Close this search box.
Close this search box.

Why Edge Intelligence is a valuable ally in risk management

The importance of gaining real-time insights

You cannot manage what you do not know.

Building on this principle, IT teams struggle with the challenges of device discovery and inventory in an ever-expanding perimeter where personal devices have become part of everyday work.

The tools used, from simple spreadsheets to the most advanced discovery tools capable of tracking all IT assets that connect to the corporate network, share one key element: they are snapshots of the state of devices that "fade" almost immediately.

The data that return to us are tied to a concept of historicity that does not evolve dynamically like the environment they photograph. In fact, the desire to keep one's computers protected and up-to-date collides with the growing number of vulnerabilities affecting operating systems and applications.

A NIST report recorded more than 18,000 in 2020, of which more than 10,000 are classified as serious or very serious...Based on this data, we can hypothesize 50 new vulnerabilities per day that can be exploited, and the available reports are already late compared to their appearance.

In fact, most of the reports provided are weekly, and it is not always possible to relate all the "security threats", application updates, and critical conditions detected on the device to all the new threats coming from outside. This is because a concept of real-time monitoring is missing.

Edge Intelligence: real-time queries

IT teams have a twofold need: a managerial need for a 360-degree view and control of managed (and unmanaged) devices, and a more operational need, intervening at the perimeter of managed devices with security updates.

The management of new machines is tied to the information base used of which managers must be well aware in order to effectively manage risk. This is where Edge Intelligence technologies come into play: they leverage modern IT infrastructure to transform edge computing activities and data into usable insights.

The Edge, in fact, is where people, devices, and IoT connect to the perimeter of the network. Using Edge Intelligence gives IT teams the ability to query the status of all devices in real time by harnessing the power of AI that aggregates and collects insights into easily usable formats.

The added advantage compared to inventories and discovery activities is precisely its dynamic nature: it provides immediate, intuitive and easily actionable information. It becomes the magic box to query, as if it were a search engine, to:

  • know the total number of protected and updated devices so that appropriate assessments can be made at the decision-making table, even in collaboration with dedicated security teams
  • act on the "real" perimeter (not the one recorded on paper!) with immediate interventions

Data to support risk management

Edge intelligence technologies such as Ivanti Neurons, our partner Ivanti's UEM platform, in fact, can provide us with valuable data to support endpoint protection activities in the perimeter environment.

Through an information-aggregating dashboard that can be queried in natural language using NLP algorithms, managers can see at a glance the trends that affect machines: knowing how many devices present security risks, what are the reasons and what is the context (their location, for example).

The sensor-based architecture detects applied safety conditions, from:

  • risk mitigation systems, letting you know which devices are not protected by antivirus or firewalls or where Bitlocker breaches have occurred;
  • security updates, with immediate feedback on devices that have not yet been affected by the release of the latest available patch or have applications that have not been updated to the latest version;
  • security threats, such as the presence of open network ports, risky TLS connections, crashed disk with the danger of exposure of encrypted data, or unverified trust relationships;
  • external intrusions, with identification of outliers such as high numbers of working sessions or failed logons. If the volumes are excessive, the cause may be related to intrusive scripts or bots.

If we relate the Edge Intelligence data to systems that classify risk severity to prioritize interventions and correct vulnerabilities in an automated manner, operations are also aligned with the managerial view of risk and affect all machines, even those not managed util that moment.

We will explore this topic in our webinar "Let's Prioritize Risk" (in italian language only) scheduled for October. 27th at 2:30 p.m., where we will provide knowledge and tools to manage risk related to vulnerabilities.

                                                               JOIN THE WEBINAR

02-s pattern02

Would you like to get information about your devices in real time?