6 transformations to disrupt your legacy IT operations
Mobile Mentor rounds out their Zero Trust series with a summary of "Six pillars of Modern Endpoint Management" and a link to download the full whitepaper. It highlights why we can't continue with legacy IT operations and how disrupting the status quo will have your IT team thanking you.
The domain model was designed for desktop computers and local data centres. For a long time, it was a simple matter of setting up your private network, putting in a proxy and a firewall and just like magic, everything good stayed inside and everything bad stayed outside.
Meanwhile … the way work gets done has changed. Employees use laptops on the go and email using personal smartphones. Data is constantly outside the protection of the domain, and remote work is the new normal. It’s easy to see how the domain model is no longer fit for purpose.
The good news is Microsoft has been developing new capabilities and technologies designed from the ground up as a cloud-first operating model, termed as “Modern Endpoint Management”.
The “So What” of Modern Endpoint Management
In 2020, digital transformation was forced upon the world. Remote work became a requirement rather than a luxury and many businesses were left scrambling to support employees.
Modern Endpoint Management arms your business with the tools and capabilities to survive regardless of the environment. Employees can work anywhere, anytime, and you can protect and secure your data outside of your network.
It’s not just for convenience but rather about ensuring business continuity. Your employees can focus on value creation, with Modern Endpoint Management transforming work into an activity, not a place.
A closer look at the 6 pillars
Modern Endpoint Management is fundamentally designed for companies who want to be able to work anywhere, anytime, anyhow. It drops the concept of a domain and accepts that keeping your data behind a firewall and throttled by a VPN is no longer right. The following is a summary of Mobile Mentor’s whitepaper “The Six Pillars of Modern Endpoint Management: Disrupting legacy IT operations with six transformations.”
1. Zero Trust network
Working remotely traditionally meant using a VPN to access company resources. Resources and files were kept within the company’s domain and security measures were placed on the boundary between the public internet and the company. Firewalls, VPNs, and virtual machines are just a few of the pieces of infrastructure commonly used to support this model.
Zero Trust assumes all devices are untrusted and cannot access company resources until proven otherwise. This is typically achieved through device attestation, conditional access policies and multi-factor authentication – capabilities native to Modern Endpoint Management.
2. Over-the-air updates
Updates to the Windows operating system used to be a big program of work for every company, typically requiring months or years of planning, change management, and tons of work. In 2016 Microsoft introduced the concept of Windows as a Service. Instead of a big release every 3 years, they developed Windows 10 with semi-annual updates, like the regular over-the-air updates for iOS and Android on mobile devices.
Windows Updates for Business can now be handled like iOS and Android updates – silently, over-the-air, with minimal impact. These updates save time and money by eliminating the infrastructure and all the effort that was required for testing, deployment and change management.
3. Cloud data
Private data centres and on-premise servers are still considered to be more secure than cloud storage in some sectors, while others are going all-in with the cloud. Some of the reluctance is because data breaches in public cloud services must be notified to regulators, whereas breaches to private storage are rarely disclosed.
Large cloud vendors like Microsoft receive trillions of security signals each day and use artificial intelligence and machine learning to detect anomalies in traffic patterns. With the collective intelligence of the security community and the economics of the public cloud, local storage is simply no longer as secure or viable.
4. Passwordless authentication
The combination of a username and password was a great innovation at MIT in 1961 and unlocked an explosion in the use of applications and services. However, passwords have become a major inconvenience for knowledge workers, who average 90 different passwords between home and work. Some use the same passwords for personal and company accounts, and most will use the same password for multiple accounts. This is why phishing attacks – where an employee is tricked into giving away their username and password – are among the most successful attacks against businesses today.
Windows 10 joins iOS and Android with excellent biometric authentication. Now employees can authenticate into their machines and apps with their face or fingerprint. Further, Microsoft offers an app called Microsoft Authenticator to provide MFA capabilities more securely than text messaging.
5. Zero-touch provisioning
For over 20 years IT administrators have manually provisioned new Windows machines with an image and a package of applications and drivers – a job that typically takes a few hours per machine plus planning and effort on the part of the IT team. This slows down the procurement process so much that in some companies it literally takes weeks to get a new laptop ready.
Microsoft launched Windows Autopilot to automate the set-up and enrolment of a Windows machine in Intune, achieving Zero-Touch provisioning. Organisations can order and ship devices directly to employees anywhere in the world, removing the bottleneck between procurement and employees receiving devices.
6. Remote support
Most companies have relied on their local IT resources, or a local IT service provider to address hardware and software related issues.
In addition to the great migration to the cloud, device ownership models are changing, with BYO becoming more prevalent for all device categories.
Modern Endpoint Management aligns support to remote work by increasing support options – email, phone, support app, chat and self-service
options – and delivering a support team that fully understands the needs of remote workers and is highly responsive to their needs.
Get your regular fix of thought leadership from Mobile Mentor by joining their newsletter:
Join the Mobile Mentor Newsletter
Read the rest of the Zero Trust series to round out your knowledge:
Part 1: Underlying principles of Zero Trust
Part 2: Getting started with Zero Trust
Mobile Mentor is Microsoft’s 2021 Partner of the Year for endpoint ecosystems. Certified by Microsoft, Apple and Google, they work tirelessly with clients to balance endpoint security with an empowering employee experience.
We enable remote teams to be secure and productive. Work is an activity, not a place. We’re a Microsoft Gold partner specialising in modern work technology that enables remote teams to be secure and productive.
The cloud creates new paradigms for the technologies that support the business. These new paradigms also change how those technologies are adopted, managed, and governed. When entire datacenters can be virtually torn down and rebuilt with one line of code executed by an unattended process, we have to rethink traditional approaches. This is especially true for governance. Cloud governance is an iterative process. For organizations with existing policies that govern on-premises IT environments, cloud governance should complement those policies. The level of corporate policy integration between on-premises and the cloud varies depending on cloud governance maturity and a digital estate in the cloud. As the cloud estate changes over time, so do cloud governance processes and policies.