| HN Mirror

Y	Hacker News new \| ask \| show \| jobs


	by bri3d 882 days ago
	This is really normal for most small companies with good security posture, honestly. The company will pick one platform where endpoint management is functional, and require it. Code and secrets can't live on machines without endpoint management. If the productivity/hiring/morale hit from requiring one platform becomes too great, then they'll get IT to figure out how to manage other kinds of endpoints. But in a small company, trying to manage disparate endpoints across multiple OSes is hard and expensive, but allowing corporate secrets on unmanaged endpoints is also a bad idea. So, this is the trade-off.

1 comments

TheRealDunkirk 882 days ago

> This is really normal for most small companies with good security posture, honestly. The company will pick one platform where endpoint management is functional, and require it. Code and secrets can't live on machines without endpoint management.

What is "endpoint management," in layman's terms? My corporate laptop has 2 different "endpoint manager" applications running (and about 30 scripts that run in task manager). What are these things doing for them?

link

skywhopper 882 days ago

Endpoint management are backdoors that allow IT to monitor every file on disk, every network connection opened, every program run, and every action taken on a company-owned workstation, as well as allowing full control over the system including installing and removing programs; creating, editing, and deleting files; viewing what's happening on the screen; and shutting things down entirely if desired.

link

dijit 882 days ago

Piecemeal response, but endpoint managers are really there to ensure:

1) That the device is compliant with whatever security standards (AV is running, no weird user accounts that are admins etc;)

2) That if the machine is lost || fails to check in: it is wiped.

3) That if security standards change; those changes can be rolled out.

4) That activity on the device is somewhat logged, not to great extent but: Login Events (and what factor was used), if Admin elevation was called; if a strange executable was executed. etc; These logs are only useful in certain circumstances and I've never seen anyone actually use them outside of arbitration.

link

res0nat0r 882 days ago

I believe just this: https://en.wikipedia.org/wiki/Endpoint_security

link

dilyevsky 882 days ago

Rebranded antivirus + corporate compliance spyware

link