Close to Home: IBM Puts Its Trust in Endpoint Manager, MaaS360

Remember that commercial where the guy says he’s not just the president of the company, he’s a client, too? Hard to argue with someone who trusts the product that much. Which is why you might want to know that IBM didn’t just develop Endpoint Manager; they use it, too.

IBM, as you know, is a rather large company. It has more than 400,000 employees around the world; many of them are as mobile as their devices and travel all over the globe. If they just used a single device each that would be an impressive number of machines, but they use way more. Thanks to BYOD the average employee accesses corporate data from three or more work and/or personal devices, according to Forrester research (source: click here). Because of this, IBM has to manage more than 750,000 endpoints. Among them they use pretty much every OS and connection type you can think of.

As if all that isn’t enough of a headache, the company is constantly growing through acquisitions and developmental partnerships. With all that, good luck enforcing policies and managing data security.

So let’s review the problem: three-quarters of a million endpoints which need to be securely managed. That means enforcing security, regulatory and operational policies at all times—no matter what the device or OS or where it was located. Doing that requires real-time visibility into the status of every endpoint including what software is installed on it so they can ensure license compliance. But the managers need to know all the stuff that’s on a device, not just what is officially supposed to be on it. After all, you can’t manage security if you don’t know about additional programs and apps a user may have installed. And all of those programs on all those devices have to be given the latest security patches from the scores of different software vendors within as short a period of time as possible, to prevent the Great Wall of Security from turning into a sieve.

Got that?

In order to do all that IBM combined Endpoint Manager, which handles PCs, servers, laptops, POS devices, etc., with Maas360 to take care of the mobile devices.

Here’s what happened. Maas360 enrolled 200 devices per minute, 15,000 users in the first day and 70,000 users had migrated to it within the first month. Here’s something you may find particularly astounding: Doing all that resulted in fewer than 500 help desk calls. 500! Some companies are lucky if they get fewer than 500 calls on a Saturday night. And, not for nothing, IBM saved $500,000 by switching to a cloud model for all this.

At the same time, IBM Endpoint Manager was deployed to more than 550,000 endpoints around the world within six months. Because Endpoint Manager can handle 250,000 endpoints on a single server this didn’t take resources away from other projects—they can now manage 750,000 global endpoints with three FTEs (full time equivalent staff). They got a 78 percent decrease in endpoint security issues. Patches are now available within 24 hours as opposed to the average of 14 days they previously had to put up with. They also saw a 60 percent reduction in patch cycle time along with a higher rate of patch compliance: 98 percent on first pass patch compliance alone. All of this saved IBM $10 million annually from internal support costs.

So, to paraphrase someone else’s line, “At IBM we’re so confident our solution works, we’re not just the developers—we’re also a client.” Click here if you’d like to find out more about the solution IBM uses to securely manage and protect itself.