Endpoint management and identity management: At a crossroads?
Summary
Topics
Commentary - Today's workforce is no longer tied to devices. Workers are becoming more mobile and flexible,and are demanding anywhere, anytime access to their applications. As a result, IT and securityteams need to do more than just manage and secure physical devices like PCs, notebooks, andsmartphones. They need to focus on the workers behind those devices. That's where the twoworlds of identity management and endpoint management are rapidly converging.
Traditionally, identity management has focused on managing the user lifecycle. For example,when someone starts a new job, they may be provisioned access to a laptop, businessapplications such as a CRM system, and the company’s internet. The user’s password andaccess rights are controlled through an identity management solution. This is one piece of thepuzzle. The other piece, endpoint management, focuses on lowering total cost of ownership byautomating IT tasks like application distribution, patch management, and Windows 7 migrations.As the workforce becomes more mobile, endpoint management increasingly requires usershave the right applications and tools based on their roles and responsibilities. And given today’sincreasingly complex IT environment, administrators are shifting toward managing endpointsfrom an identity perspective instead of simply from a device perspective.
The bottom-line – savvy enterprises today are looking for endpoint management solutions thatcan do both. They want solutions to automatically manage and secure devices to lower costs,but at the same time, have identity-based capabilities to increase workforce productivity.
One could argue that the convergence of endpoint management and identity is necessary inany large enterprise to prevent productivity lapses. For example, if a user’s laptop crashes, theymay be issued a loaner PC, but that’s not terribly helpful if their applications don’t follow them.However, if you abstract the user from the device, you can enable users to access everythingthey need – based on who they are, their roles and responsibilities – as soon as they log intothat device. This immediately drives up productivity.
Let’s look at an example of how endpoint management and identity management are increasingproductivity, while reducing cost and IT administration. The IT department for a large hospitalwas getting frequent complaints from clinicians and doctors who shared workstations throughoutthe facility. They often experienced time delays finding patient information they needed.Moreover, they had security concerns about sharing resources. Instead of merely employinga solution that focused on devices, the hospital utilized an endpoint management solution withidentity-based capabilities. This way, whenever a user logged into a workstation, they alwayshad a consistent-looking desktop and the exact set of applications customized for their role,no matter which PC they used. And because access was tied to each user’s identity, onlyauthorized people could log-on, protecting patient privacy and further ensuring the security ofmedical records.
The convergence of endpoint and identity management becomes even more critical asbusinesses shift towards more flexible computing architectures using a mix of physical, virtualand cloud environments, it becomes even more critical for the desktop to follow the user. Forexample, a large pharmaceutical firm decided to virtualize desktops as a way to gain moreprocessing power when conducting compute-intensive scientific analysis. However, oftentimesvirtual machines that have been idle have not been properly patched, leaving them vulnerable toperformance issues and viruses. By using endpoint management solutions with identity-based capabilities, the firm could quickly identify which users' virtual desktops had been properlypatched before initiating critical analysis. They could then quickly ramp up new computingresources as needed to perform their scientific analysis. This provided significant agility whileeliminating risks.
By combining identity-based capabilities with other features like location-based awareness,endpoint management can provide even greater security for enterprises. For example, yourtypical “road warrior” employee is rarely behind the company firewall and often logs in fromremote locations like coffee shops, hotels and airports. Your endpoint management solutionshould automatically recognize this and apply additional security policies based on who andwhere the user is. By enforcing policies based on identity and location, IT can provide usersmore flexibility and freedom while tightening security.
With mobility increasing and threats lurking around every corner, businesses today can nolonger focus on managing just physical devices. Organizations must give users the desktopenvironments and security levels they need to do their jobs, no matter where their users ordevices are located. This way, not only can IT help drive down costs, but they can also drive upproductivity for workers, no matter where their jobs take them.
biography
Grant Ho is Director of the End-User Computing marketing team at Novell. He leads marketingfor Novell Endpoint Management solutions, where his responsibilities include strategic planningfor the ZENworks family of products, including competitive messaging, public and analystrelations, demand generation, sales enablement, and joint go-to-market development withNovell's partners.
Join the conversation!
The best of ZDNet, delivered
ZDNet Newsletters
Get the best of ZDNet delivered straight to your inbox
Vendor Showcase
Facebook Activity
