close icon
Home Page
Products

Products

PAM logo
Privileged Access Management
PEM logo
Endpoint Privilege Management
PPA logo
Automation
Industries

Industries

school_line
Education
bank_line
Finance
government_line
Government and Defence
hospital_line
Healthcare
computer_line
IT Operations
settings_5_line
Industrial Control Systems
briefcase_line
Legal
store_2_line
Retail
Partners

Partners

Resellers and Distributors
Partner marketing support
Partner opportunity
Resources

Resources

tool_line
Free Tools
bookmark_line
Blog
file_search_line
Case Studies
usb_line
PAM Integrations
video_line
Videos
Webinars
paper_line
White Papers
book_2_line
Osirium University
news_line
Documentation
Company

Company

IDcard_line
About
news_line
News & Events
Team
Investor Hub
Software reviews gold medal
See the report
search_3_line
BOOK A DEMO
All posts
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
17
June 2022

Choosing an endpoint security solution - keep focused!

Mark Warren

Products offer too many features - how to choose?

When I wrote about the difficulties of making decisions when buying IT solutions, I highlighted the risks of over-thinking requirements. The dreaded RFP that runs to dozens or hundreds of pages of detailed feature requests that prevents good decision-making.

Another issue that makes selection hard is almost the opposite: the over-featured product.

Can you have too much of a good thing?

Imagine you want to catch a bus to work. It must have wheels, seats, a driver, and brakes. But what if the bus also happened to have a hot tub, a full-service restaurant, and a mini-golf course? Individually, they are all pretty desirable. But they'll probably mean the bus ticket costs hundreds of times more than it should (and not to mention that it'll be too big for you to get to work!) That doesn't sound like a great solution to getting to work.

The same is true when buying software solutions to address a specific need. A good example is improving security on Windows workstations.

Finding the right solution for endpoint security

The words "endpoint management" cover a wide range of capabilities. For some, it will be about managing the hardware and firmware: what models of laptops do they have? What is the hardware spec? What versions of UEFI/BIOS? What firmware and device drivers?

Others may be more concerned about the security measures on the devices: power-on passwords, Bitkeeper encryption, etc.

For others, it will be about what version of Windows, patches and service packs have been applied? It may also include application software and updates.

Many endpoint management solutions try to cover all those bases (and more). They often duplicate capabilities already provided by other tools (e.g., SCCM or Intune for software distribution).

For many organisations, that breadth of coverage could hamper decision making. Do you look for a tool that performs most of the functions reasonably or prioritise just one or two critical features? You either end up with compromised capabilities (the tool isn't as good as you'd like in any specific area), or you're paying for more features than you actually need. We're back to the example of the over-featured bus.

The benefits of focus for endpoint security

There's no doubt that endpoints need multiple levels of security, and no one would argue against anti-virus tools being installed and kept up to date. But they aren't the complete solution to protecting against malware attacks.

One of the ways that attacks break through endpoints and escape into an organisation's network is by exploiting local admin rights on end-users' workstations. Those local admin rights are handy for the user. For example, they can install a new printer driver or update an application plug-in without calling the IT help desk. But, they can also be abused to install malware or configure the computer to make an attack easier.

It could be easy to remove those local admin rights or the shadow user account on the workstations with those elevated permissions. But that will frustrate end-users and increase the load on the help desk.

Is it possible to focus on local admin rights?

A solution is needed that removes the risky permissions and lets users be productive. That sounds like an impossible balancing act. There is an answer: Osirium Privileged Endpoint Management (PEM). PEM was built to focus specifically on this exact problem. As a result, it's not overloaded with extra features. It's really easy to deploy out to all the Windows workstations in the business (which is the vast majority, so there's little need for complicated options for, e.g., Linux), and it's easy to manage. You can see it in action here.

Endpoint Management Buyers Guide cover

Osirium recently published an "Endpoint Privilege Management" Buyer's Guide that goes into endpoint security issues in more detail. It helps buyers identify their priorities and choose an endpoint management solution that focuses on the highest priorities. You can get your complimentary copy of the Endpoint Privilege Management Buyer's Guide here.

Of course, suppose your priorities are not on having the fastest or most streamlined solution. In that case, a big-brand "universal solution" might be the answer you're looking for. Just like the hot tub, restaurant, and golf might be highly desirable if I were taking that bus journey for a holiday rather than getting to work.

If you'd like to learn more about PEM, please get in touch.

‍

Related Topics

Manager
Endpoint Privilege Management
all posts
Top
Home Page
cyber essentials certified badge
Industries
EducationFinanceGovernment and DefenceHealthcareIT OperationsIndustrial Control SystemsLegalRetail
Company
AboutTeamBoard of DirectorsInvestor HubJob Opportunities
Resources
Free ToolsBlogPAM IntegrationsVideosWebinarsWhitepapersDatasheetsDocumentationCase Studies
Support
Support PortalOsirium University
© 2023 OSIRIUM. All rights reserved.
AccessibilityPrivacy PolicyEULATerms of ServiceSitemap