The last couple of years have been difficult, with many organizations operating in a response mode. From a global pandemic to an economic downturn to increasing security risks, teams are under more pressure than ever to deliver greater cyber security and do more with less.
This responsive approach has resulted in many organizations falling behind on long-term projects, with transformation projects losing funding and getting put on the shelf (understandably so). Yet it has now become clear that the fire-drill operations of the pandemic are not only here to stay but are accelerating and becoming more impactful. As you will read in more detail below, IT teams are becoming burned out, security attacks are increasing and employees are expecting more from their endpoints and IT as remote and hybrid work become the norm. The stakes are higher than ever before, and these trends will require a new approach. Addressing these challenges will require us to shift our focus from being responsive to truly transforming the user digital landscape through consolidation and automation.
What if you could deliver a new security model that enables people to work how and where they want without jeopardizing their digital experience? What if you could free your IT and security teams to focus on more strategic items and reduce operational complexity? I want this blog post to trigger the most transformational project your team conducts this year; namely, setting your team's vision for enabling the people in your organization with the best possible digital experience, complete with a first-class security model. This transformation will not be easy, but by following a central theme of simplification it can be achieved. Simplification of your endpoint management approach will enable more productive IT staff, better employee experiences, a better security posture and ultimately better business outcomes. It allows IT and security teams to move from complex to streamlined, from manual to automated, and also deliver significant financial benefits, which I discuss in the next section.
The prize—consolidated, automated, and secure endpoint management
“Simplification” needs greater explanation if we are to understand the potential benefits.
In the short term, simplification means removing the challenges that come from having too many endpoint management tools. A recent survey showed that two-thirds of respondents were using more than 10 tools to manage and protect their endpoints.1 This is understandable given the plethora of new dimensions administrators have had to face, from new mobile endpoints to hybrid work to bring your own device (BYOD). Yet 10 or more tools for endpoint management means potentially 10 panes of glass, 10 vendor contract renewal conversations, 10 different training sessions, and significant integration requirements—all which can contribute to disparate experiences for employees, too. Addressing endpoint scenarios with multiple point solutions to fill the gaps ultimately adds complexity and increases costs and security risks.
Consolidation has two financial benefits.
First, consolidation means more time. A Forrester study has estimated that by moving to a suite of endpoint tools (such as the Microsoft Intune Suite), technicians who manage endpoints could save at least 10 percent of their time per year in the first year of use, and, in some cases, even more.2
Second, consolidation delivers a single pane of glass, thus freeing up your staff's time from the complexity of managing many unified endpoint management (UEM) solutions, from selecting the vendor to training and onboarding each incremental solution.
The next, more exciting part of simplification is greater automation. As with the introduction of Microsoft Security Copilot, Microsoft is committed to increasing the effectiveness and efficiency of IT and security professionals. Consolidation is an important pre-requisite here: Automation yields better results when it pulls from a central pool of data, which requires consolidation.
What could automation deliver in terms of benefits?
First, automation will improve security. For example, by using best practice data automatically applied rather than manual processes, vulnerabilities caused by human error will be reduced. There were 106 publicly disclosed incidents in February 2023 accounting for 29.6 million breached records.3 Even a five percent reduction means almost 1.5 million fewer records would have been breached in that month alone.
Second, automation saves time for existing workers. There were about 4.7 million workers globally in cybersecurity at the end of 2022.4 Roughly speaking, if the industry saved even five percent of the approximately 9.4 billion hours of work done by those workers, that's 470 million hours per year saved through automation. It's time to help IT admins refocus on the strategic, not the tactical elements of security.
So, simplification is not just a buzzword. It requires consolidation to then deliver automation, and it can deliver benefits both in terms of saved time for your staff and better security for your organization.
The five-step process to simplify endpoint management
Simplifying your endpoint management is a process, not a single event. I would identify five separate steps:
- Refine the vision and create a plan. In this stage, work with a small team to paint a picture of the future and build buy-in to the journey. To do this, identify the key stakeholders that will benefit from the simplification, and what they need. Gain a deep understanding of their existing tool sets, processes, and, most importantly, the problems they need to solve. Bring outside experts in to talk about the journeys they have taken or plan to take. And get your team comfortable with the idea of change: Some IT admins and specialists may have invested time and effort in learning previously cutting-edge tools that you are planning to upgrade. Be cautious not to fall into the trap of replicating previous solutions with traditional approaches; instead, focus on the problem and how to best solve with a modern approach. Help the broader team get excited about the new direction, and see the benefit of evangelizing change, not blocking it.
- Consolidate endpoint management tools to drive more efficiency for IT and security operations teams, delivering a more unified employee experience. To make space for new initiatives, it helps to stop doing things that unnecessarily add to your team's workload. So, freeing up your team's time by reducing the number of endpoint tools they have to oversee and manage will help you move towards more strategic automation. Execute against an incremental plan that shows progress along the way and puts points on the board as you go. Pick an on-ramp to get started—Windows 11 is a great opportunity to move to cloud-native Windows management; Microsoft 365 has powerful new security protections to mitigate against modern threats; and Mac and Linux devices are now ready to be brought under management with a modern cloud-native approach. These are all great on-ramps that will help progress your endpoint management consolidation journey. Most importantly, show progress and build confidence as you go.
- Create tight integration between your management, security, and help desk tools to drive further simplification. Simplification does not end with consolidation of your endpoint management tooling. Automate key processes such as procurement, help desk experience, software and hardware asset management, and vulnerability management by tightly integrating your management tool with your help desk and security tooling. By connecting your management tooling data directly to your help desk tool, you can simplify further with a management-powered remote help experience. Streamline your spend analysis and asset management by integrating management endpoint analytics and your service management tool. Bring your IT and security teams together by integrating Microsoft Intune and Microsoft Defender for Endpoint to automate patching and vulnerability remediation. Connecting these assets will drive further simplification with broader process automation.
- Make use of your data. Data is a powerful asset that is often underutilized. By simplifying and consolidating your endpoint approach you will have access to new data that can be used to understand your endpoint landscape end-to-end. Your journey to data consolidation will likely be incremental as well. Start with visibility. With endpoint analytics, gain visibility into your device estate to understand how users are interacting with your digital services. Leverage this data to understand further best practices and your areas of opportunity. Use this data to help define your incremental consolidation plan. With this data foundation in place, you can begin to explore how to best use generative AI. Begin identifying scenarios where AI can help you better understand your environment, including trends, best practices, and simplified troubleshooting.
- Intelligently automate your common endpoint and security tasks. By bringing together rich data, advanced endpoint management capabilities, and dynamic orchestration, you can now radically transform your approach to delivering IT services and increasing security through rich and extensible automation. With turnkey in-product functionality, you can move away from complex scripting workloads and instead focus on creation of simplified workflows to handle cumbersome administrative tasks. Intelligent orchestration can elevate the employee lifecycle experience, optimize license or hardware spend, and increase your security posture in a world that is rapidly changing—with intelligent automation you can embrace the complexity of modern IT challenges and unlock the simplicity within.
So, how do you take the first step? I would encourage you to get your team together and discuss the general direction you want to take. Focus on the destination, not the steps at this point. Every vision will be slightly different based on your company's situation. For example, in what order would you consolidate your endpoint tools, given your current resourcing and licensing contracts? How would you introduce a consolidated suite of endpoint tools? And who else do you need to work with in other departments to sell the investment rationale?
And I encourage you to read more about the Microsoft Intune Suite and review the Intune roadmap to provide a better sense of how consolidation could progress. Finally, please experiment with advanced endpoint analytics in the Intune Suite to get a sense of what automation can do (even if it is just the tip of the iceberg for insights data and analytics).
It's encouraging to be able to move our eyes toward the horizon again and think in timeframes longer than a week or a month. I invite you to seize the opportunity that creating a simplification-centric vision offers.
To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us on LinkedIn (Microsoft Security) and Twitter (@MSFTSecurity) for the latest news and updates on cybersecurity.
1Managing the Endpoint Vulnerability Gap, Enterprise Strategy Group. February 2023.
2New Technology: The Projected Total Economic Impact Of The Microsoft Intune Suite, a commissioned study conducted by Forrester Consulting. March 2023. Results are for a composite organization based on interviewed customers.
3Monthly Breach Report: March 2023 Edition, PKWARE. March 9, 2023.
4The cybersecurity talent shortage: The outlook for 2023, Sue Poremba. January 5, 2023.