Endpoint protection threatens to be the Achilles heel of modern IT shops. The need to protect endpoints has been around for decades – but doing so remains largely painful, especially as enterprise mobility usage proliferates. Protecting hundreds or thousands of laptops is a very different task than protecting a handful of servers, especially when IT no longer fully controls which devices are accessing the network and corporate data.
At the same time, endpoint protection is more critical today than ever before. Mobile endpoints such as smartphones and tablets are employees’ primary data creation and collaboration tools, making them the most likely target of ransomware and viruses – and new ways to penetrate these devices are popping up every day. Additionally, these devices are easily lost or stolen and often are not password protected. This is a significant threat, as the majority of data on endpoints is unique (not stored in a primary data center or backed up) – so if it is lost or compromised, it might never be recovered. As a result, new legal requirements to protect and manage endpoint data are emerging as well.
So why has endpoint protection been such a pain point for IT, users and the businesses alike?
First off, the advent of “bring your own device” (BYOD) practices has created a nightmare for IT, whereby thousands of endpoints, most of which are mobile, must be managed. In most cases, an organized system is not in place. Devices used by remote workers and at branch offices might never enter the main office, but still need to be protected. In addition to the management headache this creates, IT must invest either in cloud storage services that have an unfamiliar long-term cost structure, or in creating a secondary storage infrastructure (including arrays and software licenses) that is large enough to back up all of these devices.
From the user’s perspective, backups can significantly disrupt workflow and productivity if they kick off at inopportune times. And finally, this all translates into substantial cost for the business with arguably limited revenue returns; this investment is sizeable, but it does not directly generate revenue at the end of the day.
These pain points leave many IT shops leaning on hope as a strategy – hoping that users are independently initiating backups, that users are copying documents to a central file server, and that their file sync and share solution will provide recovery if it is needed. This is a tenuous situation to be in, as user compliance is typically sporadic, and as most file sync and share solutions lack the capabilities, such as remote wipe and creating point in time, standalone copies, that a complete solution requires.
Endpoint protection and recovery is a critical component of a holistic data protection strategy – but it is also not easily done, especially with legacy technologies and considering today’s BYOD reality. A centralized strategy that works for users, for IT, and for executive management alike is crucial to the success of an effective endpoint protection and recovery strategy.
As table stakes features, IT should evaluate solutions for backups that are frequent and granular, but that have the ability to be controlled by users and in-house IT rather than being controlled solely by the vendor. Recoveries should be rapid, with the ability to control initiation and wipes remotely.
IT should look to cloud storage services for centralized administration, scalability, accessibility and a more flexible operating environment as opposed to upfront-heavy capital expense structure – though deployment flexibility and trust in the cloud service vendor is important. Consider migrating the mobile device fleet incrementally, and closely evaluating service level agreements (SLAs) and encryption capabilities.
For further insight into how to embrace endpoint protection as a key pillar of business continuity and data integrity, watch Storage Switzerland’s webinar in collaboration with Infrascale, “Using the Cloud to Fix Backup’s Blind Spot – Endpoint Protection,” on demand here.