Companies scramble to tame the wild endpoint

Nine out of 10 companies plan to invest in technology to reign in their chaotic collection of desktops, laptops, and -- increasingly -- mobile devices

A failure to gather adequate information on endpoint devices is the top security concern for a third of firms, according to a survey of IT managers and chief security officers.

The survey, conducted by Zogby on behalf of IBM and supporting Big Blue's announcement of a number of endpoint management products and strategies, found that 90 percent of companies planned to purchase new technologies to help them better manage their endpoints. A major problem for many of the companies is mobile devices and tablets, such as the iPad, says Marc van Zadelhoff, worldwide director of strategy for IBM security solutions.

While 73 percent of companies allowed employees to connect to the network with nontraditional endpoints, more than a third of the firm's IT managers did not have faith in the mobile devices' security.

"I hear from clients that the reason we need to let mobile devices onto the network -- I call this BYOT, bring your own technology -- is because your CEO comes on site and says, 'I got an iPad for Christmas from my kids and I want to be able to get corporate email on it,'" says van Zadelhoff. "If you are the security department, what are you going to say to the CEO?"

While some security experts have lauded the increased use of mobile devices as a way to heighten security and reduce costs, others -- especially security firms with products to sell -- have focused on the downsides of the influx of smartphones and iPads.

Like lost laptops, the most significant threat for mobile users is not malware, but losing control of their device and the corporate data that may be on the device. For that reason, companies such as IBM and others are focusing on ways of managing devices and remotely securing lost devices. Intel, for example, has added security right into the chip set, allowing user to take advantage of traditional two-factor authentication using a single device.

At the its Pulse Conference this week, IBM gave customers details of its Tivoli Endpoint Management platform, which allows companies to manage as many as 100,000 distributed endpoints from a single management server. Big Blue has partnered with security software firm Trend Micro to provide a security client to all devices. The endpoint protection solution takes advantage of technologies from recent acquisitions made by IBM, including BigFix, Ounce Labs, Telelogic, and Watchfire. The company will also be announcing a cloud service for managing mobile devices using software from network firm Juniper.

While malware is not a current concern for most mobile users, security researchers have already found a number of flaws on the devices. As time goes on, it will become a greater threat, says van Zadelhoff.

"On the mobile device, it is only two years since iOS came on the market and this whole smartphone revolution hit us," he says. "We are talking data being stolen as the concern now, but I think soon we will be seeing vulnerabilities exploited."

This story, "Companies scramble to tame the wild endpoint," was originally published at Get the first word on what the important tech news really means with the InfoWorld Tech Watch blog. For the latest business technology news, follow on Twitter.