Hello, and welcome to this latest KuppingerCole webinar supported by Aon. Today. We're talking about EPM or endpoint privilege management, and some of the security compliance benefits from that. And with me today is Annelle Bandari, who is the chief mentor and thought leader with Arcon tech solutions. And of course, my name is Paul Fisher. I'm lead Analyst with grouping Cole.
So, whoops, good start. So here we have our agenda for this afternoon. I'll be talking a look at some issues around DevOps compliance and endpoint privilege management. And then after that Annelle will be introducing some EPM solutions and how they can help we'll then wrap up with some takeaways. And of course the Q and a as always you are muted, so you don't have to do anything. Just enjoy the webinar. We will have a couple of polls, the first one in just a second, and there will be a Q and a session at the end.
So if you have any questions, just pop 'em in the box that you should see on your screen and we'll do our best to answer them. And finally, if any of your colleagues wish to see this, can't make it today, then there will be a download really for them.
So poll number one, working from home is kind of very relevant to end points. So we're asking you, how has the work from home movement or shift affected your business since COVID 19 COVID 19 was we take to be the sort of catalyst for the work from home, which has really reshaped the way people work.
So currently, do you have less than 10% working from home less than 25% or more than 50% or even a hundred percent working from home or your, one of those organizations that much prefer your or employees to be in the office. So give us, give us a clue.
Let us, let us know how many people you have working from home or not. So you can answer now and we'll just wait a few seconds. So just to see how that's going. So the options less than 10%, less than 25%, more than 50% working from home or a hundred percent working from home or no one's allowed to work from home.
I hope, I hope that's not one of the, the most popular option, but we, we, we shall see. So I think we've, we've, we've done that. So let's move on to the next section, which is me DevOps compliance and EPM. So talk about the modern world. As I see it, modern world of business, which is in the end, what we're talking about when we are talking about endpoint, privilege management, like anything in it, security, identity management in the end, it's really just an enabler for the wider organization.
So let's just look at some of what I like to think about before we, you know, get into nitty gritty of solutions and applications, et cetera, is really what businesses are looking for. And I've come up with a few ideas here. The first one is agility. Now agility is, or agile has become a bit of an overused phrase in it circles that's for sure.
And particularly when we start talking about the cloud and multi-cloud et cetera, but agility has traditionally been something that any business requires.
It's not as if being agile was invented in the last 10 years, businesses throughout history, the more agile you are, the more you can respond to changes in the market. The more you can invent new products or improve marketing, et cetera, is gonna give you some advantage of your competitors. The difference is now that you can become more agile and the technology is out there to enable that, so that the speed of business or the speed of agility, whichever way you want to look at it is increased.
So business is very much looking at the it solutions to deliver that agility or that increased agility, knowing that their competitors are also looking for digital change to become more competitive. So second on that list is rapid rollout.
When I that's obviously list is related to agility, but again, no business wants to be slow when it comes to rolling out projects, rolling out new premises, rolling out new ideas.
Again, it's something that has been in business for decades, but again, the difference is now that it has gives us the, the ability to roll out far quicker. And if you want an example, then just look how often, for example, mobile phones are upgraded, how often applications are upgraded, et cetera. So the rapid rollout in itself has become something that the business needs.
And again, because their competitors are also using digital transformation to improve the rollout of goods and services.
Productivity is something that we hear a lot about.
We hear about nation states, for example, lagging other nation states in pro productivity UK, for example, is not as productive as it's German and French rivals, but take that on a, a more of a, a micro level and any business would want to increase productivity within reasonable bounds, without MIS for example, without meaning that you somehow exploit a workforce, but productivity or increased productivity, or just, if you put it another way, getting more out of what people do in a day is something that, again, technology is helping to deliver things like ServiceNow, for example, which is just one example of, of service management tool, which means that people are less likely to get stuck with a technical problem on their PC, because there is automated services and ticketing to get them back to work as soon as possible.
So I, the owners, as I, I like to stress here. I'm not talking about machines that make, that make people, the slaves. I'm talking about ways that basically makes people's working environments happier and better. And therefore they do more for the organization cost reduction, again, who doesn't wanna reduce costs. We all wanna reduce costs.
You know, if you can reduce cost, then your, your goods are cheaper. You have a market comp competitive advantage. And one of the ways again, to do that is to use technology, to use digital transformation so that you, for example, the cloud itself is a great example of reducing costs. When you consider just what a cloud service can bring to an organization, even a single cloud service and what people can do in that cloud, which they used to have to do by buying actual hardware and servers, et cetera.
And now it can all be done in the cloud at a much reduced cost.
Thanks to the scale that AWS or Google cloud or Azure can provide. So cost reductions, obviously a very important need for the business and related to that is infrastructure. We used to talk about infrastructure as purely a hundred percent on premise. It was a physical thing, but now the cloud multi-cloud and containerization, et cetera, has given us the ability to build infrastructures, which are way what we could have imagined 30 years ago, and it's all delivered in the cloud.
So if you put all that together, all of the previous things that I've said all deliver into the infrastructure and finally data, the one thing that all of this digital infrastructure and digital transformation that we can sure of is that it creates more data there's data everywhere every day on every workstation, every PC, every laptop, more data is being created.
But the crucial thing for the business is managing that data, managing their unstructured data and managing the access to it, but also managing what that data means for the business and how from that they can extrapolate better working practices, better processes, better applications, better software, et cetera. So they want data and they want better data.
And again, the tools that we are now seeing the tools in the cloud, the security tools, the identity management tools, all come with analytics, which can help provide a way of improving the way the business is run.
So let's look at how the endpoint fits into all of that into the business landscape. What I call here, the rise of the endpoint, this, this is from a respected survey survey of working arrangements and attitudes, which is done by a organization called w F H research. And they've spent a long time analyzing how employees are working from home or not.
And we all know that the, an pandemic caused an almost overnight change in working, particularly in the America, Europe, India, et cetera, those, those countries that have high levels of information services. And they have the types of organization that enable people to work from home.
But we've seen that what's really happening is, and this is just one of many charts from this survey, but we can see that what's happening is that there is a trend, a slowdown, not a, not a sharp slowdown, but we are seeing that the full-time remote working is reducing, meaning that not everyone wants to be at home all the time, but we're also seeing full-time onsite reducing.
And we're seeing the rise of the hybrid model, which means quite often, people will go into an, an office, a physical space, maybe two or three days a week, or the rest of the time they work from home.
They won't necessarily work the same three days each week and so on. But this trend has led to, it seems higher levels of happiness and even has improved productivity. Many people said people working from home would not be productive, but it seems to be that generally they are. But all of this is dependent on age, location, job type preferences. So younger people, it seems prefer still to, to go to an office because they perhaps like to be more sociable, those people getting on a bit, or tend to value, spending more time at home because they have more home based activities, et cetera.
But we're also seeing, and this is important, more working from home in what we call data sensitive industries. So things like banking or insurance, or even in health, et cetera, which is then a security concern. Because if people are working from home in those data sensitive type of injuries in industries, we need to make sure that the data is being secured, et cetera, when it's being accessed from an endpoint. So we're seeing the emergence of what some people are, are calling endpoint, application control for users, which is, which is the extension of endpoint privilege management.
But the key things behind application control is empowering the employee. So the employee, no matter where they reside, where they log on, whatever the endpoint they're using, it's able to get to those resources. They need to do a function and we need to secure that. And of course, we need to manage that.
So that's where we're going.
And, and I think the, the idea of calling it application control is, is, is quite good. It's quite important. And I quite like it because we are, after all, we are talking about applications, any employee, myself annal as well. We all use applications. So endpoint application control is, is something that's starting emerge as part of EPM or EPM is part of it. So let's look at what EPM traditional endpoint privilege management can provide. And Ann will go into this in more detail and also will give us how these six aspects are being handled in more advanced versions of EPM.
But of course, privilege elevation is probably the number one aspect of endpoint, privilege management, giving people the ability to access something which they normally have access to. And we're seeing that increasingly now in organizations and offices and workplaces that are fixed privileges, or the idea that someone always needs just access to a certain set of things is starting to change.
We're seeing a much more fluid identity management. So identities, which traditionally might have just been an admin, or maybe just had access to a couple of servers, might find that their, their jobs.
And I like to say job rather than roles. I don't. So we don't get confused into role-based access, but so that their jobs or the terms of their employment or the project they're working on changes quite a lot, therefore the kind of stuff they need access to is gonna be changing. So we need to give people the ability to elevate. We need to be able to see what it is that people currently have. There's the analytics bits of the account discovery, and then the application control. This is crucial part of it.
And I, as I said in the earlier slide, this isn't just about whitelist blacklisting applications. It's about ensuring that people have access to applications that are authorized, but they don't necessarily always use.
And of course, whitelist and blacklisting is, is an important part of that. And it's a traditional part. And it'll continue to play a role because application whitelist blacklisting does provide a useful buffer against many attacks from cyber attackers.
So we're also looking at sandboxing so that people there are now technologies where literally you sandbox a partition of the endpoint, so that anything that it takes place within there stays within there, and nothing can connect to that to the outside internet threat intelligence. Again, that is part of the analytics piece. So after a while you build a, a draft or a good blueprint of how people are using access, how they're using privileges, et cetera, and all of that feeds into our compliance.
So with more people at the end point, more people working from home, the risk that your organization has on breaking compliance and regulation is obviously gonna be higher.
There is a greater danger that stuff might leak, that stuff would get stolen, that people might download some kind of ransomware, which then leads to the corruption of servers, et cetera, in the wider network. So those six things are crucial parts of the EPM. So what choices do you have?
Well, let's find out in a minute, let's do our second poll first this time. What are your concerns about endpoint security? So are you worrying, as I just said about attackers accessing servers and databases end using downloading malware or bad applications, lack of visibility into endpoint activity, end users and admins having too much P access or end user sharing business and personal activities on a single device. There's the sandboxing stuff that I was talking about. So the polls open, just click on whatever you feel is most relevant to your organization.
So attackers accessing servers, end users, downloading malware and bad applications, lack of visibility into end point activity, end users and admins having too much privilege access or end users sharing business and personal activities on a single device.
So I think, yeah, we've got some good responses to that. So let's move on to what EPM things to think about.
Rather, I apologize when deciding on endpoint privilege management, you gotta think about obviously deployment deployment means looking at your organization, your structure, your infrastructure, exactly how many people use endpoints, how many people work from remote locations, how that changes on a day to day, week to week basis, et cetera. And then you gotta think about whether you want to have some kind of EPM that runs on premises, or whether it runs in the cloud, et cetera, all of these things are important, but you gotta think about your business and what type of business you you have.
As I mentioned, it seems because of the cultural aspects of certain times of work. So people working in what you might call white collar employment, which then tends to include things like financial services, it even health, et cetera, are more likely to work from home. They're more likely to want to work from home and they get the, they demand it. So you gotta think about that. You gotta think about who's working at home and what kind of day they handle and what they do and how this affects your type of business.
You gotta think about lease privilege, how you, how lease privilege is not a technology lease privilege is not something that you can buy from Aon, for example, and then applied to the company. Lease privilege is, is a policy based ideology, I guess is one way to call it so that everybody that accesses anything in your organization is only allowed to do as much as they need to get that job done. So you gotta see how and well an EPM product can apply the theory.
The, the principle of lease privilege also think about your infrastructure. If your infrastructure is still pretty much on premise, not too many clouds, et cetera, then think about the solution, how it's gonna be deployed on that kind of network, but also think about the future because your infrastructure could change. It's likely at some point that you will have more clouds, more cloud infrastructure than you do right now, but most EPM solutions are, are pretty flexible now.
So, you know, you should be able to discover a solution that can run on premise or in the cloud, or a bit of both
And zero trust again, zero trust like it's cousin leads privilege is a theory, a policy, a way of thinking a way of applying policy in that you literally don't trust the network. You don't trust the identities, and you always verify those identities before they're allowed to have access and EPM or running endpoint privilege management. Zero trust is actually quite crucial to what happens at the end point.
It's quite crucial that you know, that people accessing servers, databases, et cetera, from the endpoint are controlled or subject to zero trust and least privilege. So just quickly then, before I hand over to Ann, just some quick stuff to think about, you wanna assess what you want from EPM. Like any it project I say this probably every webinar I do, but you know, you, you have to think about what you wanna EPM go right back to those business goals.
I mentioned at the start, see how those fit in to what EPM can do for you think less about restricting users and securing users think more about empowering users. The security bit should come as part of the empowerment empower. If you empower your users, then you're gonna get some of that productivity benefit that I talked about. Some of that extra profitability, extra competitive, if you empower users and EPM is a good way to do this, define what you want.
So again, think about your business, your business outcomes, define how you want EPM to work, who you want to bring into EPM. It could be every single employee, or you may maybe just, and of course, look at the privilege access management market of which EPM is very much part and co Cole has many, many reports on privilege, access management and endpoint privilege management for you to have a look at. So with that, I shall now hand over to Ann who will talk a bit more about ACON in detail. Hi a Ann.
Hi Paul, how are you?
Good, thanks.
I must thank you for this wonderful presentation. And the thought, especially around one does not need to look at any solution for that matter to do with identity in terms of access control. But one needs to look at it from the perspective of empowering people who unable to do their jobs. And I call this as frictionless security. The less friction that you have, the better you have in terms of empowerment and outcomes are much, much better.
And in the same line of thought that you have Paul, you know, we have this debated for several years now has over the last two or two years invested while we have, of course been invested in a privileged access management and an endpoint solution. The theme would be to build contextual data models. That is something that I would talk about, which is super extension of our EPM solution.
And I'm very, I'm personally very passionate about the fact that we built this module, but just to try and recap, I think you're absolutely right.
Has if at all done anything, it has kinda created this new breed of ability to work for people. And it is not necessarily from home, but I think it is from just about anywhere. And fundamentally it is no longer only maybe office work that you're doing, but it is also, people are learning from home and you are actually earning from home, which is, I think, again, an outcome for people that been kind enabled by not really by technology, of course, technology, a factor there, but really played there.
And that has kind of actually led us to kinda actually led us to having the discussion around virtual access and virtual access today is become kind of paramount and ENT in anything and everything that we do or discuss today.
And can you imagine that this has happened for billions of users now that has been the, the size and the length and the breadth of, you know, what we're discussing about.
And as I was mentioning to you before high friction access is what I think one would've seen during the pandemic while I think the world quietly when she would work from home, but that also brought up a lot of challenges for people and especially for organizations and one would've realized and seen that literally every company would've invested in thousands and thousands of laptops, if there was something to be seen during the pandemic or the queue outside malls or outside electronic shops, the people wanting to buy laptops.
And there were huge orders coming in and these laptops were eventually loaded with VPNs and agents to run. And in order to ensure that the data there was secured, people were accessing it.
And, and somebody who says is somebody was really accessing the systems of the organization. Exercises were limited. People struggle with it and slow access and bandwidth users also a problem. And literally I think the it operations team would struggle day and day out to ensure that people have seen this accesses that they were working from home. So I think just in time, maxes was something which kind of became very, very important during, during the pandemic because, because large, it organizations had request flowing in, in, in, in, in thousands or hundreds and thousands.
So I think, I think while thousands of mandate or ours, would've been lost in dynamic trying to get this in place, but towards the end of this, we also saw that there was a seamless integration of technology and it was not as bad as, as we all thought, but from a security perspective, I think this was the most challenging times that we lived in and we to live in one cause like Paul, you mentioned that it's no longer of how many people that you want work from office or how many are allowed to work from home. Essentially.
It means that people have decided that they today was from anywhere in high breed is becoming the law of the day. So literally what we used to see on improvise and what we used to see in cloud is just about anywhere today. And interestingly, we've also seen large data infrastructure moving from improvise to cloud, which also technically means that besides the endpoint that one has even the data is kind a moving target and it quickly shifted into which means to data has improved, but also around data, that would always be a challenge.
So coming to the, of our discussion today, well, I would say while what has happened has happened, endpoints are the largest attack surface that one would see here. Cause I think one is accessing it from anywhere. And there is a huge chunk of critical data that sometimes sometimes sides of the endpoints.
Well, of course every organization tries to correct it and provide it, make sure that this data is not available and they have invested billions of dollars in terms of LPs and VPN agents and lot of other endpoint solutions to ensure and product the data.
But I think the sheer size and the spread, which is into billions of devices raises practical challenges in terms of how do you really implement any kind of solution or any kind endpoint solution to ensure that, you know, you're in control of what you're, and also what do you really control is also important now, now to that, let, just try and give you some aspects of what endpoint privilege management would really mean.
And that would be divided between endpoint privilege management for servers and endpoint privilege management for endpoint.
I think if you were to look at endpoint and, and interestingly, the, the headline that I've tried to put there is fan plus EPM for servers and M for endpoints. This actually triangulates for an organization, anything and everything to do with privileged identities and management of privilege task, really.
And while we'll discuss this in the couple of slides to, to, to, to practically talk about endpoint privilege management endpoint, privilege management for especially endpoints, they would include features and technologies like application blacklist, white listing elevation, which of course is one of the most important features monitoring access activities on endpoints policies can be applied to users based on internal and external network. So now again, this is a very interesting aspect, which is recently being put on the table.
You may have a different set of challenges when you're internally working and you may have a different set of challenges when you're externally working and you may want to control and a user, or maybe even a device or differently when you are in, in improvise. And when you would want to control it in a very different way when somebody's working from home, including bring your own devices.
So, and people are constantly trying to understand that do policies work, even if the users are outside the network. And that is one question that we keep getting that, you know, out of hand, are your policies working and would we be able to establish access controls and management of privilege and do privilege management there? And I think, I think that has been, that has been a very important element of any endpoint solution. That one would look at.
Interestingly, the solutions come with some degree of user behavior analytics, privacy controls, which is again, I think point number seven would actually be one of the most, well it's already one of the most discussed in the hardest topic around the world about privacy, but going forward in the next five to 10 years, I think privacy, privacy controls, discussions, debates, and technology around this would have to keep evolving, including the definition of what really privacy means.
And that would be one element that an endpoint management solution would look to or should look forward to keep improvising on to ensure that privacy is something that one is able to control for organizations, file monitoring a little bit of SIM capabilities. I'm personally kicked by point number nine, which is data inte. And this is something very unique.
If one were to look at AR EPM solution, this has the ability to squeeze every piece of data that one would have on any end devices and then turn the data, contextualize it, and then put it in ANL box, which will help you to not only automatically classify it based onl models create structures around data, similarities around data, and then probably help want to understand that what is the most important data that in organization, Carrie and who is this user within an organization who carries the most important data.
And today Paul, I was with one of our prospect clients and, and, and typically this has always been the person that I love to ask our clients and people. Do you even know who in your organization has the most critical data? And typically you'll never get an answer for that because currently people do not have the ability to visualize or solutions do not give you the ability to visualize. Where does the most important data lie forget about giving you a visualization of where you most important data is.
People are not able to even identify what is the most important data and what most important data means to them. Now, this is something that all of us together, the entire community of information, risk managers, cybersecurity experts would have to keep getting down and understanding and kind of constant improvising and defining what important data really means to one.
And, and that is where the data contextualization would come into picture cause data, which is important for you may not be important for me. I spite of the fact that we would have the same set of data. There's another interesting challenge. And while of course, this has been interesting. Some of the other way, the endpoints typically carry sometimes scary, not always lot of important information and especially for senior management and, and people who are constantly on the move today.
Technology specialists, consultants, employees from organizations that seniors, they carry around presentations, critical data. And sometimes you don't even realize you always feel that your critical data is lying somewhere in your databases, but little do you realize that your 10 slides of presentations actually has some of the most important data, which could be even a strategy data.
And, and if the strategy was to be lost, if the design was to be lost businesses simply come down because of that.
And sometimes you don't even have a, a simple backup of this data and you're not able to even kinda farm it in the right buckets. So now coming back to security and where we are on the end points, and now this has been dusted and debated and dusted over for years. Endpoint security has been around the day that the computer has been in the system and people have started to put out, started with NVI solutions. They have started to harden the device.
So if you look at the lowest element and if you were to dissect an endpoint into maybe four or five odd slices, you would realize that the lowest possible slide one would have and, and, and generally pay attention to is to be able to harden the device. And I think lot of effort has already been made in order to harden the device to ensure that the administrative ID are not available to ensure that the ports are not open to ensure that USB, which was supposed to be one of the most utility tools ever to move data, large file sizes is suddenly no longer available for people to take.
Interestingly, Paul USBs used to be one of the best takeaways during conferences and today you don't even see them. So, so hardening the hacking, the device was kind the most important one. So that one would always share with anybody control the administrative privilege accounts, endpoint protections. Malware was at the number one at the slides. Number two, one would try to control installations, applications, and data.
For example, generally the investment made by security teams is can we set up identity controls or application access controls that are appropriate for the role of the person that it is designed for? And can we also ensure that there is no data lying on the, on the endpoint and rather the data recites on the central server?
And so, so there's lot of there's, lot of effort, which has gone into in number two, but rarely people are able to comprehensively people are able to comprehensively kind this issue and still continues to be uploading challenge.
And, and the slides, number one, while I let to slides number two, but size number one is something that, again, everybody has tried to address, which would typically mean that when I access my device, do I have the right authentication, whether it could be an L and do I have the MFA? And now of course, everybody's looking as password, less authentication.
So things are typically four to five slices that one would look at when you would look at our end point and, and any user accessing any device that one would look at. And this has been the security so far. And if you were to, again, try and just recap, the, the security experiences that I spoke to you about, you would realize that most of these investments and most of these thought processes was device centric, right?
All of them one was looking at hidden parts, malware network, penetration data gets on on the second attire that you see business rules require flexibility inside of threats, corporate SP H third party access, multiple entry points, multiple points, and so on, so forth.
But unfortunately in two today's world, it is no longer relevant for protecting devices and the device security, which has been the conventional approach of trying to establish an endpoint control is hardly relevant in today's time, because as we speak, I think endpoint are just about everywhere.
And every device, literally with a small mobile phone today, you are able to do a significant aspects of your work, right? So I think, I think that has been very limited user context in anything and everything that we have tried to do so far.
And, and typically the mindset of trying to protect a device means in billions of devices, that you have millions of thousands and hundreds of thousands in several organizations. You're trying to find that, trying to identify that which device is device is likely to have a problem. And eventually which device is likely to then lead to the entry point for other devices.
And so how is it changing today?
And I would want address the, the second slice in, in the approach that I think we gone are very passionate about, because I think that would emerge to be one of the most important elements of control going forward. And what this really is. I think I personally like to call this as an outcome based model, which is the, the user and the data context layer.
So while somebody has done the authentication, the MFA, and when you land on your devices and it could be any portable device or fixed device or desktop or somebody, I think one would now start looking at identities and one would now start looking at data contextual layer, right? And typically these could be remote accesses use cases. It would be device agnostic applications on how typically cloud based. So sometimes you may not even haves or applications on your desktops, which we used to see before, right?
Profiles are dynamic, your job profile, the dynamic, you are part of the HR department today. You're part, you're certainly part of the strategy team, even though you're from the HR department, which means you need to access a lot of data, you need to suddenly access a lot of applications, right? And you come out of that, build operated transfer, probably get into other project. So it is a constantly moving engine and, and, and the world is fast evolving around even the business functions and the roles. I think I would probably say there's nothing like departments today, right?
And most of the organizations which are growing very, very fast, billions of dollars, they're trying to generate within a short period of time are all related to ninja teams and, and, and small teams. And they're literally into multiple functions at one point in time. So literally I think the data contextual layer should be such that it should allow you to do what you want to do.
And when you want to do in spite of the fact of what you want to do, and when you want to do it, should have the ability to be able to control it and still establish security frameworks within a non organization.
So that brings us to the portion, where should we be? And that is where I think our comes in with the next generation protection and our EPM solution. Besides the conventional, besides the conventional features that Paul you, you spoke about and helps want to meet the compliance challenges or regulations, or even access controls and privilege management.
I think we would look at making sure that the EPM solution not only has the ability to do user behavior analytics, but it helps you to form the third layer of defense, which also helps you to actually ease of operations and support because now the, the contextualization helps you to build an AI ML model around it.
So the data models are created, which are connected to the identities to enable you to do your job little faster. I dunno. I always keep saying this call that why do cars have brakes?
And interestingly, you know, people would probably answer the cars or brakes because you wanna slow down the car. Well, I would always want put it the other way. Cars are brakes because we would run the car faster. If we did was to slow down the car, would've not the car.
Similarly, I think the intent of probably putting the access controls of security should not be to slow down a person and create friction, but the intent should be to help you to do what you want do when you want to do, but at the same time, try and ensure that you have the right control framework and you have the right security and, and end user is hardly bothered about how you put that security, but he wants to do a very seamless, he wants to do a, a very seamless access and he wants to do his job.
And it has to be very, very now, finally, I think trying to wrap this conversation and maybe leave some time for cautions and answers. I think our EPM solution has extended the scope because you have agents running and even today S are no longer happy with lot of agents running on the machine. So you have to ensure that, that the solution that you have packed on the end devices is, is comprehensive enough.
And I think it should help you to kind of meet the authentication layer, the zero trust and the continuous assessment, and ensure that all that you do is eventually carried back to the SIM solutions and literally helps you to keep doing what you have to do. So I think just to try and try and end this conversation here, I would want to point you to item number eight, which is to talk about literally one needs, Toci the user and let him carry his profile wherever he goes, voice device agnostic, and ensure that, you know, one, he or she is able to do what they want to do when they want to do.
But at the same time, the security should be such that somebody's watching you over. Somebody's ensuring that you're able to do the job. Somebody's ensuring that if you want do something extra, which is beyond your profile, you have the ability to quickly elevate yourself and get it executed. Yeah. And I think in line with this, our solution also has the model which actually comes back, learns for three or four months and comes back and suggests profile, which is getting automatically applied, which means the deployment of the solution should not be a pain, is not a pain.
It's simply installing it, running it, the system learns by itself and the system starts recommending in terms of what one needs to do. So I think this is where I am. I didn't want to get into the nitty gritty of the features, but I just wanted to kinda impress upon the fact that the directional way that AR would like to take shoe for EPM solution is literally trying to build data context model. And if one were to be able to do this, I think one would be able to do identity centric security very well in the next couple of years.
So thank you Paul for the time and copy that call for this fantastic hand, this back to, for any questions that may come across. Thank
Thank you. Some interesting concepts there to talk about before the, we talked, take Q and a, let's just look at the, the first, the first of the two polls, which was, excuse me, which was, how has the working from home movement affected you? And the results are interesting. 17% have less than 10% of staff working from home.
17%, again, have less than 25%, but 50% have more than 50% of their workforce working from home, but only 17%, a hundred percent working home. But, but I'm pleased to see that no one has banned working from home, which is, which is, which I think is a positive, positive thing in, in the, the current climate. So let's just go to the other poll, which was, what were your concerns about endpoint security?
40% are worried about quite rightly attackers accessing service and databases, 20% end users downloading malware, 20% worried about lack of visibility into endpoints activity, 30% worried, the end users and admins having too much privilege, but no one, this is interesting. No one was too worried about end users sharing business and personal data or on the same machine or endpoint. So interesting there, and any comments on those results, or pretty much as you would expect, we can't hear you at the moment.
Okay. Got it.
I think the first one was also interesting, almost 70 to 20% of the people hundred, hundred percent of people were working from home. Right. So imagine almost 20% of the workforce. And if we were to take a global average, and even if we had to come down, 15% of the workforce working from home is, is I think very, very interesting. Yeah. Very interesting. Yeah.
And, and fundamentally all that you mentioned in the next poll about challenges around downloading, accessing meaning applications that one would want to access or not want to access is something that we've had this far now for, and, and interestingly, in spite of the fact that there are solutions with millions of dollars, we still continue to struggle with this. Right. So I think, I think what needs to find the method in the madness of trying to make this, I mean, any employee walking in, how does even about what you want to protect, he wants to get on his job, right.
And he wants to ensure that he's able to do his job meaningfully and add value to the organization. So I think, I think there would be lot of, lot of for thought for all of us, for the future, in the sense that maybe security becomes embedded in anything and everything that we do. And it actually becomes passive. If I were to be asked, how, what should be the objective of a security system? I think it should become passive and it should simply be automatic.
I think, I think so interesting. Both these tools also. Interesting.
Yeah. And it seems to bear out the research that I talked about, which is hybrid working. So people are not working all the time at home and all the time in the office, but back back to you, I can. So you talked about contextual models a bit, maybe you could just help explain how contextual models help build endpoint security, excuse me.
So fundamentally I think all of us understand that what we need to protect this data at the end of the day, right.
Machine and protecting a machine is hardly relevant today in, in today's word. And if one were to protect data, one also needs to understand who are you protecting against? Right. So identities and data would probably go together in the correct. And if identity, the data were to go together in the future, you would also need to understand in terms of my access is my models in terms of what one is doing, what kind of work one is doing automatically assess which department I'm part of and not only the department and the work, it goes down all the way off.
Even if I'm in the HR department, it is what am I sourcing people? Okay.
So maybe, you know, the model leads to understand that my work profile, while it could be a HR department is actually sourcing people in some way, because I have got sourcing information.
Now, do I have personal information?
Of course, certainly just because I'm a sourcing agent for the organization. I have so much of personal information of people, right. Coming to me because I'm person who's trying to acquire people, I'm talking to people, getting their information. And suddenly you realize that, you know, one person in the HR department has become important because he has, or she has some of the most important privacy information of the prospective candidates that one is trying to source. And so and so forth. So suddenly somebody who never seemed to be so important becomes important.
So this is where I'm coming from. When I say that you need to build contextual data models, to be able to understand that, you know, is the data important? Why is it important? Who is it important to, and then collaborate, correlate all of them to create a point of action for you.
Now, if you were to collaborate and correlate all of them, you then able to react back identity system you're then D that is in really by and
Fantastic. Just time for a quick question then, which is probably quite a big question, but how, how does Aon, how would Aon solution be different? And I've just put up there some research that we have done.
Well, I think, I think this is, yeah, this is an interesting research and I would also want to, and I think you've written this very, very well, Paul and I think I would want to all our viewers today and all those who would want to view this in the future, that one should go through that research document. And you neatly brought out the use cases of, you know, why endpoint privilege management is important.
And also maybe couple of things that our is doing while, while I'm not here to kind of, you know, keep talking about the fact that what solution we have, I'm only trying to talk about fundamentally, what is it that we are trying to achieve? And what we are trying to achieve is that if you have an agent or if you have something with just sitting on your desktop and, and it has the ability to do what it is doing, and besides that, it has the ability to squeeze data, understand data, create relationships.
And this is what this is what solutions should be doing of the future.
So we are investing in, in the predictive model rather than in the detective model. And, and that is where I think fundamentally we are very different when you look at any other EPM solution, I don't think, and I think, you know, this better than me, Paul, that no other solution today, which is in the EPM category or for that matter, I don't think even the data classification solutions would do what we are doing. So no other solutions, which are in any category around the endpoint are trying to tie this up the way that we are trying to do this.
Currently, of course, there could be some of them in the world who would be probably doing it. But I think our convention is that we have one of the strongest S conventionally and added to that with data intellect. It becomes a very, very powerful system to, to, to help you meet identity centric security for the future.
Fantastic. Okay.
Well, we have actually come to the end of the webinar, as I said, if any of your colleagues wish to listen to it, it will be downloadable in the next day or two. And the slides will also both sets of slides will be available for download, but that I'd like to thank annal and Aon for being with us today and also to you for, for listening. Thank you very much.
Thank you.
Thank you, Paul. And thank you for the call. Fantastic. Thank you.
