Skip to content

5 Proven Ways Manufacturers Can Get Started With Analytics

5 Proven Ways Manufacturers Can Get Started With Analytics

Going into 2020, manufacturers are at an inflection point in their adoption of analytics and business intelligence (BI). Analytics applications and tools make it possible for them to gain greater insights from the massive amount of data they produce every day. And with manufacturing leading all industries on the planet when it comes to the amount of data generated from operations daily, the potential to improve shop floor productivity has never been more within reach for those adopting analytics and BI applications.

Analytics and BI Are High Priorities In Manufacturing Today

Increasing the yield rates and quality levels for each shop floor, machine and work center is a high priority for manufacturers today. Add to that the pressure to stay flexible and take on configure-to-order and engineer-to-order special products fulfilled through short-notice production runs and the need for more insight into how each phase of production can be improved. Gartner’s latest survey of heavy manufacturing CIOs in the 2019 CIO Agenda: Heavy Manufacturing, Industry Insights, by Dr. Marc Halpern. October 15, 2018 (Gartner subscription required) reflects the reality all manufacturers are dealing with today. I believe they’re in a tough situation with customers wanting short-notice production time while supply chains often needing to be redesigned to reduce or eliminate tariffs. They’re turning to analytics to gain the insights they need to take on these challenges and more. The graphic below is from Gartner’s latest survey of heavy manufacturing CIOs, it indicates the technology areas where heavy manufacturing CIOs’ organizations will be spending the largest amount of new or additional funding in 2019 as well as the technology areas where their organizations will be reducing funding by the highest amount in 2019 compared with 2018:

Knowing Which Problems To Solve With Analytics

Manufacturers getting the most value from analytics start with a solid business case first, based on a known problem they’ve been trying to solve either in their supply chains, production or fulfillment operations. The manufacturers I’ve worked with focus on how to get more orders produced in less time while gaining greater visibility across production operations. They’re all under pressure to stay in compliance with customers and regulatory reporting; in many cases needing to ship product quality data with each order and host over 60 to 70 audits a year from customers in their plants. Analytics is becoming popular because it automates the drudgery of reporting that would otherwise take IT team’s days or weeks to do manually.

As one CIO put it as we walked his shop floor, “we’re using analytics to do the heavy data crunching when we’re hosting customer audits so we can put our quality engineers to work raising the bar of product excellence instead of having them run reports for a week.” As we walked the shop floor he explained how dashboards are tailored to each role in manufacturing, and the flat-screen monitors provide real-time data on how five key areas of performance are doing. Like many other CIOs facing the challenge of improving production efficiency and quality, he’s relying on the five core metrics below in the initial roll-out of analytics across manufacturing operations, finance, accounting, supply chain management, procurement, and service:

  • Manufacturing Cycle Time – One of the most popular metrics in manufacturing, Cycle Time quantifies the amount of elapsed time from when an order is placed until the product is manufactured and entered into finished goods inventory. Cycle times vary by segment of the manufacturing industry, size of manufacturing operation, global location and relative stability of supply chains supporting operations. Real-time integration, applying Six Sigma to know process bottlenecks, and re-engineering systems to be more customer-focused improve this metrics’ performance. Cycle Time is a predictor of the future of manufacturing as this metric captures improvement made across systems and processes immediately.
  • Supplier Inbound Quality Levels – Measuring the dimensions of how effective a given supplier is at consistently meeting a high level of product quality and on-time delivery is valuable in orchestrating a stable supply chain. Inbound quality levels often vary from one shipment to the next, so it’s helpful to have Statistical Process Control (SPC) charts that quantify and show the trends of quality levels over time. Nearly all manufacturers are relying on Six Sigma programs to troubleshoot specific trouble spots and problem areas of suppliers who may have wide variations in product quality in a given period. This metric is often used for ranking which suppliers are the most valuable to a factory and production network as well.
  • Production Yield Rates By Product, Process, and Plant Location – Yield rates reflect how efficient a machine or entire process is in transforming raw materials into finished products. Manufacturers rely on automated and manually-based approaches to capture this metric, with the latest generation of industrial machinery capable of producing its yield rate levels over time. Process-related manufacturers rely on this metric to manage every production run they do. Microprocessors, semiconductors, and integrated circuit manufacturers are continually monitoring yield rates to determine how they are progressing against plans and goals. Greater real-time integration, improved quality management systems, and greater supply chain quality and compliance all have a positive impact on yield rates. It’s one of the key measures of production yield as it reflects how well-orchestrated entire production processes are.
  • Perfect Order Performance – Perfect order performance measures how effective a manufacturer is at delivering complete, accurate, damage-free orders to customers on time. The equation that defines the perfect order Index (POI) or perfect order performance is the (Percent of orders delivered on time) * (Percent of orders complete) * (Percent of orders damage free) * (Percent of orders with accurate documentation) * 100. The majority of manufacturers are attaining a perfect order performance level of 90% or higher, according to The American Productivity and Quality Center (APQC). The more complex the product lines, configuration options, including build-to-order, configure-to-order, and engineer-to-order, the more challenging it is to attain a high, perfect order level. Greater analytics and insights gained from real-time integration and monitoring help complex manufacturers attained higher perfect order levels over time.
  • Return Material Authorization (RMA) Rate as % Of Manufacturing – The purpose of this metric is to define the percentage of products shipped to customers that are returned due to defective parts or not otherwise meeting their requirements. RMAs are a good leading indicator of potential quality problems. RMAs are also a good measure of how well integrated PLM, ERP and CRM systems, resulting in fewer product errors.

Conclusion

The manufacturers succeeding with analytics start with a compelling business case, one that has an immediate impact on the operations of their organizations. CIOs are prioritizing analytics and BI to gain greater insights and visibility across every phase of manufacturing. They’re also adopting analytics and BI to reduce the reporting drudgery their engineering, IT, and manufacturing teams are faced with as part of regular customer audits. There are also a core set of metrics manufacturers rely on to manage their business, and the five mentioned here are where many begin.

Financial Services Rely On BYOD – How Do They Stay Secure?

Financial Services Rely On BYOD – How Do They Stay Secure?

Bottom Line: 2020 is going to be the year companies launch more digital business initiatives that depend on BYOD than ever before, making Zero Trust Security a key contributor to their success.

Financial Services firms are at an inflection point going into 2020. Mobile-first products and services now dominate their product roadmaps for next year, with applications’ speed and security being paramount. In fintech, DevOps teams have been working with AngularJS for years now, and the scale and speed of their applications reflect their expertise. How well existing IT infrastructure flexes to support the new mobile-first product and services strategies depends on how quickly members of IT, customer service, and customer success teams can respond. BYOD is proving invaluable in achieving the speed of response these new digital business models require.

In 2020 more employees of Financial Services firms will rely on their mobile devices as their primary form of digital ID than has ever been the case before. A recent survey conducted by IDG in association with MobileIron found that 89% of security leaders believe mobile devices will be the primary digital ID employees use to gain access to resources and get work done. The CIOs I’ve spoken agree. A copy of the IDG and MobileIron study, Say Goodbye to Passwords, can be downloaded here.

Counting On BYOD To Deliver Responsiveness And Speed

CIO and IT bonuses are often indexed to the revenue contributions their new products and services deliver, making speed, scale, security, and responsiveness the most important features of all. Fintech CIOs are saying that BYOD is proving indispensable in scaling IT in support of new digital business initiatives as a result. By 2022, 75% of smartphones used in the enterprise will bring your own device (BYOD), up from 35% in 2018, forcing a migration from device-centric management to app- and data-centric management, according to Gartner’s Competitive Landscape: Managed Mobility Services.

Two factors continue to propel BYOD adoption in financial services, fueling the need for Zero Trust Security across every mobile device. The first is the need for real-time responsiveness from internal team members and the second is having every threat surface protected without degrading the time to respond to customers. Every CIO, IT and Product Management leader I’ve spoken with mention the race they are in to deliver mobile-first products and services early in 2020 that redefine their business.  With every identity being a new security perimeter, Financial Services firms are relying on Unified Endpoint Management (UEM), multi-factor authentication (MFA), and additional zero trust-enabling technologies as an integral part of their Enterprise Mobility Management (EMM) strategy. Their goal is to create a Zero Trust Security framework that protects every mobile device endpoint. Leaders in this field include MobileIron, who also provides zero sign-on (ZSO), and mobile threat defense (MTD) in addition to UEM and EMM solutions today.  The following are the key features every BYOD program needs to offer to stay secure, scale and succeed in 2020:

  •  Separation of business and personal data is a must-have in any BYOD security strategy. FinTechs who have the greatest success with BYOD as part of their digital initiatives are relying on Enterprise Mobility Management (EMM) to selectively wipe only the business data from a device in the event it is compromised.
  • An interactive, intuitive user experience that can be quickly customized at scale by role, department, and workflow requirements without impacting user productivity. Too often BYOD users have had to trade off having stronger security on their own devices versus using a company-provided smartphone to get remote work done. The best EMM and UEM solutions in the market today enable Zero Trust by treating every identity as a new security perimeter.
  • Define the success of a BYOD security strategy by how well it immediately shuts down access to confidential data and systems first. Being able to immediately block access to confidential systems and data is the most important aspect of securing any BYOD across a network.
  • Limit access to internal system resources based on the employee’s department, role, and function to eliminate the risk of confidential data ending up in a personal app. EMM solutions have progressed quickly, especially on the dimension of providing Zero Trust Security across BYOD networks. Look for an EMM solution that gives the administrator the flexibility of limiting mobile device access to a specific series of services and access points based on an employees’ role in a specific department and the scope of data they need access to.
  • Proven multi-operating system expertise and support for legacy internally created mobile applications and services. One of the main reasons BYOD is succeeding today as an enablement strategy is the freedom it gives users to select the device they prefer to work with. Supporting Android and IOS is a given. Look for advanced EMM and UEM solutions that also support legacy mobility applications. The best BYOD security solutions deliver device and application compatibility with no degradation in security or performance.

Conclusion – Why BYOD Strategies Need Zero Trust Now

Trust-but-verify isn’t working today. Attackers are capitalizing on it by stealing or buying privileged access credentials, accessing any system or database they choose. Financial Services firms fully expect their new products and services launching in 2020 to face an onslaught of breach and hacking attempts. Trust-but-verify approaches that are propagated across an enterprises’ BYOD base of devices using Virtual Private Networks and demilitarized zones (DMZ) impede employee’s productivity, often force login authentication. Trust-but verify doesn’t scale well into BYOD scenarios, leaving large gaps attackers can gain access to valuable internal data and systems. For BYOD users, trust-but-verify reduces productivity, delivers poor user experiences, and for new business models, slower customer response times.

By going to a Zero Trust Framework, Financial Services firms will be able to treat every identity and the mobile device they are using as their new security perimeter. Basing a BYOD strategy on a Zero Trust Framework enables any organization to find the correlation between the user, device, applications, and networks in milliseconds, thwarting potential threats before granting secure access to the device. Leaders delivering Zero Trust for BYOD include MobileIron, who provides endpoint management (UEM) capabilities with enabling technologies of zero sign-on (ZSO) user and device authentication, multi-factor authentication (MFA), and mobile threat detection (MTD).

Securing Multi-Cloud Manufacturing Systems In A Zero Trust World

Securing Multi-Cloud Manufacturing Systems In A Zero Trust World

Bottom Line: Private equity firms are snapping up manufacturing companies at a quick pace, setting off a merger and acquisition gold rush, while leaving multi-cloud manufacturing systems unprotected in a Zero Trust world.

Securing the Manufacturing Gold Rush of 2019

The intensity private equity (PE) firms have for acquiring and aggregating manufacturing businesses is creating an abundance of opportunities for cybercriminals to breach the resulting businesses. For example, merging formerly independent infrastructures often leads to manufacturers maintaining — at least initially — multiple identity repositories such as Active Directory (AD), which contain privileged access credentials, usernames, roles, groups, entitlements, and more. Identity repository sprawl ultimately contributes to maintenance headaches but, more importantly, security blind spots that are being exploited by threat actors regularly. A contributing factor is a fact that private equity firms rarely have advanced cybersecurity expertise or skills and therefore don’t account for these details in their business integration plans. As a result, they often rely on an outdated “trust but verify” approach, with trusted versus untrusted domains and legacy approaches to identity access management.

The speed PE firms are driving the manufacturing gold rush is creating a sense of urgency to stand up new businesses fast – leaving cybersecurity as an afterthought, if even a consideration at all. Here are several insights from PwC’s Global Industrial Manufacturing Deals Insights, Q2 2019 and Private Equity Trend Report, 2019, Powering Through Uncertainty:

  • 39% of all PE investors rate the industrial manufacturing sector as the most attractive for acquiring and rolling up companies into new businesses.
  •  The manufacturing industry saw a 31% increase in deal value from Q1 2019 to Q2 2019 with industrial manufacturing megadeals driving deal value to $27.4B in Q2, 2019, on 562 deals.
  • Year-to-date North American manufacturing has generated 184 deals worth $15.2B in 2019.
  •  Worldwide and North American cross-sector manufacturing deal volumes increased by 32% and 30% in Q2, 2019 alone.

PE firms are also capitalizing on how many family-run manufacturers are in the midst of a generational change in ownership. Company founders are retiring, and their children, nearly all of whom were raised working on the shop floor, are ready to sell. PE firms need to provide more cybersecurity guidance during these transactions to secure companies in transition. Here’s why:

How To Secure Multi-Cloud Manufacturing Systems in a Zero Trust World

To stop the cybercriminals’ gold rush, merged manufacturing businesses need to take the first step of adopting an approach to secure each acquired company’s identity repositories, whether on-premises or in the cloud. For example, instead of having to reproduce or continue to manage the defined rights and roles for users in each AD, manufacturing conglomerates can better secure their combined businesses using a Multi-Directory Brokering approach.

Multi-Directory Brokering, such as the solution offered by Privileged Access Management provider Centrify, empowers an organization to use its existing or preferred identity directory as a single source of truth across the organization, brokering access based on a single identity rather than having to manage user identities across multiple directories. For example, if an organization using AD acquires an organization using a different identity repository or has multiple cloud platforms, it can broker access across the environment no matter where the “master” identity for an individual exists. This is particularly important when it comes to privileged access to critical systems and data, as “identity sprawl” can leave gaping holes to be exploited by bad actors.

Multi-Directory Brokering is public cloud-agnostic, making it possible to support Windows and Linux instances in one or multiple Infrastructure-as-a-Service (IaaS) platforms to secure multi-cloud manufacturing systems. The following diagram illustrates how Multi-Directory Brokering scales to support multi-cloud manufacturing systems that often rely on hybrid multi-cloud configurations.

Manufacturers who are the most negatively impacted by the trade wars are redesigning and re-routing their supply chains to eliminate tariffs, so they don‘t have to raise their prices. Multi-cloud manufacturing systems are what they’re relying on to accomplish that. The future of their business will be heavily reliant upon how well they can secure the multi-cloud configurations of their systems. That’s why Multi-Directory Brokering makes so much sense for manufacturers today, especially those looking for an exit strategy with a PE firm.

The PE firms driving the merger and acquisition (M&A) frenzy in specific sectors of manufacturing need to take a closer look at how Identity and Access Management (IAM) is being implemented in the manufacturing conglomerates they are creating. With manufacturing emerging as a hot industry for PE, M&A, and data breaches, it’s time to move beyond replicating Active Directories and legacy approaches to IAM. One of the most important aspects of a successful acquisition is enabling administrators, developers, and operations teams to access systems securely, without massive incremental cost, effort, and complexity.

Conclusion

The manufacturing gold rush for PE firms doesn’t have to be one for cybercriminals as well. PE firms and the manufacturing companies they are snapping up need to pay more attention to cybersecurity during the initial integration phases of combining operations, including how they manage identities and access. Cybercriminals and bad actors both within and outside the merged companies are lying in wait, looking for easy-exploitable gaps to exfiltrate sensitive data for monetary gain, or in an attempt to thwart the new company’s success.

Sources:

Global industrial manufacturing deals insights: Q2 2019, PwC, 2019. A PDF of the study is accessible here (6 pp., no opt-in).

Private Equity Trend Report, 2019, Powering Through Uncertainty, PwC, February 2019, 80 pp., PDF, no opt-in.

Improving Endpoint Security Needs To Be A Top Goal In 2020

Improving Endpoint Security Needs To Be A Top Goal In 2020

Bottom Line:  Attacking endpoints with AI, bots, and machine learning is gaining momentum with cybercriminals today with no signs of slowing down into 2020, making endpoint security a must-have cybersecurity goal for next year.

Cyberattacks are growing more complex and difficult to prevent now and will accelerate in the future, making endpoint security a top goal in 2020. Cybercriminals are using structured and unstructured machine learning algorithms to hack organizations’ endpoints with increasing frequency. Endpoint attacks and their levels of complexity will accelerate as cybercriminals gain greater mastery of these techniques.

In response, endpoint protection providers are adopting machine learning-based detection and response technologies, providing more cloud-native solutions that can scale across a broader range of endpoints, and designing in greater persistence and resilience for each endpoint. The recent IDC survey published this month, Do You Think Your Endpoint Security Strategy Is Up to Scratch? completed in collaboration with HP recommends that “companies should seek to build resilience — on the assumption that breaches are inevitable — and look for “security by design” features that facilitate or automate detection and recovery.” IDC surveyed 500 senior security executives globally, finding major differences between leading organizations who realize endpoint security is essential for a unified cybersecurity strategy and followers, who don’t.

What Differentiates The Most Effective Endpoint Strategies? 

IDC’s study found that leaders who integrate endpoint security into their cybersecurity plans are more effective at compliance reporting, endpoint hardening, and attack detection and response. Leaders capitalize on the data from their endpoint security strategies, creating contextual intelligence that helps protect their most vulnerable threat surfaces. The following are key insights from the IDC study showing why endpoint security needs to be an integral part of any corporate-wide cybersecurity strategy:

  • 29.6% of all enterprises globally consider endpoint security to be a significant component of their overall cybersecurity strategy, with leaders 2X as likely to consider it a high priority. Close to half of all enterprises (49.4%) believe endpoint security can perform effectively as a secondary component. IDC found that the lesser the priority security leaders place on endpoint security, the more likely endpoints will fail. Instead of taking a strategic approach, organizations treat endpoint security as an isolated strategy, adding an average of 10 security agents per device according to Absolute’s 2019 Endpoint Security Trends Report. You can get a copy of the report here. Cybersecurity leaders realize that having a unified endpoint security strategy designed for persistence and resilience is far more effective than relying on an isolated one. The following findings from the IDC report illustrate how leaders view endpoint as integral to their cybersecurity strategies.
  • When enterprises are complacent about endpoint security, procurement standards become mediocre over time and leave digital businesses at greater risk. Followers lack security focus for everything other than desktops during procurement, for example. Though most enterprises include security requirements in procurement requests, those requirements are not specified equally for all endpoint device types, resulting in uneven security coverage and compliance risk.
  • Automated operating system image recoverability, detect and recover firmware integrity breaches, and enabling software monitoring from the hardware level are the three most in-demand endpoint security features for enterprises today. Leader enterprises have relied on persistent connections to every endpoint in a network to achieve greater resilience across their global networks. Absolute is working to change this relationship, allowing remote, disconnected endpoints to remain resilient, which reflects what leaders are looking for in terms of greater control and visibility for every threat surface or endpoint. Senior security leaders, including CISOs, are taking a more integrated approach to endpoint security by designing in persistence to the device level that thwarts breach attempts in real-time. Absolute is working to change this relationship, allowing remote, disconnected endpoints to remain resilient.
  • Enterprises who are cybersecurity leaders most value a device’s built-in security features when evaluating PCs, laptops, and mobile devices while followers value this feature least. 33% of enterprises who are leaders prioritize devices that have built-in security capabilities that immediately provide persistent connections across the network, enabling greater resiliency. The study also makes the point that endpoint security needs to be tamper-proof at the operating system level, yet be flexible enough to provide IT and cybersecurity teams with device visibility and access to modify protections. One of the leaders in this area, Absolute, has invented endpoint security technology that begins at the BIOS level. There are currently 500M devices that have their endpoint code embedded in them. The Absolute Platform is comprised of three products: Persistence, Intelligence, and Resilience—each building on the capabilities of the other. The following graphic from the IDC study illustrates the stark contrast between enterprises who are cybersecurity leaders versus followers when it comes to adopting build-in security capabilities to harden endpoints across their networks.

Conclusion

When 70% of all breaches originate at endpoints, despite enterprise IT spending more than ever in cybersecurity, it’s a clear sign that endpoint security needs to be an integral part of any cybersecurity strategy. On average, every endpoint has ten security agents installed, often leading to software conflicts and frequent endpoint encryption failures. Absolute’s latest study found that over 42% of endpoints experience encryption failures, leaving entire networks at risk from a breach. They’re most commonly disabled by users, malfunction, or have error conditions or have never been installed correctly in the first place. Absolute also found that endpoints often failed due to the fragile nature of their encryption agents’ configurations. 2% of encryption agents fail every week, and over half of all encryption failures occurred within two weeks, fueling a constant 8% rate of decay every 30 days. 100% of all devices experiencing encryption failures within one year. Multiple endpoint security solutions conflict with each other and create more opportunities for breaches than avert them. These are just a few of the many factors that make improving endpoint security a top goal all enterprises need to achieve in 2020.

5 Strategies Healthcare Providers Are Using To Secure Networks

5 Strategies Healthcare Providers Are Using To Secure Networks

  • Healthcare records are bestsellers on the Dark Web, ranging in price from $250 to over $1,000 per record.
  • The growing, profitable market for Protected Health Information (PHI) is attracting sophisticated cybercriminal syndicates, several of which are state-sponsored.
  •  Medical fraud is slower to detect and notify, unlike financial fraud (ex. stolen credit cards), contributing to its popularity with cybercriminals globally.
  • Cybercriminals prefer PHI data because it’s easy to sell and contains information that is harder to cancel or secure once stolen. Examples include insurance policy numbers, medical diagnoses, Social Security Numbers (SSNs), credit card, checking and savings account numbers.

These and many other insights into why healthcare provider networks are facing a cybersecurity crisis are from the recently declassified U.S. Department of Health & Human Services HC3 Intelligence Briefing Update Dark Web PHI (Protected Health Information) Marketplace presented April 11th of this year. You can download a copy of the slides here (PDF, 13 pp, no opt-in). The briefing provides a glimpse into how the dark web values the “freshness’ of healthcare data and the ease of obtaining elderly patient records, skewing stolen identities to children, and elderly patients. Protenus found that the single largest healthcare breach this year involves 20 million patent records stolen from a medical collections agency. The breach was discovered after the records were found for sale on the dark web. Please see their 2019 Mid-Year Breach Barometer Report (opt-in required) for an analysis of 240 of the reported 285 breach incidents affecting 31,611,235 patient records in the first six months of this year. Cybercriminals capitalize on medical records to drive one or more of the following strategies as defined by the HC3 Intelligence Briefing:

Stopping A Breach Can Avert A HIPAA Meltdown

To stay in business, healthcare providers need to stay in compliance with the Health Insurance Portability and Accountability Act of 1996 (HIPAA). HIPAA provides data privacy and security provisions for safeguarding medical information. Staying in compliance with HIPAA can be a challenge given how mobile healthcare provider workforces are, and the variety of mobile devices they use to complete tasks today. 33% of healthcare employees are working outside of the office at least once a week. And with government incentives for decentralized care expected to expand mobile workforces industry-wide, this figure is expected to increase significantly. Health & Human Services provides a Breach Portal that lists all cases under investigation today. The Portal reflects the severity of healthcare providers’ cybersecurity crisis. Over 39 million medical records have been compromised this year alone, according to HHS’ records from over 340 different healthcare providers. Factoring in the costs of HIPAA fines that can range from $25,000 to $15.M per year, it’s clear that healthcare providers need to have endpoint security on their roadmaps now to avert the high costs of HIPAA non-compliance fines.

Securing endpoints across their healthcare provider networks is one of the most challenging ongoing initiatives any Chief Information Security Officer (CISO) for a healthcare provider has today. 39% of healthcare security incidents are caused by stolen or misplaced endpoints. CISOs are balancing the need their workforces have for greater device agility with the need for stronger endpoint security. CISOs are solving this paradox by taking an adaptive approach to endpoint security that capitalizes on strong asset management. “Keeping machines up to date is an IT management job, but it’s a security outcome. Knowing what devices should be on my network is an IT management problem, but it has a security outcome. And knowing what’s going on and what processes are running and what are consuming network bandwidth is an IT management problem, but it’s a security outcome “, said Nicko van Someren, Ph.D. and Chief Technology Officer at Absolute Software.

5 Strategies for Healthcare Providers Are Using To Secure Networks

Thwarting breaches to protect patients’ valuable personal health information starts with an adaptive, strong endpoint strategy. The following are five proven strategies for protecting endpoints, assuring HIPAA compliance in the process:

  1. Implementing an adaptive IT asset management program delivers endpoint security at scale. Healthcare providers prioritizing IT asset management control and visibility can better protect every endpoint on their network. Advanced features including real-time asset management to locate and secure devices, geolocation fencing so devices can only be used in a specific area and device freeze options are very effective for securing endpoints. Healthcare providers are relying more and more on remote data delete as well. The purpose of this feature is to wipe lost or stolen devices within seconds.
  2.  Improve security and IT operations with faster discovery and remediation across all endpoints. Implement strategies that enable greater remediation and resilience of every endpoint. Healthcare providers are having success with this strategy, relying on IT asset management to scale remediation and resilience to every endpoint device. Absolute’s Persistence technology is a leader in this area by providing scalable, secure endpoint resiliency. Absolute also has a proven track record of providing self-healing endpoints extending their patented firmware-embedded Persistence technology that can self-heal applications on compatible endpoint devices.
  3. Design in HIPAA & HITECH compliance and reporting to each endpoint from the first pilot. Any endpoint security strategy needs to build in ongoing compliance checks and automated reports that are audit-ready. It also needs to be able to probe for violations across all endpoints. Advanced endpoint security platforms are capable of validating patient data integrity with self-healing endpoint security. All of these factors add up to reduce time to prepare audits with ongoing compliance checks across your endpoint population.
  4. A layered security strategy that includes real-time endpoint orchestration needs to anchor any healthcare network merger or acquisition, ensuring patient data continues to be protected. Private Equity (PE) firms continue acquiring providers to create healthcare networks that open up new markets. The best breach prevention, especially in merged or acquired healthcare networks, is a comprehensive layered defense strategy that spans endpoints and networks. If one of the layers fails, there are other layers in place to ensure your organization remains protected. Healthcare providers’ success with layered security models is predicated on how successful they are achieving endpoint resiliency. Absolute’s technology is embedded in the core of laptops and other devices at the factory. Once activated, it provides healthcare providers with a reliable two-way connection so they can manage mobility, investigate potential threats, and take action if a security incident occurs.
  5. Endpoint security needs to be tamper-proof at the operating system level on the device yet still provides IT and cybersecurity teams with device visibility and access to modify protections. Healthcare providers need an endpoint visibility and control platform that provides a persistent, self-healing connection between IT, security teams, and every device, whether it is active on the network or not. Every identity is a new security perimeter. Healthcare providers’ endpoint platforms need to be able to secure all devices across different platforms, automate endpoint hygiene, speed incident detection, remediation, and reduce IT asset loss by being able to self-diagnose and repair endpoint devices on real-time.

What’s New In Gartner’s Hype Cycle For CRM, 2019

  • Worldwide enterprise application software revenue totaled more than $193.6B in 2018, a 12.5% increase from 2017. CRM made up nearly 25% of the entire enterprise software revenue market.
  • 72.9% of CRM spending was on software as a service (SaaS) in 2018, which is expected to grow to 75% of total CRM software spending in 2019.
  • Worldwide spending on customer experience and relationship management (CRM) software grew 15.6%, from $41.7B in 2017 to $48.2B in 2018, and is projected to reach $55.2B in 2019.
  • Salesforce dominated the worldwide CRM market with a 19.5% market share in 2018, over double its nearest rival, SAP, at 8.3% share, according to Gartner’s market share estimates.
  • CRM revenue in 2018 is comprised of software and services revenue from Customer Service and Support (35.7%), Sales (25.9%), Marketing (25.4%), and Digital Commerce (13%). These four categories together comprise the customer experience and relationship management market, according to Gartner.

New technologies are proliferating across the CRM landscape, driven by the need every business has to understand, communicate, serve, and strengthen customer relationships. Gartner’s decision to create its first-ever Hype Cycle for CRM Sales Technology, 2019, reflects the widening spectrum of new technologies being introduced to improve sales effectiveness while improving operational efficiency. Gartner’s Hype Cycle for CRM Sales Technology, 2019 is based on an update to their Hype Cycle for CRM Sales, 2018.  Gartner’s definition of Hype Cycles includes five phases of a technology’s lifecycle and is explained here.  The Gartner Hype Cycle for CRM, 2019, is shown below:

Details Of What’s New In Gartner’s Hype Cycle For CRM, 2019

  • Four new technologies are on the Hype Cycle for CRM, reflecting enterprises’ need for greater integration of diverse systems and the demand for more predictive and prescriptive analytics-based insights. The four technologies include the following:
    • Blockchain for lead generation. Gartner sees the potential for blockchain to provide a decentralized peer-to-peer network model that supports exchanging data to the highest bidders using smart contracts. Gartner predicts this approach reduces or in some cases eliminates the need for a centralized authority such as a data intelligence solution. It also allows for a new ecosystem of managing, sharing and monetizing data for revenue-generating purposes.
    • Knowledge graphs for sales. The ability to build an AI-enabled knowledge model of real-world entities and their relationships to one another, expressed in a data schema, shows potential to increase sales effectiveness. Gartner predicts this emerging technology provides organizations with the ability to create data-driven sales organizations using graphs arranged in a network of nodes rather than in tables of rows and columns. The significance is the ability to correlate sales activities and benchmark against performance metrics in a more digestible and insightful way, which is often too complex for human analysis.
    • Digital adoption solutions. Gartner sees potential in this technology to improve the adoption of multiple tools across a selling and marketing organization. Digital adoption solutions enable sellers to onboard more quickly and improve productivity.
    • Relationship intelligence. By relying on machine learning, sales organizations can map out their universe of network connections, both internal and external, to identify potential avenues of engagement with any prospect or client. Gartner sees this as useful in its ability to provide warm introductions or even referrals for revenue-generating activities while reducing sales cycles.
  • Gartner predicts the following five technologies will deliver the most significant transformational benefits to selling organizations in 2 years or less. The five most transformation technologies in the near term are the following according to Gartner:
    • CPQ Application Suites
    • Digital Content Management for Sales
    • Lead Management
    • Partner Relationship Management (PRM)
    • Price Optimization and Management for B2B
  • The following CRM technologies have gained wide usage and adoption in the last year, as reflected by their position on this year’s Hype Cycle. Data intelligence solutions for sales, CPQ application suites, digital content management for sales, and sales KPI analytics are among the most adopted mature technologies on the hype cycle today.
  • Visual configurators have moved at a much faster pace to mainstream adoption along the Hype Cycle this year. Gartner credits visual configurators’ rapid adoption rate to how the majority of them are now embedded or easily integrated with configure, price, quote (CPQ) applications, or in digital commerce sites. State-of-the-art visual configurator are enabling engineering, production, and sales to become real-time collaborators in creating new products. For additional insights into visual configurators, please see How To Make Complex CPQ Selling Simple With Visual Configurators published earlier this week.
  • Algorithmic guided selling is now listed as obsolete. Gartner has re-assigned this technology as it’s now an embedded core capability in many CPQ and sales force automation (SFA) applications. By doing this, Gartner is saying it is doubtful algorithmic guided selling applications will be sold stand-alone in the future.
  • Social for sales and predictive B2B marketing analytics are off the CRM Hype Cycle. Gartner has chosen to merge them into the data intelligence solutions for sales market. Social for sales is more of a process, not a technology market. The majority of social for sales-based strategies are executed over social networks that have the audience and scale to make them succeed, with LinkedIn being an example. Gartner believes the predictive B2B marketing analytics vendor landscape has shrunk and is not a viable market long term, as they have seen inquiries regarding market share in this area steadily drop in this area since 2016.
  • Gartner is seeing two main drivers of investment and innovation in CRM in 2019 and beyond. The first is digital optimization or a process and program of using digital technology to maximize existing operating processes and business models. The second is predictive/prescriptive-enabled technology or technology using capabilities such as machine learning that provides predictive signals and prescriptive “next best action” recommendations. Please see their research note, 4 Key Insights from the Gartner Hype Cycle for CRM Sales Technology, 2019, for additional details.

Sources:

4 Key Insights From the Gartner Hype Cycle for CRM Sales Technology, 2019, published October 2, 2019

Hype Cycle for CRM Sales Technology 2019, July 10, 2019 (Client access required)

Scaling Cloud Services Is Key To Growing A Digital Business

  • 93% of enterprises are securing remote locations with a centralized approach that rarely scales to secure every endpoint and identity of remote branch locations, leaving an enterprise more vulnerable to a breach.
  • Enabling network security is the greatest challenge enterprises face when managing a highly distributed network with numerous remote locations.
  • In an era of cloud-first networks, 9 out of 10 companies are still relying on centrally managed networks that don’t scale for remote system users, creating productivity bottlenecks.
  • 75% of enterprises experience branch and remote location network interruptions several times a year or more frequently, costing an organization thousands of dollars an hour in lost productivity.

The challenges of scaling cloud services to grow a digital business are many and are well-explained in the recent research report, Remote Office Networks Pose Business and Reliability Risk A Survey of IT Professionals (27 pp., PDF, no opt-in), published on August 2019 by Dimensional Research in collaboration with Infoblox. This report provides valuable insights into why scaling cloud services is essential for growing a digital business. The study’s findings reflect how remote branch and production locations’ lack of IT security and site personnel are one of the most challenging constraints to overcome and keep growing their business. Please see page 22 of the study for specifics on the methodology.

99% or nearly all enterprises with distributed operations suffer adverse business impacts from network interruptions. Of the many causes of network disruption, one of the most common is not directing traffic to the closest point of entry into cloud platforms. Taking a software-based approach to wide-area networking (SDWAN) is proving effective in improving cloud-based application performance, including Microsoft Office 365 cloud-based application performance. The report shows how SD-WAN is replacing outdated centralized IT models that lack the scale to flex and support new digital business models.

Key insights from the research report include the following:

  • Enterprises realize the model of relying on centralized IT security isn’t scaling to support and protect the proliferation of user devices with internet access, leaving branch offices less secure than ever before. Every IT architect, IT Director, or CIO needs to consider how taking an SDWAN-based approach to network management reduces the risk of a breach and data exfiltration. 93% of enterprises are securing remote locations with a centralized approach that rarely scales to secure every endpoint and identity of remote branch locations, leaving an enterprise more vulnerable to a breach. Enterprises are upgrading their core network services, including DNS, DHCP, and IP address management, on cloud-based DDI platforms to bring greater security scale and reliability across their enterprise networks. Enterprises are also devising Zero Trust Security (ZTS) frameworks to secure every network, cloud, and on-premise platform, operating system, and application across their branch offices. Chase Cunningham of Forrester, Principal Analyst, is the leading authority on Zero Trust Security, and his recent video, Zero Trust in Action, is worth watching to learn more about how enterprises can secure their IT infrastructures. You can find his blog here.

  • 75% or the majority of an enterprises’ branch offices experience network interruptions several times a year, with 49% of them requiring three or more hours to resolve remote office network outages. Enterprises continue to pay a very high price in lost productivity due to network interruptions and the time it takes to troubleshoot them and get a branch or remote location back online. Enterprises are upgrading their core network services, including DNS, DHCP, and IP address management, on cloud-based DDI platforms to bring greater scale and reliability across their enterprise networks. Cloud-based DDI platforms enable enterprises to manage networking for hundreds to thousands of remote sites with unprecedented cost-efficiency.

  • Relying on centralized IT creates many challenges and security threats for remote offices, with the most costly not having IT staff at remote sites. Network security at remote locations is the greatest challenge enterprises face when managing a highly distributed network with numerous remote locations. A contributing factor to security being the leading challenge of managing a highly distributed network is the lack of IT employees at remote branches. 65% of enterprises are routinely sending IT employees to remote branches to resolve networking issues alone. Travel costs combined with lost productivity from having to send IT technicians out for a week or longer to solve network performance issues is another reason why enterprises are adopting cloud-based DDI platforms.

  • Enterprises are adopting cloud-based DDI platforms that enable enterprises to simplify the management of highly distributed remote networks as well as to optimize the network performance of cloud-based applications. Dimensional Research’s study reflects how enterprises are meeting the challenge of increasingly complex, distributed networks that have a proliferating number of remote locations and endpoints. The majority of enterprises, 71%, are looking to integrate core network services, DNS, DHCP, and IP address management, into a single cloud-based DDI platform. The problem is, conventional DDI solutions for branch locations are too slow or complicated for a cloud-first world. The following graphic from the study shows what motivating enterprises to adopt SD-WAN today is.

How To Make Complex CPQ Selling Simple With Visual Configurators

Bottom Line: Realizing visual configurators’ full potential starts by enabling engineering, production, and sales to become real-time collaborators in creating new products.

2D, 3D, Augmented Reality (AR), Mixed Reality (MR), and Virtual Reality (VR) visual configurators are proliferating across the Configure, Price, and Quote (CPQ) landscape today. Manufacturing marketing teams say they are the most effective lead generation technology they have, responsible for 40%+ growth in Marketing Qualified Leads (MQLs) this year alone. Sales VPs and Chief Revenue Officers (CROs) are seeing from 9% to 30% improvements in deal close rates and over 90% increases in quote accuracy. Visual configurators deliver shock-and-awe to prospects and drive more leads and deals.

Product Models Need To Scale, Driving Greater Collaboration

The good test of any product configurator is whether it can scale from assemble-to-order (ATO) to Engineer-To-Order (ETO) while enabling real-time collaboration between engineering, production, and sales. A given products’ many attributes and options defined by engineering in their PLM system need to be consistent with manufacturing’s work instructions and Bill of Materials (BOM) in their ERP system. And the visual configurator sales & marketing is using needs to reflect, in real-time, what engineering defined in PLM and what manufacturing’s ERP system can build. Product models serve as the master data that enables real-time collaboration between engineering, manufacturing, and sales.

Visual configurators need to push beyond the veneer of delivering shock-and-awe and enable real-time collaboration between PLM, ERP, and CRM & CPQ systems to achieve their full potential. Visual configuration providers need to pursue the goal of enabling engineering, manufacturing, and sales to be collaborators in creating accurate products and challenge themselves to deliver the following:

  • Improve sales performance while increasing margin per deal by providing only the options that are the most buildable at the lowest cost.
  • Eliminate disconnects between what engineering designed and what manufacturing can produce leads to more sales at higher gross margins.
  • Close product configuration gaps and improving fulfillment speed and product quality, creating greater customer loyalty and follow-on sales.
  • Automatically propagate product and design changes across all functional areas to accelerate new products to market while improving product quality.
  • Real-time fine-tuning of new product features to the model level that specific customers want becomes possible when engineering, manufacturing, and sales are collaborating in real-time.
  • Update work instructions and BOMs in real-time based on changes customers make in product visualizations.
  • Improve the balance of revenue across configurable products to sell higher-margin models based on real-time collaboration between PLM, ERP, CRM, and CPQ systems.
  • See in real-time how changes in product design, Bill of Materials (BOM), and delivery dates impact the financial performance of a manufacturer.

Predicting Visual Configuration’s Future

Shortening cycle times from product concept to completed product is the secret to succeeding with visual configuration. And when each manufacturing cycle time has its cadence or speed depending on how little or much a customer wants a product customized, visual configurators need to flex and deliver what customers want when.

Companies defining the future of visual configuration today include CDSDERWID, and SAP Visual Enterprise. These three companies are defining the future of visual configuration by enabling real-time integration between PLM, ERP, CRM, and CPQ systems.  I recently spoke with John Major, CEO of CDS to get his insights into what’s driving visual configuration’s success today.  “What we’re seeing in the marketplace now are two things. One is the clients want to understand how our visual configuration solution is going to fit into their change management as it’s rooted in PLM, because to any manufacturer, PLM reigns supreme,” he said. He continued, “The second is about staffing. When you’re a manufacturing company, and you buy a visual configurator toolkit that requires you to create your app, a few things happen. You need to staff up a software team to now run that toolkit and write development. So your long-term cost is fairly significant versus a company that can deliver an entire solution at scale.” 

CDS is partnering with eLogic, who is regarded as the leading system integration partner in CPQ and product configuration and is considered a global leader in delivering business solutions for manufacturers across SAP configuration technologies and Microsoft Dynamics 365, Power Platform & Azure. Together they are delivering next-generation visual configuration solutions for their shared clients. Examples of the work they are doing are shown below:

  • Real-time model updates keep engineering, manufacturing, and sales in sync. When customers are designing a new product in a CPQ session, the model is updated in real-time and saved, so engineering, manufacturing, and sales can see how their changes affect the product. An example of this is shown below:

  • When the product is configured “to scale,” 2D proposal drawings are automatically generated, and the product model is updated in real-time, making augmented reality visualizations possible. 3D models are also made available in a variety of CAD formats. Additionally, an Augmented Reality model is created that can be placed in any virtual environment. What’s noteworthy is that while the model’s appearance is changing, all relevant changes to the work instructions and BOM are happening in real-time using the SAP Visual Enterprise

  • When product models are the catalyst enabling real-time collaboration between engineering, manufacturing, and sales, selling into the aftermarket becomes profitable. Aftermarket selling has a complexity all its own. Taking on the challenge of shortening cycle times from product concept to completed products in the market is what’s needed today. The example below shows a piece of equipment selected in CPQ, then rotated, zoomed in, and exploded to see the internal components. Internal parts can now be selected, quoted, ordered and delivered for replacement.

Conclusion

Visual configurators are capable of so much more than they are delivering today. It’s time to graduate beyond the shock-and-awe stage, which has been very successful in driving leads, generating MQLs, and closing deals. It’s time to get down to the hard work of making all those impressive models buildable at scale and profitable. And that comes by doubling down efforts at shortening cycle times from product concept to completed product. That’s the true north of this market and the secret to succeeding. Getting engineering, manufacturing, and sales collaborating using product models as a single source of truth is the best place to start.

How To Improve Your CPQ Pricing Strategies

Manufacturers can get more than their fair share of channel sales and margins by improving price management for every dealer, distributor, and reseller they sell-through. It’s possible to expand earnings by 50% on slight increases in volume when pricing is consistent channel-wide. McKinsey’s latest research on the topic, Pricing: Distributors’ Most Powerful Value-Creation Lever, shows how the highest performing distributors use pricing to create value. For manufacturers competing for more sales through distributors, they share with competitors, improving their channel partners’ margins is the single best strategy to win more sales and long-term loyalty.

  • A 1% price increase yields a 22% increase in Earnings before Interest & Taxes (EBITDA) margins for distribution-based businesses.
  • It would take a 7.5% reduction in fixed costs to achieve the same 22% increase in EBITDA that a 1% increase in pricing achieves.
  • A distribution-based business would need to increase volume by 5.9% while holding operating expenses flat to achieve the same impact as a 1% price increase.
  • Channel partners are more loyal to margin than manufacturers, which is why price management needs urgent attention on CPQ roadmaps.

CPQ Strategies Need To Deliver More Margin Back To The Channel

The typical manufacturer who has over $100M in sales generates 40% or more of their sales through indirect channels. The channel partners they recruit and sell through are also reselling 12 other competitive products on average. Which factors most influence a distributor or channel partner’s decision to steer a sale to one manufacturer versus another?  The following are the steps manufacturers can take now to improve price management and drive more channel sales:

  • Upgrade the pricing module in CPQ to deliver more than configurable price lists to include pricing waterfalls, automated approval levels for pricing requests, and discounts. Distributors drive more deals to manufacturers whose CPQ systems are designed to give them greater freedom in tailoring pricing to every customer and selling situation they have. Automating approval levels using machine learning-based supervised algorithms that serve as pricing guardrails on every quote a channel partner creates is proving effective at delivering a 1% price increase which drives margin back to resellers. The more a manufacturer can make margins flow back to its channel partners, the faster the channel partners can grow. The following graphic from McKinsey’s latest pricing research illustrates why.

  • Distributors will drive more deals to manufacturers who automate pricing approvals, guiding their sales teams to the largest and most profitable deals first. One of the best ways to compete and win more deals through channel partners is to achieve the ambitious goal of delivering pricing approval within seconds on a 24/7 basis. Pricing needs to provide guardrails that guide channel sales reps to the largest, most profitable, and most ready-to-buy new and aftermarket sales opportunities. Manufacturers capturing more channel sales are relying on machine learning-based pricing systems that optimize price approvals while recommending only those new and aftermarket deals that will drive a 1% or greater price increase. Machine learning is making solid contributions to automating pricing approvals. It’s proving most effective when it is balanced with the flexibility of responding to subjective competitive situations where pricing on specific products need discounts to win deals in aggregate. The following workflows from Deloitte explain how this is being accomplished today:

  • Helping distributors solve sales compensation problems by improving price management drives more deals in the short-term and keep distributors in business long-term. Distributors start out building their sales comp plans on volume and growth alone. The problem is comp plans reward revenue growth at the expense of profits. That’s making it harder every year for distributors to stay in business. Manufacturers delivering new pricing management and optimization apps in their CPQ platforms need to provide real-time guidance on margin potential by the deal, pricing waterfall logic that includes margins, contract pricing overrides for margins and more if they are going to help their distributors stay in business.

Conclusion – Pricing Is the Engine Powering CPQ’s Market Growth Today

Manufacturers who excel at growing indirect product and services revenue through channels realize that every one of their channel partners is more loyal to pricing and margins than any specific vendor they resell. Providing a CPQ application or platform they can personalize, and automate workflows is just the beginning. The bottom line is that manufacturers need to put more intensity into improving pricing today if they’re going to hold onto the distributors they have and attract new ones.

Pricing is the primary catalyst driving the CPQ market’s growth as well. According to Gartner, the CPQ grew 36% in 2017, reaching $1.084B with the majority of growth attributable to cloud-based solutions. It’s no wonder CPQ is considered one of the hottest CRM technologies for the foreseeable future, projected to grow at a 25% Compound Annual Growth Rate (CAGR) through 2020. Supervised machine learning algorithms capable of providing guardrails in real-time for every potential deal a reseller sales representative has is what’s needed to protect a distributor’s margins. Winning more deals with channel partners starts by respecting how vital margins are to their success and improving pricing management as part of a broader CPQ strategy that delivers results.

Sources:

Configure, Price, and Quote (CPQ) Capabilities: Why the right CPQ capability is key to transitioning to a flexible consumption model, 8 pp., PDF, no opt-in, Deloitte, 2019.

Pricing: Distributors’ Most Powerful Value-Creation Lever, McKinsey & Company, September 2019.

It’s Time To Solve K-12’s Cybersecurity Crisis

It's Time To Solve K-12's Cybersecurity Crisis

  • There were a record 160 publicly-disclosed security incidents in K-12 during the summer months of 2019, exceeding the total number of incidents reported in all of 2018 by 30%.
  • 47% of K-12 organizations are making cybersecurity their primary investment, yet 74% do not use encryption.
  • 93% of K-12 organizations rely on native client/patch management tools that have a 56% failure rate, with 9% of client/patch management failures never recovered.

These and many other fascinating insights are from Absolute’s new research report, Cybersecurity and Education: The State of the Digital District in 2020​, focused on the state of security, staff and student safety, and endpoint device health in K-12 organizations. The study’s findings reflect the crisis the education sector is facing as they grapple with high levels of risk exposure – driven in large part by complex IT environments and a digitally savvy student population – that have made them a prime target for cybercriminals and ransomware attackers. The methodology is based on data from 3.2M devices containing Absolute’s endpoint visibility and control platform, active in 1,200 K-12 organizations in North America (U.S. and Canada). Please see the full report for complete details on the methodology.

Here’ the backdrop:

  • K-12 cybersecurity incidents are skyrocketing, with over 700 reported since 2016 with 160 occurring during the summer of 2019 alone. Educational IT leaders face the challenge of securing increasingly complex IT environments while providing access to a digitally savvy student population capable of bypassing security controls. Schools are now the second-largest pool of ransomware victims, just behind local governments and followed by healthcare organizations. As of today, 49 school districts have been hit by ransomware attacks so far this year.

“Today’s educational IT leaders have been tasked with a remarkable feat: adopting and deploying modern learning platforms, while also ensuring student safety and privacy, and demonstrating ROI on security and technology investments,” said Christy Wyatt, CEO of Absolute.

Research from Absolute found:

K-12 IT leaders are now responsible for collectively managing more than 250 unique OS versions, and 93% are managing up to five versions of common applications. The following key insights from the study reflect how severe K-12’s cybersecurity crisis is today:

  • Digital technologies’ rapid proliferation across school districts has turned into a growth catalyst for K-12’s cybersecurity crisis. 94% of school districts have high-speed internet, and 82% provide students with school-funded devices through one-to-one and similar initiatives. Absolute found that funding for educational technology has increased by 62% in the last three years. The Digital Equity Act goes into effect this year, committing additional federal dollars to bring even more technology to the classroom. K-12 IT leaders face the daunting challenge of having to secure on average 11 device types, 258 unique operating systems versions and over 6,400 unique Chrome OS extensions and more, reflecting the broad scale of today’s K-12 cybersecurity crisis. Google Chromebooks dominate the K-12 device landscape. The following graphic illustrates how rapidly digital technologies are proliferating in K-12 organizations:

  • 42% of K-12 organizations have staff and students regularly bypass security endpoint controls using web proxies and rogue VPN apps, inadvertently creating gateways for malicious outsiders to breach their schools’ networks. Absolute found that there are on average 10.6 devices with web proxy/rogue VPN apps per school and 319 unique web proxy/rogue VPN apps in use today, including “Hide My Ass” and “IP Vanish.”  Many of the rogue VPN apps originate in China, and all of them are designed to evade web filtering and other content controls. With an average of 10.6 devices per school harboring web proxies and rogue VPN apps, schools are also at risk of non-compliance with the Children’s Internet Protection Act (CIPA).

  • While 68% of education IT leaders say that cybersecurity is their top priority, 53% rely on client/patch management tools that are proving ineffective in securing their proliferating IT infrastructures. K-12 IT leaders are relying on client/patch management tools to secure the rapidly proliferating number of devices, operating systems, Chrome extensions, educational apps, and unique application versions. Client/patch management agents fail 56% of the time, however, and 9% never recover. There are on average, nine daily encryption agents’ failures, 44% of which never recover. The cybersecurity strategy of relying on native client/patch management isn’t working, leading to funds being wasted on K-12 security controls that don’t scale:

“Wyatt continued, this is not something that can be achieved by simply spending more money… especially when that money comes from public funds. The questions they each need to be asking are if they have the right foundational security measures in place, and whether the controls they have already invested in are working properly. Without key foundational elements of a strong and resilient security approach in place – things like visibility and control, it becomes nearly impossible to protect your students, your data, and your investments.”

  • Providing greater device visibility and endpoint security controls while enabling applications and devices to be more resilient is a solid first step to solving the K-12 cybersecurity crisis. Thwarting the many breach and ransomware attacks K-12 organizations receive every day needs to start by considering every device as part of the network perimeter. Securing K-12 IT networks to the device level delivers asset management and security visibility that native client/patch management tools lack. Having visibility to the device level also gives K-12 IT administrators and educators insights into how they can tailor learning programs for broader adoption. The greater the visibility, the greater the control. K-12 IT administrators can ensure internet safety policies are being adhered to while setting controls to be alerted of suspicious activity or non-compliant devices, including rogue VPNs or stolen devices. Absolute’s Persistence platform provides a persistent connection to each endpoint in a K-12’s one-to-one program, repairing or replacing critical apps that have been disabled or removed.

You can download the full Absolute report here.

%d bloggers like this: