Managed endpoint security services run in addition to standard security precautions
Managed endpoint security is not a replacement for longstanding precautions such as using appropriate security software (including on mobile devices), having a robust password policy and ensuring that all devices are updated as appropriate. It is an add-on service that strengthens all of the above.
Managed endpoint security works in a very similar way to managed IT security
As with managed IT security, the core aim of managed endpoint security is to prevent rather than to cure. In other words, managed endpoint security providers will generally focus on keeping devices secure and monitoring the activity which takes place on them rather than on incident management. In fact, it is entirely possible that help with incident management would be seen as an add-on service and charged accordingly as might consulting.
Managed endpoint security will typically involve continuous monitoring backed by staff
You can think of the core of managed endpoint security as being like a superpowered antimalware product. Essentially, the managed endpoint security provider will use their own monitoring tools on the end devices and either report any alerts to you or have their staff respond to them (or both). They are likely to offer you access to performance metrics, usually via a web portal and/or auto-generated reports.
If an incident does occur, there are a variety of ways in which your managed endpoint security provider can help you with it. Possibly the most obvious is identifying the root cause and hence what needs to be done to remedy the situation, plus any further steps which need to be taken to prevent the situation from happening again.
These days there also tends to be a strong emphasis on data logging (and retention) and data forensics. This may simply be as part of general security precautions, but it can also be required as a means to keep security auditors happy and in a worst-case to provide evidence in court (or to protect against a legal claim in the event of an employee being dismissed).
Managed endpoint service providers can also often help with change/lifecycle management
Technically, change management and lifecycle management are different areas, but in practical terms, they often go hand in hand and so managed endpoint security services which offer one will also generally offer the other. Endpoints usually need to be kept regularly updated with patches and security updates. These must be applied promptly and ideally should be applied with the minimum of inconvenience to staff, such as during lunch breaks or out of hours.
In addition to this, endpoints also need to be swapped out periodically as they reach a point where their hardware ceases to be able to cope with continual software updates. The frequency with which swap-outs are needed depends on the devices, usually in a business environment it would be every couple of years for mobile devices and possibly longer for desktops and laptops. The process also needs to be managed and managed endpoint security providers may be able to help here.
It’s crucial to understand the details of what’s included in a managed endpoint security service
Admittedly this applies to just about anything, including and perhaps especially managed services, but it has particular relevance to managed endpoint security. The reason for this is that it is offered by a diverse range of providers each with their own view of what, exactly, constitutes a core service and what exactly constitutes an add-on service and their own approach to charging for them.
For example, some companies may specialize purely in managed endpoint security, whereas others may offer endpoint security along with other managed IT security services, or even along with managed IT services in general.
All of these companies may offer a range of service packages, typically with the option to add-on extra services to the lower-priced packages but companies which offer a more extensive range of services, such as all-round managed IT companies may adjust their prices depending on whether or not you also buy any of their other services.
None of these approaches is right or wrong and you may find that more than one of them works for you, the key point is to understand exactly what is and is not included in any given deal so that you are comparing like with like.
Managed network services definition