device platforms. You can look at things like system center, jam workspace one, one's mobile, one's very window centric. One's very apple centric. So, think about the need just to license those the maintenance of those but then keeping skill sets because it's usually a very different skillset to support each of those tools. So that's hard ROI. But now if we look at the soft ROI that you really can't account for it's the fact that now that we shifted to a hybrid model it's difficult to support those users. It's difficult to get to those users. Users aren't connected to those legacy systems that are on premises yesterday. And so the problem with that is now you lose productivity you lose that end user experience. You lose the trust from the end user. So that's all soft ROI that very difficult to account for but it just jumps the skyrockets. When you look at the hybrid world today tied to a legacy device side.
Kate
Sure. That makes a ton of sense. And so as you think through it sounds to me like the longer that you're on those legacy solutions, the more the problem kind of compounds. If an organization's looking at it today and they're looking at we're hybrid now, we're on legacy. We know we need to do something, but where do I start? What kind of recommendations would you give them?
Joe
Yeah, the biggest recommendation I have is what are your business requirements going forward? We've shifted. We've seen that many customers have shifted to how do I support today? If you think of May, March, April of 2020 everybody made the shift to hybrid work or remote work. So everybody had, was rushing around how do I get this to work? How do I get that to work? And I like to call it around the way the MacGyver. If you all know MacGyver with a rubber band and the paper clip that's what many companies did just to get remote users users remote, and to be able to support that. So, the business requirements are key in 18 to 24 months but then the second part of that is you got to step back because if I'm at a corporation and I've been there 15, 20 years so I'm going to think what I'm doing is the best I can do and it's the best that can be done today. But we have to take off those blinders and look at what is out there. What's available from a technology standpoint? And take those business requirements and back it into a solution. Don't just think of a, I have this specific technology solution today that I want to use it tomorrow. Now, what do I need tomorrow? But then what's the best solution and the best technology that can get the most value out of? And most importantly, like Adam said earlier how do I increase my end user experience? Because that's going to get more and more difficult as time goes on.
Kate
Yes. And that seems to be so key obviously for end users, but then organizations in general. Is really meeting those expectations for end users. So kind of transitioning a little bit. You talked about this and something that comes very top of mind, as we're talking about hybrid work in particular is to security and compliance. So how does an organization approach modern endpoint management in conjunction with security and compliance? 'Cause I'll be really honest that that feels very big I think for a lot of companies. So I guess I'll open that up to both of you. I'd love you take on that.
Joe
Yeah. I'll go first. Security's a conversation we have with every customer and you have to, as many companies had made that quick shift to that hybrid remote workforce security was lacking. They just had to do what they keep the lights on. When I talk to customers, I like to talk about and a lot of industry people do in around the lenses of security. And there's four that we tend to concentrate on when it comes to the user, the devices and the first one is secure at the front door. Secure the identity, secure the user that's actually logging in to that device. That user account that's accessing your corporate data. So, you can do it with MFA identity protection employee of capabilities around the identity. The second lens is the content. Make sure you understand where your content is where it's going, whether you'd tag it so you can always find it and revoke it back or you apply rights management to it. But initial, if you secure that content then the use of what device it's on becomes less important. Now it's still important, but less important. Next is then secure the devices. Now, if we look at your typical devices from the iOS to a Windows, to an Android device but you always want to do encryption. You want to make sure you push down the proper settings and policies to ensure that device is in compliance and the device is secure enough that you're comfortable with it accessing your data. And then lastly the last lens is end user experience. You have to provide that great experience because as we shift users want the productivity they want the ability to choose their own device on what they're most comfortable with. So you have means of like a single sign on self-service allow users to do more. And then more importantly, work from anywhere. We're all working from everywhere today. Whether we're home, we're slowly starting to travel or you could be in a Starbucks, but in turn you want these security tools to enable the level of security you're comfortable with but also give your workers the experience where they can do their job from anywhere.
Kate
Yeah. I think that makes a lot of sense. And I think especially too the work from anywhere piece, I mean that's continues to be fluid now as things continue to evolve and change. So yeah, that's a great point. And Adam, I think when you think through this if you think through the lens of security and compliance from an industry perspective, is there anything that that you think organizations or you'd recommend kind of keep top of mind there?
Adam
Yeah. I mean like there's so many different compliance and guidelines that are available. And, but speaking to some of the top ones that we deal with at, on the regular basis of like healthcare, for example, you have HIPAA compliance. We deal with this on a day to day basis and you also have the financial services. We see, these are things that we engage with as even customers in the industry without even really thinking about it. So in financial services yet PCI compliance we have to consider manufacturing. We have things like ISO 27001. Automotive it's the critical information protection CIP and in retail, you have a combination. This is stuff that we see again, like just in daily use. So they have to do a PCI and a combination with that and also the ISO 27001. So all these compliance guidelines they're really just guidelines until you can actually do something with them. So that takes the second area of consideration how am I going to implement this? So you have to think about what systems you're going to get. What do you have currently in place? What kind of licensing entitlements do you currently have? And how do you get across the finish line and keep your business running at the same time? It's a lot of things to juggle, but it can be done. So one of the things you really want to do is think about what kind of, if you're on a primary system and you want to add on security information management event management, what tools are you going to use to implement these that are going to not only serve your needs now, but in the future. Like we were saying before, you don't want to get yourself in a situation where you're just trying to fix something now. You really need to think about that for the long term. Get those systems in place. 'Cause something that can do the configuration also your deployment and keep those devices in compliance to get you there without too much trouble. And sometimes you just need some support with that
Kate
Sure. Oh, that makes a lot of sense. And so I think last question I would have Joe for you is when you think through kind of, again there's a lot of different elements here. And especially we just talked through security and compliance. Like legacy approaches to device management and connectivity replied on VPNs. Can you elaborate on what sort of limitations we see with VPNs and what are some new ways for clients to overcome those?
Joe
Yeah, I mean as we shifted remotely, VPNs were sometimes a bottleneck 'cause companies weren't prepared for the amount of capacity that was coming through the VPN at one time. I mean, I think prior to 2020, you probably maybe had 10% of your workforce remote, maybe 20 that was connected to the VPN to now you're at 100 for the most part. But now if you look at the legacy management tools they had to have connectivity to your on-prem infrastructure. So VPN was absolutely requirement because we're not in the office, we're not sitting in the office. So for me to manage a device support and end user they would have to have connected to VPN for me to give 'em an application maybe push down a patch if that's how I was doing it. Where now if I shift to the modern world I can do it from anywhere, they need internet connectivity. So one of the biggest examples I tell customers, if you look at that VPN requirement is the cloud first model for a device. Make a device be dependent on the cloud not on-prem because the moment I make it dependent on-prem for me to get a new user device, I have to somehow log in as that user before they get the device at home otherwise they'll never be able to log in. So it's a security issue. You have to share passwords or potentially reset passwords. But now as I shift to that modern and cloud first model I can send a device directly to a user. They can log in with themselves in a secure fashion and not dependent on a VPN or not dependent on the on-prem. So yeah, there's a lot that could be done. VPNs are still going to be required for some of your legacy applications but there's even technologies out there like App Proxy another type of pro app VPN capabilities where you're not connecting to VPN for everything but just also for a specific use case if need be. So I stepped back to the previous question is step back let's take the blinders off all of us and figure out what's available to us at a technology level to how I can accomplish my business requirements. Because again, we've lived with VPNs for 20 years. 25 plus years. So a lot of customers, that's all they know. That's their most secure method and there's other options out there for them.
Kate
Great. Well, I thank you for your insights today Joe and Adam. I think there's certainly, I know we just sort of touched the surface, but I think we hit on some really interesting points around. What are some of the obvious cost impacts and what are some of the hidden costs when it comes to modernizing someone's endpoint management strategy. So thank you both again for your time today. And for our audience you can check out the URL on the screen, go ahead and visit that for a complimentary managed OnPoint workshop with our services team. Thanks everybody.
Adam
Thank you.