Skip Navigation
BlackBerry ThreatVector Blog

Unified Endpoint Security: Advancing the Security Paradigm

According to industry research firm MarketandMarkets, the global endpoint security market will grow from $12.8 billion in 2019 to $18.4 billion over the next four years. The primary growth drivers are expected to be the steep increase in the number of devices, along with increased spending to be able to manage the security of all these endpoints centrally.

Not only are the number of attack points increasing, but enterprises are also seeing a continuous increase in security toolsets and all of the associated management hassles. These management hassles include having too many security consoles to manage (one from each endpoint security product) and too many alerts that need to be responded to. The result is security teams have to throw even more budget and technology at the challenges while getting less security.

Security Complexity

The battle to defend endpoints from attacks designed to compromise devices and gain a foothold in the enterprise network is never-ending. To keep endpoints protected, enterprise security teams typically deploy antivirus (AV) and endpoint detection and response (EDR) solutions, endpoint firewalls, data loss prevention (DLP) technology, mobile threat defense (MTD), and other software protections that are designed to protect endpoints.

Managing all of these security point solutions across a large, distributed network that may include both corporate-managed and employee-owned (BYO) devices requires a robust unified endpoint management (UEM) solution. Adding to this complexity, each of these security solutions - whether provided by one vendor or many - requires its own console. This not only complicates deployment and management of the solutions, it negatively impacts device performance, user experience and productivity. Too many vendors, contracts, capabilities, and consoles mean too much complexity where solutions should be simplifying business processes. Worse yet, it can significantly hinder the ability of security teams to effectively keep these endpoints secure.

Many of the key aspects necessary for good security can actually break down. Critical threat data is lost or fails to be tied into the bigger security picture because of all of the various agents and consoles that have to be managed. Security teams can’t get the holistic insight into threats they need in order to understand how attacks are working across domains to successfully stop them from spreading through the network. Having disparate vendors means there’s no context correlation between the solutions. So, intelligence about malware detected on a mobile device is siloed from intel derived from laptops, servers, etc. These systems need to be integrated to support effective security controls. 

What is the impact of all of this chaos from security solution complexity? Enterprises end up spending more on endpoint security while actually achieving less efficacy in outcomes and return on their security investment. Additionally, when end-users are forced to try to be productive in the face of so many security defenses, they end up turning security controls off or otherwise finding workarounds. This further undermines security and increases risk for the organization. If organizations can make the secure way of doing things the easiest way for users, they will not feel like they have to find workarounds for security controls in order to get their jobs done.

The explosion of enterprise endpoints makes the security situation even more challenging. While many still consider endpoints to be traditional computers and mobile devices, it’s no longer a true reflection of today’s attack surface. Today, vulnerable endpoint devices include traditional servers, desktops, notebooks, mobile phones, connected sensors, industrial control systems, smart office control systems, and more device types being connected by the day.

Unified Endpoint Security (UES): The New Security Paradigm

Enterprises need better ways to understand and quantify their risks and make decisions to fit their actual risk posture based on real-time security data and dynamic policy controls. They don’t need layers of disparate point solutions that won't get them there; they need endpoint security that is smarter and more congruent. The more centralized the security technology, the more effective the policies, the more usable and secure that environment will be, and the greater the ability that the organization will be able to implement the security found in more mature organizations, such as a Zero Trust security architecture.

What’s needed is a consolidation of endpoint security defenses so that enterprises can more effectively manage their security across users, devices, networks, apps, and data. Instead of trying to maintain a mix of endpoint protection platforms, endpoint detection and response, mobile threat defense, authentication, data loss prevention individually, organizations need consolidated options.

Fortunately, that consolidation is here and underway. In a recent Gartner report titled Predicts 2020: Mobile and Endpoint Technologies, a rising Unified Endpoint Security (UES) market will combine Mobile Threat Defense (MTD) offerings with Endpoint Detection and Response (EDR) and Endpoint Protection (EPP) solutions. Gartner predicts that the consolidation will continue over the next three years into a single UES market and advises that enterprises should invest now in security tools with this convergence in mind.

UES and the Enterprise

A few years ago, the notion of being able to centralize the management of all of these diverse endpoints without significant investments in additional log management and security event management capabilities was impossible, and such capabilities were beyond the reach of all but the largest of enterprises. Fortunately, the technology required to simplify endpoint security is available today due to advances in cloud-based SaaS and artificial intelligence offerings.

One crucial way UES will improve enterprise security efforts is through the advent of a single endpoint security console that simplifies management across every endpoint, including desktops, servers, mobile devices, embedded IoT, connected vehicles, medical devices, and more. This capability standardizes and simplifies security deployments and delivers centralized management while providing a comprehensive view of security occurrences across endpoints, users, data, and networks.

BlackBerry Spark® Suites

While Gartner is suggesting to enterprises that they consider the eventuality of UES capabilities in their future planning, the reality is that a comprehensive UES solution is already available from BlackBerry. We recently announced the availability of BlackBerry Spark® Suites, a set of comprehensive solutions that offer enterprises a range of tailored endpoint security and management options that minimize risk, reduce security costs, and overcome complexity.

BlackBerry Spark Suites combine the best of endpoint security and management capabilities powered by artificial intelligence and automation, and includes the following options:

The BlackBerry Spark UES® Suite provides a full set of endpoint security capabilities, including AI-driven user and entity behavior analytics, next-generation Mobile Threat Defense, Endpoint Protection, as well as Endpoint Detection and Response. Data Loss Prevention and a Secure Internet Gateway will be added to this suite in the near future.

Also available is the BlackBerry Spark® UEM Suite, which provides a highly secure way to manage and secure devices and applications, including secure interoperability with Microsoft® Office 365® mobile apps. It also offers a full set of endpoint management capabilities, Digital Rights Management, Identity and Access Management, SDK/custom apps, multi-channel notifications and regulated controls. A streamlined option of this offering is also available in the BlackBerry Spark® UEM Express Suite.

For the most comprehensive solution, BlackBerry Spark® Suite provides a one-stop-shop and the gold standard that includes features of the BlackBerry Spark UES Suite and BlackBerry Spark UEM Suite and supports all device types and ownership models. It’s built to enable a Zero Trust security environment and is focused on earning trust across any endpoint and continuously validating that trust at every event or transaction.

A convenient side-by-side comparison of all of the BlackBerry Spark Suites can be found here.

All of these advances can also improve the end-user experience while increasing security. Having a single console to centrally manage and secure all of an organization’s endpoints means performance isn’t adversely impacted, providing a near-zero touch user experience across all devices whether they are fixed or mobile, inside or outside the network firewall, corporate-managed or BYO.

BlackBerry Spark Suites provides a more straightforward experience to users while also enhancing security for the organization. For more information on the BlackBerry Spark Suites and the advantages of a Zero Trust, zero touch security model, please contact us.

Alex Willis

About Alex Willis

Alex Willis serves as the Vice President, Global Technical Solutions at BlackBerry.