The Inside-out Enterprise: Redefining IT SecOps for Today’s Remote-first Workplace

Jan 20, 2022
IT Leadership

Create opportunities for a more flexible, agile, and secure IT environment, while improving employee experience.

Credit: Peach_iStock

Compare today’s IT landscape to that of a decade ago, and you can see that traditional enterprise IT has been turned inside out. Workers are at home or in other remote locations. Once concentrated in internally managed data centers, applications and data are now distributed across multiple public and private clouds.

In this article, we examine how the inside-out model breaks many of the tools and processes that enterprise IT organizations have relied on for decades and the two challenges related to managing clients:

  • Asset inventory, vulnerability assessment and patch management
  • Help desk responses and employee productivity

Asset discovery, vulnerability assessment, and patch management

Before you can manage employee endpoints, you need to know how many there are and where they are. You also need to be able to catalog their hardware and software configurations so you can manage software deployments, updates, and patches.

In the traditional enterprise, collecting this information wasn’t difficult — theoretically. Almost all endpoints were on the internal network. You could run software that scanned the network and discovered them. You wouldn’t expect a great deal of variety in endpoints since the IT department had selected and provisioned all the endpoints. 

Unfortunately, even in this controlled environment, asset discovery often fell short. Traditional asset discovery tools often overlooked as many as 10-20% of endpoints. Those undiscovered endpoints would then be left out of software updates and patch routines. They became more vulnerable to attack and more likely to jeopardize employee performance and experience.

Today, in a WFH world, all bets are off when it comes to the location, configuration, and status of endpoints. Employees use laptops and desktops provided by IT, but they probably use other portable devices, too, including their personal laptops, tablets, and smartphones. They use all these devices on home networks and public Wi-Fi hotspots like those in cafes. These devices aren’t on the local corporate network. Most of the time, they’re not connected to a virtual private network (VPN) either.

If an IT organization wants to ensure that these devices can be cataloged, accounted for, and adequately managed, they must rely on technology that works over ordinary internet connections and doesn’t require a VPN.

They need to improve the accuracy of their asset discovery tools, so they can discover and track all devices, not just 80% of them. And since the inside-out enterprise is here to stay, they need to make sure they’ve got tools for discovering and managing remote endpoints on an ongoing basis, not just once as part of a special, in-depth project.

Help desk support and employee productivity

Another IT function that’s been disrupted by the inside-out enterprise is the help desk.

Previously, if an employee had a problem, they could call or email the help desk or service desk. To solve the problem, a help desk agent could talk to the employee, asking questions and offering advice.

If a problem was difficult, the agent could use remote access software to connect to the employee’s endpoint. And if the problem proved especially difficult, the agent could walk down the hall, find the employee’s office or cubicle, and work with them directly to resolve the problem.

Most of these approaches are now infeasible. Here’s why:

  • Remote access software usually requires a connection over a local network or a VPN, neither of which is available with today’s remote workforces.
  • Help desk agents can’t walk to employees’ desks, since employees work remotely.
  • Phone access is still possible but troubleshooting over the phone is difficult. The help desk agent can’t tell how the system is configured or see what processes on it are currently running.

There are two solutions to this problem.

  1. Enterprises should find client management solutions that allow help desk agents to connect and inspect remote endpoints without requiring a VPN connection. These solutions need to be able to connect securely over standard internet connections, so that even without a VPN, a help desk agent can explore and troubleshoot an endpoint in real time securely.
  • Enterprises should look into self-service options for remote troubleshooting and patching. For example, suppose a help desk agent works with a remote employee and discovers that by upgrading an application, the employee’s endpoint performance problem can be solved. If there’s a secure self-service portal for application upgrades set up, the help desk agent can simply direct the employee to that portal. The employee can perform the update when it’s most convenient, and the help desk agent can return to the ticket queue and begin helping another employee who’s asking for assistance.

A self-service model benefits everyone involved. Employees get a speedy resolution to their problems and help desk agents can spend less time on the mechanics of upgrading and patching. Employees are used to installing updates on their personal mobile devices. This model simply takes that practice and applies it to corporate computing, too.

New opportunities

The inside-out enterprise has forever transformed daily life for employees and the IT organizations that support them. This transformation brings challenges, but it brings opportunities, too. Specifically, it gives IT organizations the opportunity to:

  • Finally, implement comprehensive asset inventory tools, so that IT organizations can find, manage, and secure the 10-20% of endpoints overlooked by traditional tools.
  • Gain more accurate and timely information about the status of endpoints, so that they can be patched and updated more quickly and effectively.
  • Improve help desk efficiency by enabling agents to connect in real time to endpoints in any location and by empowering employees to solve their own problems quickly and easily through self-service operations.

Learn how Tanium’s client management solution can help your organization overcome these challenges in today’s inside-out enterprise.