The Autonomous Endpoint Management Manifesto

Episode 10   Published October 3, 20248 minute watch

All right, hello and welcome back to the Hands-On IT podcast. As always, I'm your host, Landon Miles. For those of you who are new to the podcast, I'm a Technical Marketing Manager here at Automox. And I've always been passionate about technology and especially figuring out creative ways to solve problems using technology. That's a big part of what we do here at Automox and it's something that we also talk a lot about on this podcast. One of the things that I'm most passionate about is the AEM manifesto.

The Autonomous Endpoint Management Manifesto, which outlines a new way forward for IT. Now, full disclosure, I was one of the writers on the AEM Manifesto, so I might be a little bit biased, but trust me, this is something that should have every IT professional fired up. So what is AEM all about? At its core, it's moving away from old, clunky manual ways of doing endpoint management and embracing a more modern, proactive, and well,

autonomous approach. We're talking automation, proactive security, and most importantly, collaboration, especially between ITOps and SecOps. In this month at Automox, we're discussing how great security begins with great IT. In my opinion, it's the perfect time to introduce the AEM Manifesto.

Today's podcast is part of Automox's Autonomous IT Podcast Network. Join us every Tuesday and Thursday for all things IT, automation, and cybersecurity.

Now, before we go any further, let's talk about why this collaboration between ITOps and SecOps is so important. I've seen firsthand both in my own career and working with customers here at Automox, how siloed teams can really make life difficult for everyone. Think of it like building a house. You've got your architects, your framers, your electricians, your plumbers, all these different teams. The work they do is all very different, but imagine if all of them worked in complete isolation, never talking to each other.

You'd end up with a house where the plumbing doesn't line up with the sinks, the electrical outlets are in all the wrong spots, and the roof might fall in. That's what happens when ITOps and SecOps don't work together. You get slow patch and remediation cycles because the teams responsible for implementing patches aren't communicating effectively with the teams responsible for identifying vulnerabilities. You get misaligned solutions because each team is laser focused on their own priorities, often implementing tools and or processes that conflict with each other.

And perhaps most importantly, you end up with an increased cybersecurity risk because all of these factors combined create a larger attack surface for bad actors to exploit. So let's dive into the AEM Manifesto. Why is it important? And how does the AEM Manifesto help us bridge this divide? It all comes down to the three core principles of the Manifesto, automate, secure, and harmonize. So first up, let's look at automate. Now, when we talk about automation in terms of

In the context of AEM, we're not talking about automating everything blindly. It's about intentional automation, about identifying those repetitive, time-consuming tasks that are best suited for automation, and then using automation to free up IT professionals to focus on more strategic initiatives. This not only improves efficiency and consistency, but also reduces the potential for human error. And so win-win for both ITOps and SecOps.

And though we want to enable automation to make our lives better, we still want to make sure that there are some checks and balances in place to test our automations and guarantee the right outcomes. Next up is secure, which is defined in the AEM manifesto as adopting a proactive security posture. Now this is a really big one. For too long, IT has been stuck in kind of a reactive mode, constantly playing catch up the latest threats, but by applying the principles of AEM, you're shifting your focus to prevention.

Think about something like Patch Tuesday. Instead of scrambling to deploy patches after a vulnerability has been announced and potentially exploited, a proactive approach means you have systems in place to automatically deploy those patches as soon as they're available. It's about getting ahead of the curve and closing security gaps before they can be exploited. So, it's kind of like this. I have two kids, and when they were a little bit younger, they would get very excited every time we'd go swimming.

And taking the two minutes to put on sunscreen was the last thing that they wanted to do. But take the two minutes and apply sunscreen today so you can play out on the beach tomorrow. An ounce of prevention is worth a pound of cure. And finally, we have harmonize. This principle is all about breaking down those data silos that can prevent ITOps and SecOps from working together effectively. When teams have different tools, different data sets and different ways of looking at the world,

It's no wonder they struggle to collaborate. The AEM Manifesto advocates for data harmony, for creating a single source of truth that both ITOps and SecOps can use to make informed decisions and form a unified front. This means implementing tools that promote transparency, collaboration, and a shared understanding of the IT environment. When ITOps and SecOps are on the same page working together to design and implement secure systems and processes, your teams are able to operate in an efficient

harmony. Your organization is more secure because of the tight communication and the proper distribution of tasks.

If you're an organization where there is a silo between the two departments, you've got to be the change. Make a new friend in the SecOps department and invite them to collaborate. Once one bond is sealed, others from both departments will naturally line up to work better together. Okay, so how can organizations start to put these principles into practice? Well, here are a few actionable steps. So number one,

Foster a culture of collaboration. This starts at the top with leadership buy-in. Encourage open communication, regular cross-team meetings, and a shared understanding that security is everyone's responsibility. Second, invest in cross-team training. Help ITOps understand the security implications of their work and help SecOps understand the operational constraints that the ITOps teams face. Third,

is establish shared metrics. Don't just measure ITOps metrics and SecOps metrics separately. Instead, focus on shared goals, such as mean time to remediation, the number of unpatched vulnerabilities, or even user satisfaction with IT services. And finally, embrace automation. Research and select tools that will help both ITOps and SecOps work more efficiently and effectively. And remember, start with small, manageable automation projects and build on from there.

So the AEM Manifesto isn't just a document, it's a call to action for a new era of endpoint management. One where ITOps and SecOps teams work together seamlessly to create a more secure and efficient IT environment. It's also not a product. The AEM Manifesto is a set of principles that can be applied to almost any endpoint management solution. By embracing the principles of automation, proactive security, and data harmonization,

Organizations can overcome the challenges of unchecked complexity and unlock the full potential of their IT teams. And as always, I'd love to hear your thoughts. What are your biggest challenges when it comes to ITOps and SecOps collaboration? And how are you using automation to improve your security posture? Connect with me on LinkedIn, follow Automox on LinkedIn, or join the conversation in the Automox community. And if you haven't already, be sure to subscribe to our YouTube page and the Autonomous IT podcast so you never miss an episode.

We'll have links to all of those below and also the AEM Manifesto. So thanks for listening and my charge to you for this episode is to go and explore the AEM Manifesto. You can find it at AEM-Manifesto.org See if any of those steps jump out to you as easy to employ in your endpoint management strategy.

Thanks for tuning in to today's Autonomous IT podcast. Join us every Tuesday and Thursday for new episodes.